1 diff -NurpP --minimal linux-2.6.25/arch/alpha/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/alpha/Kconfig
2 --- linux-2.6.25/arch/alpha/Kconfig 2008-04-17 12:05:26.000000000 -0400
3 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/Kconfig 2008-04-19 15:14:51.000000000 -0400
4 @@ -671,6 +671,8 @@ config DUMMY_CONSOLE
8 +source "kernel/vserver/Kconfig"
10 source "security/Kconfig"
12 source "crypto/Kconfig"
13 diff -NurpP --minimal linux-2.6.25/arch/alpha/kernel/entry.S linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/entry.S
14 --- linux-2.6.25/arch/alpha/kernel/entry.S 2008-04-17 11:31:21.000000000 -0400
15 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/entry.S 2008-04-21 11:09:01.000000000 -0400
16 @@ -872,24 +872,15 @@ sys_getxgid:
25 - /* See linux/kernel/timer.c sys_getppid for discussion
27 - ldq $3, TASK_GROUP_LEADER($2)
28 - ldq $4, TASK_REAL_PARENT($3)
29 - ldl $0, TASK_TGID($2)
30 -1: ldl $1, TASK_TGID($4)
34 - ldq $3, TASK_GROUP_LEADER($2)
35 - ldq $4, TASK_REAL_PARENT($3)
48 diff -NurpP --minimal linux-2.6.25/arch/alpha/kernel/osf_sys.c linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/osf_sys.c
49 --- linux-2.6.25/arch/alpha/kernel/osf_sys.c 2008-04-17 12:05:26.000000000 -0400
50 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/osf_sys.c 2008-04-19 15:14:51.000000000 -0400
51 @@ -882,7 +882,7 @@ osf_gettimeofday(struct timeval32 __user
55 - do_gettimeofday(&ktv);
56 + vx_gettimeofday(&ktv);
57 if (put_tv32(tv, &ktv))
60 diff -NurpP --minimal linux-2.6.25/arch/alpha/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/ptrace.c
61 --- linux-2.6.25/arch/alpha/kernel/ptrace.c 2008-04-17 11:31:21.000000000 -0400
62 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/ptrace.c 2008-04-19 15:14:51.000000000 -0400
64 #include <linux/slab.h>
65 #include <linux/security.h>
66 #include <linux/signal.h>
67 +#include <linux/vs_base.h>
69 #include <asm/uaccess.h>
70 #include <asm/pgtable.h>
71 diff -NurpP --minimal linux-2.6.25/arch/alpha/kernel/semaphore.c linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/semaphore.c
72 --- linux-2.6.25/arch/alpha/kernel/semaphore.c 2008-04-17 11:31:21.000000000 -0400
73 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/semaphore.c 2008-04-19 15:14:51.000000000 -0400
74 @@ -68,8 +68,8 @@ __down_failed(struct semaphore *sem)
75 DECLARE_WAITQUEUE(wait, tsk);
77 #ifdef CONFIG_DEBUG_SEMAPHORE
78 - printk("%s(%d): down failed(%p)\n",
79 - tsk->comm, task_pid_nr(tsk), sem);
80 + printk("%s(%d:#%u): down failed(%p)\n",
81 + tsk->comm, task_pid_nr(tsk), tsk->xid, sem);
84 tsk->state = TASK_UNINTERRUPTIBLE;
85 @@ -97,8 +97,8 @@ __down_failed(struct semaphore *sem)
88 #ifdef CONFIG_DEBUG_SEMAPHORE
89 - printk("%s(%d): down acquired(%p)\n",
90 - tsk->comm, task_pid_nr(tsk), sem);
91 + printk("%s(%d:#%u): down acquired(%p)\n",
92 + tsk->comm, task_pid_nr(tsk), tsk->xid, sem);
96 @@ -110,8 +110,8 @@ __down_failed_interruptible(struct semap
99 #ifdef CONFIG_DEBUG_SEMAPHORE
100 - printk("%s(%d): down failed(%p)\n",
101 - tsk->comm, task_pid_nr(tsk), sem);
102 + printk("%s(%d:#%u): down failed(%p)\n",
103 + tsk->comm, task_pid_nr(tsk), tsk->xid, sem);
106 tsk->state = TASK_INTERRUPTIBLE;
107 diff -NurpP --minimal linux-2.6.25/arch/alpha/kernel/systbls.S linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/systbls.S
108 --- linux-2.6.25/arch/alpha/kernel/systbls.S 2008-04-17 12:05:26.000000000 -0400
109 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/systbls.S 2008-04-19 15:14:51.000000000 -0400
110 @@ -446,7 +446,7 @@ sys_call_table:
111 .quad sys_stat64 /* 425 */
114 - .quad sys_ni_syscall /* sys_vserver */
115 + .quad sys_vserver /* sys_vserver */
116 .quad sys_ni_syscall /* sys_mbind */
117 .quad sys_ni_syscall /* sys_get_mempolicy */
118 .quad sys_ni_syscall /* sys_set_mempolicy */
119 diff -NurpP --minimal linux-2.6.25/arch/alpha/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/traps.c
120 --- linux-2.6.25/arch/alpha/kernel/traps.c 2008-04-17 11:31:21.000000000 -0400
121 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/kernel/traps.c 2008-04-19 15:14:51.000000000 -0400
122 @@ -182,7 +182,8 @@ die_if_kernel(char * str, struct pt_regs
124 printk("CPU %d ", hard_smp_processor_id());
126 - printk("%s(%d): %s %ld\n", current->comm, task_pid_nr(current), str, err);
127 + printk("%s(%d[#%u]): %s %ld\n", current->comm,
128 + task_pid_nr(current), current->xid, str, err);
129 dik_show_regs(regs, r9_15);
130 add_taint(TAINT_DIE);
131 dik_show_trace((unsigned long *)(regs+1));
132 diff -NurpP --minimal linux-2.6.25/arch/alpha/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/alpha/mm/fault.c
133 --- linux-2.6.25/arch/alpha/mm/fault.c 2008-04-17 11:31:21.000000000 -0400
134 +++ linux-2.6.25-vs2.3.0.34.9/arch/alpha/mm/fault.c 2008-04-19 15:14:51.000000000 -0400
135 @@ -193,8 +193,8 @@ do_page_fault(unsigned long address, uns
136 down_read(&mm->mmap_sem);
139 - printk(KERN_ALERT "VM: killing process %s(%d)\n",
140 - current->comm, task_pid_nr(current));
141 + printk(KERN_ALERT "VM: killing process %s(%d:#%u)\n",
142 + current->comm, task_pid_nr(current), current->xid);
143 if (!user_mode(regs))
145 do_group_exit(SIGKILL);
146 diff -NurpP --minimal linux-2.6.25/arch/arm/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/arm/Kconfig
147 --- linux-2.6.25/arch/arm/Kconfig 2008-04-17 12:05:26.000000000 -0400
148 +++ linux-2.6.25-vs2.3.0.34.9/arch/arm/Kconfig 2008-04-19 15:14:51.000000000 -0400
149 @@ -1180,6 +1180,8 @@ source "fs/Kconfig"
151 source "arch/arm/Kconfig.debug"
153 +source "kernel/vserver/Kconfig"
155 source "security/Kconfig"
157 source "crypto/Kconfig"
158 diff -NurpP --minimal linux-2.6.25/arch/arm/kernel/calls.S linux-2.6.25-vs2.3.0.34.9/arch/arm/kernel/calls.S
159 --- linux-2.6.25/arch/arm/kernel/calls.S 2008-04-17 12:05:26.000000000 -0400
160 +++ linux-2.6.25-vs2.3.0.34.9/arch/arm/kernel/calls.S 2008-04-19 15:14:51.000000000 -0400
162 /* 310 */ CALL(sys_request_key)
164 CALL(ABI(sys_semtimedop, sys_oabi_semtimedop))
165 -/* vserver */ CALL(sys_ni_syscall)
168 /* 315 */ CALL(sys_ioprio_get)
169 CALL(sys_inotify_init)
170 diff -NurpP --minimal linux-2.6.25/arch/arm/kernel/process.c linux-2.6.25-vs2.3.0.34.9/arch/arm/kernel/process.c
171 --- linux-2.6.25/arch/arm/kernel/process.c 2008-04-17 12:05:26.000000000 -0400
172 +++ linux-2.6.25-vs2.3.0.34.9/arch/arm/kernel/process.c 2008-04-21 11:09:01.000000000 -0400
173 @@ -264,7 +264,8 @@ void __show_regs(struct pt_regs *regs)
174 void show_regs(struct pt_regs * regs)
177 - printk("Pid: %d, comm: %20s\n", task_pid_nr(current), current->comm);
178 + printk("Pid: %d[#%u], comm: %20s\n",
179 + task_pid_nr(current), current->xid, current->comm);
183 diff -NurpP --minimal linux-2.6.25/arch/arm/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/arm/kernel/traps.c
184 --- linux-2.6.25/arch/arm/kernel/traps.c 2008-04-17 12:05:26.000000000 -0400
185 +++ linux-2.6.25-vs2.3.0.34.9/arch/arm/kernel/traps.c 2008-04-19 15:14:51.000000000 -0400
186 @@ -214,8 +214,8 @@ static void __die(const char *str, int e
187 str, err, ++die_counter);
190 - printk("Process %s (pid: %d, stack limit = 0x%p)\n",
191 - tsk->comm, task_pid_nr(tsk), thread + 1);
192 + printk("Process %s (pid: %d:#%u, stack limit = 0x%p)\n",
193 + tsk->comm, task_pid_nr(tsk), tsk->xid, thread + 1);
195 if (!user_mode(regs) || in_interrupt()) {
196 dump_mem("Stack: ", regs->ARM_sp,
197 diff -NurpP --minimal linux-2.6.25/arch/arm/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/arm/mm/fault.c
198 --- linux-2.6.25/arch/arm/mm/fault.c 2008-04-17 12:05:27.000000000 -0400
199 +++ linux-2.6.25-vs2.3.0.34.9/arch/arm/mm/fault.c 2008-04-19 15:14:51.000000000 -0400
200 @@ -292,7 +292,8 @@ do_page_fault(unsigned long addr, unsign
201 * happened to us that made us unable to handle
202 * the page fault gracefully.
204 - printk("VM: killing process %s\n", tsk->comm);
205 + printk("VM: killing process %s(%d:#%u)\n",
206 + tsk->comm, task_pid_nr(tsk), tsk->xid);
207 do_group_exit(SIGKILL);
210 diff -NurpP --minimal linux-2.6.25/arch/cris/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/cris/Kconfig
211 --- linux-2.6.25/arch/cris/Kconfig 2008-04-17 12:05:27.000000000 -0400
212 +++ linux-2.6.25-vs2.3.0.34.9/arch/cris/Kconfig 2008-04-19 15:14:51.000000000 -0400
213 @@ -679,6 +679,8 @@ source "drivers/usb/Kconfig"
215 source "arch/cris/Kconfig.debug"
217 +source "kernel/vserver/Kconfig"
219 source "security/Kconfig"
221 source "crypto/Kconfig"
222 diff -NurpP --minimal linux-2.6.25/arch/frv/kernel/kernel_thread.S linux-2.6.25-vs2.3.0.34.9/arch/frv/kernel/kernel_thread.S
223 --- linux-2.6.25/arch/frv/kernel/kernel_thread.S 2007-02-04 13:44:54.000000000 -0500
224 +++ linux-2.6.25-vs2.3.0.34.9/arch/frv/kernel/kernel_thread.S 2008-04-21 11:09:01.000000000 -0400
225 @@ -37,7 +37,7 @@ kernel_thread:
227 # start by forking the current process, but with shared VM
228 setlos.p #__NR_clone,gr7 ; syscall number
229 - ori gr10,#CLONE_VM,gr8 ; first syscall arg [clone_flags]
230 + ori gr10,#CLONE_KT,gr8 ; first syscall arg [clone_flags]
231 sethi.p #0xe4e4,gr9 ; second syscall arg [newsp]
233 setlos.p #0,gr10 ; third syscall arg [parent_tidptr]
234 diff -NurpP --minimal linux-2.6.25/arch/h8300/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/h8300/Kconfig
235 --- linux-2.6.25/arch/h8300/Kconfig 2008-04-17 12:05:28.000000000 -0400
236 +++ linux-2.6.25-vs2.3.0.34.9/arch/h8300/Kconfig 2008-04-19 15:14:51.000000000 -0400
237 @@ -233,6 +233,8 @@ source "fs/Kconfig"
239 source "arch/h8300/Kconfig.debug"
241 +source "kernel/vserver/Kconfig"
243 source "security/Kconfig"
245 source "crypto/Kconfig"
246 diff -NurpP --minimal linux-2.6.25/arch/ia64/ia32/ia32_entry.S linux-2.6.25-vs2.3.0.34.9/arch/ia64/ia32/ia32_entry.S
247 --- linux-2.6.25/arch/ia64/ia32/ia32_entry.S 2008-04-17 10:37:14.000000000 -0400
248 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/ia32/ia32_entry.S 2008-04-19 15:14:51.000000000 -0400
249 @@ -446,7 +446,7 @@ ia32_syscall_table:
250 data8 sys_tgkill /* 270 */
251 data8 compat_sys_utimes
252 data8 sys32_fadvise64_64
253 - data8 sys_ni_syscall
254 + data8 sys32_vserver
256 data8 sys_ni_syscall /* 275 */
258 diff -NurpP --minimal linux-2.6.25/arch/ia64/ia32/sys_ia32.c linux-2.6.25-vs2.3.0.34.9/arch/ia64/ia32/sys_ia32.c
259 --- linux-2.6.25/arch/ia64/ia32/sys_ia32.c 2008-04-17 12:05:28.000000000 -0400
260 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/ia32/sys_ia32.c 2008-04-19 15:14:51.000000000 -0400
261 @@ -1177,7 +1177,7 @@ sys32_gettimeofday (struct compat_timeva
265 - do_gettimeofday(&ktv);
266 + vx_gettimeofday(&ktv);
267 if (put_tv32(tv, &ktv))
270 diff -NurpP --minimal linux-2.6.25/arch/ia64/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/ia64/Kconfig
271 --- linux-2.6.25/arch/ia64/Kconfig 2008-04-17 12:05:28.000000000 -0400
272 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/Kconfig 2008-04-19 15:14:51.000000000 -0400
273 @@ -615,6 +615,8 @@ source "arch/ia64/hp/sim/Kconfig"
275 source "arch/ia64/Kconfig.debug"
277 +source "kernel/vserver/Kconfig"
279 source "security/Kconfig"
281 source "crypto/Kconfig"
282 diff -NurpP --minimal linux-2.6.25/arch/ia64/kernel/entry.S linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/entry.S
283 --- linux-2.6.25/arch/ia64/kernel/entry.S 2008-04-17 12:05:28.000000000 -0400
284 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/entry.S 2008-04-19 15:14:51.000000000 -0400
285 @@ -1547,7 +1547,7 @@ sys_call_table:
287 data8 sys_mq_getsetattr
289 - data8 sys_ni_syscall // reserved for vserver
291 data8 sys_waitid // 1270
293 data8 sys_request_key
294 diff -NurpP --minimal linux-2.6.25/arch/ia64/kernel/perfmon.c linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/perfmon.c
295 --- linux-2.6.25/arch/ia64/kernel/perfmon.c 2008-04-17 12:05:28.000000000 -0400
296 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/perfmon.c 2008-04-19 15:14:51.000000000 -0400
298 #include <linux/capability.h>
299 #include <linux/rcupdate.h>
300 #include <linux/completion.h>
301 +#include <linux/vs_memory.h>
303 #include <asm/errno.h>
304 #include <asm/intrinsics.h>
305 @@ -2374,7 +2375,7 @@ pfm_smpl_buffer_alloc(struct task_struct
307 insert_vm_struct(mm, vma);
309 - mm->total_vm += size >> PAGE_SHIFT;
310 + vx_vmpages_add(mm, size >> PAGE_SHIFT);
311 vm_stat_account(vma->vm_mm, vma->vm_flags, vma->vm_file,
313 up_write(&task->mm->mmap_sem);
314 diff -NurpP --minimal linux-2.6.25/arch/ia64/kernel/process.c linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/process.c
315 --- linux-2.6.25/arch/ia64/kernel/process.c 2008-04-17 12:05:28.000000000 -0400
316 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/process.c 2008-04-21 11:09:01.000000000 -0400
317 @@ -105,8 +105,8 @@ show_regs (struct pt_regs *regs)
318 unsigned long ip = regs->cr_iip + ia64_psr(regs)->ri;
321 - printk("\nPid: %d, CPU %d, comm: %20s\n", task_pid_nr(current),
322 - smp_processor_id(), current->comm);
323 + printk("\nPid: %d[#%u], CPU %d, comm: %20s\n", task_pid_nr(current),
324 + current->xid, smp_processor_id(), current->comm);
325 printk("psr : %016lx ifs : %016lx ip : [<%016lx>] %s (%s)\n",
326 regs->cr_ipsr, regs->cr_ifs, ip, print_tainted(),
327 init_utsname()->release);
328 diff -NurpP --minimal linux-2.6.25/arch/ia64/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/ptrace.c
329 --- linux-2.6.25/arch/ia64/kernel/ptrace.c 2008-04-17 12:05:28.000000000 -0400
330 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/ptrace.c 2008-04-19 15:14:51.000000000 -0400
332 #include <linux/security.h>
333 #include <linux/audit.h>
334 #include <linux/signal.h>
335 +#include <linux/vs_base.h>
337 #include <asm/pgtable.h>
338 #include <asm/processor.h>
339 diff -NurpP --minimal linux-2.6.25/arch/ia64/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/traps.c
340 --- linux-2.6.25/arch/ia64/kernel/traps.c 2008-04-17 12:05:28.000000000 -0400
341 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/kernel/traps.c 2008-04-21 10:33:04.000000000 -0400
342 @@ -60,8 +60,9 @@ die (const char *str, struct pt_regs *re
345 if (++die.lock_owner_depth < 3) {
346 - printk("%s[%d]: %s %ld [%d]\n",
347 - current->comm, task_pid_nr(current), str, err, ++die_counter);
348 + printk("%s[%d[#%u]]: %s %ld [%d]\n",
349 + current->comm, task_pid_nr(current), current->xid,
350 + str, err, ++die_counter);
351 if (notify_die(DIE_OOPS, str, regs, err, 255, SIGSEGV)
354 @@ -324,8 +325,9 @@ handle_fpu_swa (int fp_fault, struct pt_
355 if ((last.count & 15) < 5 && (ia64_fetchadd(1, &last.count, acq) & 15) < 5) {
356 last.time = current_jiffies + 5 * HZ;
358 - "%s(%d): floating-point assist fault at ip %016lx, isr %016lx\n",
359 - current->comm, task_pid_nr(current), regs->cr_iip + ia64_psr(regs)->ri, isr);
360 + "%s(%d[#%u]): floating-point assist fault at ip %016lx, isr %016lx\n",
361 + current->comm, task_pid_nr(current), current->xid,
362 + regs->cr_iip + ia64_psr(regs)->ri, isr);
366 diff -NurpP --minimal linux-2.6.25/arch/ia64/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/ia64/mm/fault.c
367 --- linux-2.6.25/arch/ia64/mm/fault.c 2008-04-17 12:05:28.000000000 -0400
368 +++ linux-2.6.25-vs2.3.0.34.9/arch/ia64/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
370 #include <linux/interrupt.h>
371 #include <linux/kprobes.h>
372 #include <linux/kdebug.h>
373 +#include <linux/vs_memory.h>
375 #include <asm/pgtable.h>
376 #include <asm/processor.h>
377 diff -NurpP --minimal linux-2.6.25/arch/m32r/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/m32r/kernel/traps.c
378 --- linux-2.6.25/arch/m32r/kernel/traps.c 2008-04-17 11:31:23.000000000 -0400
379 +++ linux-2.6.25-vs2.3.0.34.9/arch/m32r/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
380 @@ -195,8 +195,9 @@ static void show_registers(struct pt_reg
382 printk("SPI: %08lx\n", sp);
384 - printk("Process %s (pid: %d, process nr: %d, stackpage=%08lx)",
385 - current->comm, task_pid_nr(current), 0xffff & i, 4096+(unsigned long)current);
386 + printk("Process %s (pid: %d[#%u], process nr: %d, stackpage=%08lx)",
387 + current->comm, task_pid_nr(current), current->xid,
388 + 0xffff & i, 4096+(unsigned long)current);
391 * When in-kernel, we also print out the stack and code at the
392 diff -NurpP --minimal linux-2.6.25/arch/m68k/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/m68k/Kconfig
393 --- linux-2.6.25/arch/m68k/Kconfig 2008-04-17 12:05:28.000000000 -0400
394 +++ linux-2.6.25-vs2.3.0.34.9/arch/m68k/Kconfig 2008-04-19 15:14:52.000000000 -0400
395 @@ -674,6 +674,8 @@ source "fs/Kconfig"
397 source "arch/m68k/Kconfig.debug"
399 +source "kernel/vserver/Kconfig"
401 source "security/Kconfig"
403 source "crypto/Kconfig"
404 diff -NurpP --minimal linux-2.6.25/arch/m68k/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/m68k/kernel/ptrace.c
405 --- linux-2.6.25/arch/m68k/kernel/ptrace.c 2008-04-17 11:31:23.000000000 -0400
406 +++ linux-2.6.25-vs2.3.0.34.9/arch/m68k/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
408 #include <linux/ptrace.h>
409 #include <linux/user.h>
410 #include <linux/signal.h>
411 +#include <linux/vs_base.h>
413 #include <asm/uaccess.h>
414 #include <asm/page.h>
415 @@ -269,6 +270,8 @@ long arch_ptrace(struct task_struct *chi
416 ret = ptrace_request(child, request, addr, data);
419 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
424 diff -NurpP --minimal linux-2.6.25/arch/m68k/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/m68k/kernel/traps.c
425 --- linux-2.6.25/arch/m68k/kernel/traps.c 2008-04-17 12:05:28.000000000 -0400
426 +++ linux-2.6.25-vs2.3.0.34.9/arch/m68k/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
427 @@ -898,8 +898,8 @@ void show_registers(struct pt_regs *regs
428 printk("d4: %08lx d5: %08lx a0: %08lx a1: %08lx\n",
429 regs->d4, regs->d5, regs->a0, regs->a1);
431 - printk("Process %s (pid: %d, task=%p)\n",
432 - current->comm, task_pid_nr(current), current);
433 + printk("Process %s (pid: %d[#%u], task=%p)\n",
434 + current->comm, task_pid_nr(current), current->xid, current);
435 addr = (unsigned long)&fp->un;
436 printk("Frame format=%X ", regs->format);
437 switch (regs->format) {
438 diff -NurpP --minimal linux-2.6.25/arch/m68knommu/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/m68knommu/Kconfig
439 --- linux-2.6.25/arch/m68knommu/Kconfig 2008-04-17 12:05:28.000000000 -0400
440 +++ linux-2.6.25-vs2.3.0.34.9/arch/m68knommu/Kconfig 2008-04-19 15:14:52.000000000 -0400
441 @@ -722,6 +722,8 @@ source "fs/Kconfig"
443 source "arch/m68knommu/Kconfig.debug"
445 +source "kernel/vserver/Kconfig"
447 source "security/Kconfig"
449 source "crypto/Kconfig"
450 diff -NurpP --minimal linux-2.6.25/arch/m68knommu/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/m68knommu/kernel/traps.c
451 --- linux-2.6.25/arch/m68knommu/kernel/traps.c 2008-04-17 10:37:14.000000000 -0400
452 +++ linux-2.6.25-vs2.3.0.34.9/arch/m68knommu/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
453 @@ -78,8 +78,9 @@ void die_if_kernel(char *str, struct pt_
454 printk(KERN_EMERG "d4: %08lx d5: %08lx a0: %08lx a1: %08lx\n",
455 fp->d4, fp->d5, fp->a0, fp->a1);
457 - printk(KERN_EMERG "Process %s (pid: %d, stackpage=%08lx)\n",
458 - current->comm, current->pid, PAGE_SIZE+(unsigned long)current);
459 + printk(KERN_EMERG "Process %s (pid: %d[#%u], stackpage=%08lx)\n",
460 + current->comm, task_pid_nr(current), current->xid,
461 + PAGE_SIZE+(unsigned long)current);
462 show_stack(NULL, (unsigned long *)(fp + 1));
463 add_taint(TAINT_DIE);
465 diff -NurpP --minimal linux-2.6.25/arch/mips/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/mips/Kconfig
466 --- linux-2.6.25/arch/mips/Kconfig 2008-04-17 12:05:28.000000000 -0400
467 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/Kconfig 2008-04-19 15:14:52.000000000 -0400
468 @@ -2099,6 +2099,8 @@ source "fs/Kconfig"
470 source "arch/mips/Kconfig.debug"
472 +source "kernel/vserver/Kconfig"
474 source "security/Kconfig"
476 source "crypto/Kconfig"
477 diff -NurpP --minimal linux-2.6.25/arch/mips/kernel/linux32.c linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/linux32.c
478 --- linux-2.6.25/arch/mips/kernel/linux32.c 2008-04-17 12:05:29.000000000 -0400
479 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/linux32.c 2008-04-19 15:14:52.000000000 -0400
480 @@ -209,7 +209,7 @@ sys32_gettimeofday(struct compat_timeval
484 - do_gettimeofday(&ktv);
485 + vx_gettimeofday(&ktv);
486 if (put_tv32(tv, &ktv))
489 diff -NurpP --minimal linux-2.6.25/arch/mips/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/ptrace.c
490 --- linux-2.6.25/arch/mips/kernel/ptrace.c 2008-04-17 11:31:23.000000000 -0400
491 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
493 #include <linux/security.h>
494 #include <linux/audit.h>
495 #include <linux/seccomp.h>
496 +#include <linux/vs_base.h>
498 #include <asm/byteorder.h>
500 @@ -171,6 +172,9 @@ long arch_ptrace(struct task_struct *chi
504 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
508 /* when I and D space are separate, these will need to be fixed. */
509 case PTRACE_PEEKTEXT: /* read word at location addr. */
510 diff -NurpP --minimal linux-2.6.25/arch/mips/kernel/scall32-o32.S linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall32-o32.S
511 --- linux-2.6.25/arch/mips/kernel/scall32-o32.S 2008-04-17 12:05:29.000000000 -0400
512 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall32-o32.S 2008-04-19 15:14:52.000000000 -0400
513 @@ -619,7 +619,7 @@ einval: li v0, -EINVAL
514 sys sys_mq_timedreceive 5
515 sys sys_mq_notify 2 /* 4275 */
516 sys sys_mq_getsetattr 3
517 - sys sys_ni_syscall 0 /* sys_vserver */
520 sys sys_ni_syscall 0 /* available, was setaltroot */
521 sys sys_add_key 5 /* 4280 */
522 diff -NurpP --minimal linux-2.6.25/arch/mips/kernel/scall64-64.S linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall64-64.S
523 --- linux-2.6.25/arch/mips/kernel/scall64-64.S 2008-04-17 12:05:29.000000000 -0400
524 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall64-64.S 2008-04-19 15:14:52.000000000 -0400
525 @@ -434,7 +434,7 @@ sys_call_table:
526 PTR sys_mq_timedreceive
528 PTR sys_mq_getsetattr /* 5235 */
529 - PTR sys_ni_syscall /* sys_vserver */
532 PTR sys_ni_syscall /* available, was setaltroot */
534 diff -NurpP --minimal linux-2.6.25/arch/mips/kernel/scall64-n32.S linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall64-n32.S
535 --- linux-2.6.25/arch/mips/kernel/scall64-n32.S 2008-04-17 12:05:29.000000000 -0400
536 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall64-n32.S 2008-04-19 15:14:52.000000000 -0400
537 @@ -360,7 +360,7 @@ EXPORT(sysn32_call_table)
538 PTR compat_sys_mq_timedreceive
539 PTR compat_sys_mq_notify
540 PTR compat_sys_mq_getsetattr
541 - PTR sys_ni_syscall /* 6240, sys_vserver */
542 + PTR sys32_vserver /* 6240 */
543 PTR compat_sys_waitid
544 PTR sys_ni_syscall /* available, was setaltroot */
546 diff -NurpP --minimal linux-2.6.25/arch/mips/kernel/scall64-o32.S linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall64-o32.S
547 --- linux-2.6.25/arch/mips/kernel/scall64-o32.S 2008-04-17 12:05:29.000000000 -0400
548 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/scall64-o32.S 2008-04-19 15:14:52.000000000 -0400
549 @@ -482,7 +482,7 @@ sys_call_table:
550 PTR compat_sys_mq_timedreceive
551 PTR compat_sys_mq_notify /* 4275 */
552 PTR compat_sys_mq_getsetattr
553 - PTR sys_ni_syscall /* sys_vserver */
556 PTR sys_ni_syscall /* available, was setaltroot */
557 PTR sys_add_key /* 4280 */
558 diff -NurpP --minimal linux-2.6.25/arch/mips/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/traps.c
559 --- linux-2.6.25/arch/mips/kernel/traps.c 2008-04-17 12:05:29.000000000 -0400
560 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
561 @@ -313,8 +313,9 @@ void show_registers(const struct pt_regs
565 - printk("Process %s (pid: %d, threadinfo=%p, task=%p)\n",
566 - current->comm, task_pid_nr(current), current_thread_info(), current);
567 + printk("Process %s (pid: %d:#%u, threadinfo=%p, task=%p)\n",
568 + current->comm, task_pid_nr(current), current->xid,
569 + current_thread_info(), current);
570 show_stacktrace(current, regs);
571 show_code((unsigned int __user *) regs->cp0_epc);
573 diff -NurpP --minimal linux-2.6.25/arch/mips/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/mips/mm/fault.c
574 --- linux-2.6.25/arch/mips/mm/fault.c 2008-04-17 11:31:24.000000000 -0400
575 +++ linux-2.6.25-vs2.3.0.34.9/arch/mips/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
576 @@ -178,7 +178,8 @@ out_of_memory:
577 down_read(&mm->mmap_sem);
580 - printk("VM: killing process %s\n", tsk->comm);
581 + printk("VM: killing process %s(%d:#%u)\n",
582 + tsk->comm, tsk->pid, tsk->xid);
584 do_group_exit(SIGKILL);
586 diff -NurpP --minimal linux-2.6.25/arch/parisc/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/parisc/Kconfig
587 --- linux-2.6.25/arch/parisc/Kconfig 2008-04-17 12:05:29.000000000 -0400
588 +++ linux-2.6.25-vs2.3.0.34.9/arch/parisc/Kconfig 2008-04-19 15:14:52.000000000 -0400
589 @@ -278,6 +278,8 @@ source "fs/Kconfig"
591 source "arch/parisc/Kconfig.debug"
593 +source "kernel/vserver/Kconfig"
595 source "security/Kconfig"
597 source "crypto/Kconfig"
598 diff -NurpP --minimal linux-2.6.25/arch/parisc/kernel/syscall_table.S linux-2.6.25-vs2.3.0.34.9/arch/parisc/kernel/syscall_table.S
599 --- linux-2.6.25/arch/parisc/kernel/syscall_table.S 2008-04-17 12:05:29.000000000 -0400
600 +++ linux-2.6.25-vs2.3.0.34.9/arch/parisc/kernel/syscall_table.S 2008-04-19 15:14:52.000000000 -0400
602 ENTRY_COMP(mbind) /* 260 */
603 ENTRY_COMP(get_mempolicy)
604 ENTRY_COMP(set_mempolicy)
605 - ENTRY_SAME(ni_syscall) /* 263: reserved for vserver */
606 + ENTRY_DIFF(vserver)
608 ENTRY_SAME(request_key) /* 265 */
610 diff -NurpP --minimal linux-2.6.25/arch/parisc/kernel/sys_parisc32.c linux-2.6.25-vs2.3.0.34.9/arch/parisc/kernel/sys_parisc32.c
611 --- linux-2.6.25/arch/parisc/kernel/sys_parisc32.c 2008-04-17 11:31:24.000000000 -0400
612 +++ linux-2.6.25-vs2.3.0.34.9/arch/parisc/kernel/sys_parisc32.c 2008-04-19 15:14:52.000000000 -0400
613 @@ -204,11 +204,11 @@ static inline long get_ts32(struct times
615 sys32_gettimeofday(struct compat_timeval __user *tv, struct timezone __user *tz)
617 - extern void do_gettimeofday(struct timeval *tv);
618 + extern void vx_gettimeofday(struct timeval *tv);
622 - do_gettimeofday(&ktv);
623 + vx_gettimeofday(&ktv);
624 if (put_compat_timeval(tv, &ktv))
627 diff -NurpP --minimal linux-2.6.25/arch/parisc/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/parisc/kernel/traps.c
628 --- linux-2.6.25/arch/parisc/kernel/traps.c 2008-04-17 12:05:29.000000000 -0400
629 +++ linux-2.6.25-vs2.3.0.34.9/arch/parisc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
630 @@ -237,8 +237,9 @@ void die_if_kernel(char *str, struct pt_
634 - printk(KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
635 - current->comm, task_pid_nr(current), str, err, regs->iaoq[0]);
636 + printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld) at " RFMT "\n",
637 + current->comm, task_pid_nr(current), current->xid,
638 + str, err, regs->iaoq[0]);
639 #ifdef PRINT_USER_FAULTS
640 /* XXX for debugging only */
642 @@ -270,8 +271,8 @@ KERN_CRIT " || |
643 pdc_console_restart();
646 - printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
647 - current->comm, task_pid_nr(current), str, err);
648 + printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld)\n",
649 + current->comm, task_pid_nr(current), current->xid, str, err);
651 /* Wot's wrong wif bein' racy? */
652 if (current->thread.flags & PARISC_KERNEL_DEATH) {
653 diff -NurpP --minimal linux-2.6.25/arch/parisc/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/parisc/mm/fault.c
654 --- linux-2.6.25/arch/parisc/mm/fault.c 2008-04-17 11:31:24.000000000 -0400
655 +++ linux-2.6.25-vs2.3.0.34.9/arch/parisc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
656 @@ -210,8 +210,9 @@ bad_area:
658 #ifdef PRINT_USER_FAULTS
659 printk(KERN_DEBUG "\n");
660 - printk(KERN_DEBUG "do_page_fault() pid=%d command='%s' type=%lu address=0x%08lx\n",
661 - task_pid_nr(tsk), tsk->comm, code, address);
662 + printk(KERN_DEBUG "do_page_fault() pid=%d:#%u "
663 + "command='%s' type=%lu address=0x%08lx\n",
664 + task_pid_nr(tsk), tsk->xid, tsk->comm, code, address);
666 printk(KERN_DEBUG "vm_start = 0x%08lx, vm_end = 0x%08lx\n",
667 vma->vm_start, vma->vm_end);
668 @@ -261,7 +262,8 @@ no_context:
671 up_read(&mm->mmap_sem);
672 - printk(KERN_CRIT "VM: killing process %s\n", current->comm);
673 + printk(KERN_CRIT "VM: killing process %s(%d:#%u)\n",
674 + current->comm, current->pid, current->xid);
676 do_group_exit(SIGKILL);
678 diff -NurpP --minimal linux-2.6.25/arch/powerpc/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/powerpc/Kconfig
679 --- linux-2.6.25/arch/powerpc/Kconfig 2008-04-17 12:05:29.000000000 -0400
680 +++ linux-2.6.25-vs2.3.0.34.9/arch/powerpc/Kconfig 2008-04-19 15:14:52.000000000 -0400
681 @@ -706,6 +706,8 @@ source "lib/Kconfig"
683 source "arch/powerpc/Kconfig.debug"
685 +source "kernel/vserver/Kconfig"
687 source "security/Kconfig"
690 diff -NurpP --minimal linux-2.6.25/arch/powerpc/kernel/irq.c linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/irq.c
691 --- linux-2.6.25/arch/powerpc/kernel/irq.c 2008-04-17 12:05:29.000000000 -0400
692 +++ linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/irq.c 2008-04-19 15:14:52.000000000 -0400
694 #include <linux/bootmem.h>
695 #include <linux/pci.h>
696 #include <linux/debugfs.h>
697 +#include <linux/vs_context.h>
699 #include <asm/uaccess.h>
700 #include <asm/system.h>
701 diff -NurpP --minimal linux-2.6.25/arch/powerpc/kernel/process.c linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/process.c
702 --- linux-2.6.25/arch/powerpc/kernel/process.c 2008-04-17 12:05:30.000000000 -0400
703 +++ linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/process.c 2008-04-19 15:14:52.000000000 -0400
704 @@ -464,8 +464,9 @@ void show_regs(struct pt_regs * regs)
706 printk("DAR: "REG", DSISR: "REG"\n", regs->dar, regs->dsisr);
708 - printk("TASK = %p[%d] '%s' THREAD: %p",
709 - current, task_pid_nr(current), current->comm, task_thread_info(current));
710 + printk("TASK = %p[%d,#%u] '%s' THREAD: %p",
711 + current, task_pid_nr(current), current->xid,
712 + current->comm, task_thread_info(current));
715 printk(" CPU: %d", raw_smp_processor_id());
716 diff -NurpP --minimal linux-2.6.25/arch/powerpc/kernel/sys_ppc32.c linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/sys_ppc32.c
717 --- linux-2.6.25/arch/powerpc/kernel/sys_ppc32.c 2008-04-17 11:31:24.000000000 -0400
718 +++ linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/sys_ppc32.c 2008-04-19 15:14:52.000000000 -0400
719 @@ -205,7 +205,7 @@ asmlinkage long compat_sys_gettimeofday(
723 - do_gettimeofday(&ktv);
724 + vx_gettimeofday(&ktv);
725 if (put_tv32(tv, &ktv))
728 diff -NurpP --minimal linux-2.6.25/arch/powerpc/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/traps.c
729 --- linux-2.6.25/arch/powerpc/kernel/traps.c 2008-04-17 12:05:30.000000000 -0400
730 +++ linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
731 @@ -941,8 +941,9 @@ void nonrecoverable_exception(struct pt_
733 void trace_syscall(struct pt_regs *regs)
735 - printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
736 - current, task_pid_nr(current), regs->nip, regs->link, regs->gpr[0],
737 + printk("Task: %p(%d[#%u]), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
738 + current, task_pid_nr(current), current->xid,
739 + regs->nip, regs->link, regs->gpr[0],
740 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted());
743 diff -NurpP --minimal linux-2.6.25/arch/powerpc/kernel/vdso.c linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/vdso.c
744 --- linux-2.6.25/arch/powerpc/kernel/vdso.c 2008-04-17 12:05:30.000000000 -0400
745 +++ linux-2.6.25-vs2.3.0.34.9/arch/powerpc/kernel/vdso.c 2008-04-19 15:14:52.000000000 -0400
747 #include <linux/elf.h>
748 #include <linux/security.h>
749 #include <linux/bootmem.h>
750 +#include <linux/vs_memory.h>
752 #include <asm/pgtable.h>
753 #include <asm/system.h>
754 diff -NurpP --minimal linux-2.6.25/arch/powerpc/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/powerpc/mm/fault.c
755 --- linux-2.6.25/arch/powerpc/mm/fault.c 2008-04-17 12:05:30.000000000 -0400
756 +++ linux-2.6.25-vs2.3.0.34.9/arch/powerpc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
757 @@ -378,7 +378,8 @@ out_of_memory:
758 down_read(&mm->mmap_sem);
761 - printk("VM: killing process %s\n", current->comm);
762 + printk("VM: killing process %s(%d:#%u)\n",
763 + current->comm, current->pid, current->xid);
765 do_group_exit(SIGKILL);
767 diff -NurpP --minimal linux-2.6.25/arch/ppc/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/ppc/Kconfig
768 --- linux-2.6.25/arch/ppc/Kconfig 2008-04-17 12:05:30.000000000 -0400
769 +++ linux-2.6.25-vs2.3.0.34.9/arch/ppc/Kconfig 2008-04-19 15:14:52.000000000 -0400
770 @@ -1261,6 +1261,8 @@ source "lib/Kconfig"
772 source "arch/ppc/Kconfig.debug"
774 +source "kernel/vserver/Kconfig"
776 source "security/Kconfig"
778 source "crypto/Kconfig"
779 diff -NurpP --minimal linux-2.6.25/arch/ppc/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/ppc/kernel/traps.c
780 --- linux-2.6.25/arch/ppc/kernel/traps.c 2008-04-17 12:05:30.000000000 -0400
781 +++ linux-2.6.25-vs2.3.0.34.9/arch/ppc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
782 @@ -669,8 +669,9 @@ void nonrecoverable_exception(struct pt_
784 void trace_syscall(struct pt_regs *regs)
786 - printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
787 - current, current->pid, regs->nip, regs->link, regs->gpr[0],
788 + printk("Task: %p(%d[#%u]), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
789 + current, current->pid, current->xid,
790 + regs->nip, regs->link, regs->gpr[0],
791 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted());
794 diff -NurpP --minimal linux-2.6.25/arch/ppc/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/ppc/mm/fault.c
795 --- linux-2.6.25/arch/ppc/mm/fault.c 2008-04-17 11:31:25.000000000 -0400
796 +++ linux-2.6.25-vs2.3.0.34.9/arch/ppc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
797 @@ -295,7 +295,8 @@ out_of_memory:
798 down_read(&mm->mmap_sem);
801 - printk("VM: killing process %s\n", current->comm);
802 + printk("VM: killing process %s(%d:#%u)\n",
803 + current->comm, current->pid, current->xid);
805 do_group_exit(SIGKILL);
807 diff -NurpP --minimal linux-2.6.25/arch/s390/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/s390/Kconfig
808 --- linux-2.6.25/arch/s390/Kconfig 2008-04-17 12:05:30.000000000 -0400
809 +++ linux-2.6.25-vs2.3.0.34.9/arch/s390/Kconfig 2008-04-19 15:14:52.000000000 -0400
810 @@ -544,6 +544,8 @@ source "fs/Kconfig"
812 source "arch/s390/Kconfig.debug"
814 +source "kernel/vserver/Kconfig"
816 source "security/Kconfig"
818 source "crypto/Kconfig"
819 diff -NurpP --minimal linux-2.6.25/arch/s390/kernel/compat_linux.c linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/compat_linux.c
820 --- linux-2.6.25/arch/s390/kernel/compat_linux.c 2008-04-17 11:31:25.000000000 -0400
821 +++ linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/compat_linux.c 2008-04-19 15:14:52.000000000 -0400
822 @@ -567,7 +567,7 @@ asmlinkage long sys32_gettimeofday(struc
826 - do_gettimeofday(&ktv);
827 + vx_gettimeofday(&ktv);
828 if (put_tv32(tv, &ktv))
831 diff -NurpP --minimal linux-2.6.25/arch/s390/kernel/process.c linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/process.c
832 --- linux-2.6.25/arch/s390/kernel/process.c 2008-04-17 12:05:30.000000000 -0400
833 +++ linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/process.c 2008-04-21 11:09:01.000000000 -0400
834 @@ -194,9 +194,9 @@ void show_regs(struct pt_regs *regs)
835 init_utsname()->release,
836 (int)strcspn(init_utsname()->version, " "),
837 init_utsname()->version);
838 - printk("Process %s (pid: %d, task: %p, ksp: %p)\n",
839 - current->comm, current->pid, current,
840 - (void *) current->thread.ksp);
841 + printk("Process %s (pid: %d[#%u], task: %p, ksp: %p)\n",
842 + current->comm, current->pid, current->xid,
843 + (void *) current, (void *) current->thread.ksp);
844 show_registers(regs);
845 /* Show stack backtrace if pt_regs is from kernel mode */
846 if (!(regs->psw.mask & PSW_MASK_PSTATE))
847 diff -NurpP --minimal linux-2.6.25/arch/s390/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/ptrace.c
848 --- linux-2.6.25/arch/s390/kernel/ptrace.c 2008-04-17 12:05:30.000000000 -0400
849 +++ linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
851 #include <linux/security.h>
852 #include <linux/audit.h>
853 #include <linux/signal.h>
854 +#include <linux/vs_base.h>
856 #include <asm/segment.h>
857 #include <asm/page.h>
858 @@ -710,7 +711,13 @@ sys_ptrace(long request, long pid, long
862 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT)) {
867 ret = do_ptrace(child, request, addr, data);
869 put_task_struct(child);
872 diff -NurpP --minimal linux-2.6.25/arch/s390/kernel/syscalls.S linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/syscalls.S
873 --- linux-2.6.25/arch/s390/kernel/syscalls.S 2008-04-17 12:05:30.000000000 -0400
874 +++ linux-2.6.25-vs2.3.0.34.9/arch/s390/kernel/syscalls.S 2008-04-19 15:14:52.000000000 -0400
875 @@ -271,7 +271,7 @@ SYSCALL(sys_clock_settime,sys_clock_sett
876 SYSCALL(sys_clock_gettime,sys_clock_gettime,sys32_clock_gettime_wrapper) /* 260 */
877 SYSCALL(sys_clock_getres,sys_clock_getres,sys32_clock_getres_wrapper)
878 SYSCALL(sys_clock_nanosleep,sys_clock_nanosleep,sys32_clock_nanosleep_wrapper)
879 -NI_SYSCALL /* reserved for vserver */
880 +SYSCALL(sys_vserver,sys_vserver,sys32_vserver)
881 SYSCALL(s390_fadvise64_64,sys_ni_syscall,sys32_fadvise64_64_wrapper)
882 SYSCALL(sys_statfs64,sys_statfs64,compat_sys_statfs64_wrapper)
883 SYSCALL(sys_fstatfs64,sys_fstatfs64,compat_sys_fstatfs64_wrapper)
884 diff -NurpP --minimal linux-2.6.25/arch/s390/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/s390/mm/fault.c
885 --- linux-2.6.25/arch/s390/mm/fault.c 2008-04-17 12:05:30.000000000 -0400
886 +++ linux-2.6.25-vs2.3.0.34.9/arch/s390/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
887 @@ -217,7 +217,8 @@ static int do_out_of_memory(struct pt_re
888 down_read(&mm->mmap_sem);
891 - printk("VM: killing process %s\n", tsk->comm);
892 + printk("VM: killing process %s(%d:#%u)\n",
893 + tsk->comm, tsk->pid, tsk->xid);
894 if (regs->psw.mask & PSW_MASK_PSTATE)
895 do_group_exit(SIGKILL);
896 do_no_context(regs, error_code, address);
897 diff -NurpP --minimal linux-2.6.25/arch/sh/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/sh/Kconfig
898 --- linux-2.6.25/arch/sh/Kconfig 2008-04-17 12:05:30.000000000 -0400
899 +++ linux-2.6.25-vs2.3.0.34.9/arch/sh/Kconfig 2008-04-19 15:14:52.000000000 -0400
900 @@ -913,6 +913,8 @@ source "fs/Kconfig"
902 source "arch/sh/Kconfig.debug"
904 +source "kernel/vserver/Kconfig"
906 source "security/Kconfig"
908 source "crypto/Kconfig"
909 diff -NurpP --minimal linux-2.6.25/arch/sh/kernel/irq.c linux-2.6.25-vs2.3.0.34.9/arch/sh/kernel/irq.c
910 --- linux-2.6.25/arch/sh/kernel/irq.c 2008-04-17 12:05:30.000000000 -0400
911 +++ linux-2.6.25-vs2.3.0.34.9/arch/sh/kernel/irq.c 2008-04-19 15:14:52.000000000 -0400
913 #include <linux/module.h>
914 #include <linux/kernel_stat.h>
915 #include <linux/seq_file.h>
916 +#include <linux/vs_context.h>
917 #include <asm/processor.h>
918 #include <asm/machvec.h>
919 #include <asm/uaccess.h>
920 diff -NurpP --minimal linux-2.6.25/arch/sh/kernel/vsyscall/vsyscall.c linux-2.6.25-vs2.3.0.34.9/arch/sh/kernel/vsyscall/vsyscall.c
921 --- linux-2.6.25/arch/sh/kernel/vsyscall/vsyscall.c 2008-04-17 10:37:14.000000000 -0400
922 +++ linux-2.6.25-vs2.3.0.34.9/arch/sh/kernel/vsyscall/vsyscall.c 2008-04-19 15:14:52.000000000 -0400
924 #include <linux/elf.h>
925 #include <linux/sched.h>
926 #include <linux/err.h>
927 +#include <linux/vs_memory.h>
930 * Should the kernel map a VDSO page into processes and pass its
931 diff -NurpP --minimal linux-2.6.25/arch/sparc/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/sparc/Kconfig
932 --- linux-2.6.25/arch/sparc/Kconfig 2008-04-17 12:05:30.000000000 -0400
933 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc/Kconfig 2008-04-19 15:14:52.000000000 -0400
934 @@ -330,6 +330,8 @@ source "fs/Kconfig"
936 source "arch/sparc/Kconfig.debug"
938 +source "kernel/vserver/Kconfig"
940 source "security/Kconfig"
942 source "crypto/Kconfig"
943 diff -NurpP --minimal linux-2.6.25/arch/sparc/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/sparc/kernel/ptrace.c
944 --- linux-2.6.25/arch/sparc/kernel/ptrace.c 2008-04-17 12:05:30.000000000 -0400
945 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc/kernel/ptrace.c 2008-04-21 10:36:17.000000000 -0400
947 #include <linux/signal.h>
948 #include <linux/regset.h>
949 #include <linux/elf.h>
950 +#include <linux/vs_base.h>
952 #include <asm/pgtable.h>
953 #include <asm/system.h>
954 @@ -270,6 +271,10 @@ static int fpregs32_set(struct task_stru
958 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT)) {
959 + pt_error_return(regs, ESRCH);
964 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
965 diff -NurpP --minimal linux-2.6.25/arch/sparc/kernel/systbls.S linux-2.6.25-vs2.3.0.34.9/arch/sparc/kernel/systbls.S
966 --- linux-2.6.25/arch/sparc/kernel/systbls.S 2008-04-17 12:05:30.000000000 -0400
967 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc/kernel/systbls.S 2008-04-19 15:14:52.000000000 -0400
968 @@ -70,7 +70,7 @@ sys_call_table:
969 /*250*/ .long sparc_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nfsservctl
970 /*255*/ .long sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
971 /*260*/ .long sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
972 -/*265*/ .long sys_timer_delete, sys_timer_create, sys_nis_syscall, sys_io_setup, sys_io_destroy
973 +/*265*/ .long sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
974 /*270*/ .long sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
975 /*275*/ .long sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
976 /*280*/ .long sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
977 diff -NurpP --minimal linux-2.6.25/arch/sparc/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/sparc/kernel/traps.c
978 --- linux-2.6.25/arch/sparc/kernel/traps.c 2008-04-17 11:31:25.000000000 -0400
979 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
980 @@ -99,7 +99,8 @@ void die_if_kernel(char *str, struct pt_
984 - printk("%s(%d): %s [#%d]\n", current->comm, task_pid_nr(current), str, ++die_counter);
985 + printk("%s(%d[#%u]): %s [#%d]\n", current->comm,
986 + task_pid_nr(current), current->xid, str, ++die_counter);
988 add_taint(TAINT_DIE);
990 diff -NurpP --minimal linux-2.6.25/arch/sparc/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/sparc/mm/fault.c
991 --- linux-2.6.25/arch/sparc/mm/fault.c 2008-04-17 11:31:25.000000000 -0400
992 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
993 @@ -367,7 +367,8 @@ no_context:
996 up_read(&mm->mmap_sem);
997 - printk("VM: killing process %s\n", tsk->comm);
998 + printk("VM: killing process %s(%d:#%u)\n",
999 + tsk->comm, tsk->pid, tsk->xid);
1001 do_group_exit(SIGKILL);
1003 diff -NurpP --minimal linux-2.6.25/arch/sparc64/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/sparc64/Kconfig
1004 --- linux-2.6.25/arch/sparc64/Kconfig 2008-04-17 12:05:30.000000000 -0400
1005 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/Kconfig 2008-04-19 15:14:52.000000000 -0400
1006 @@ -471,6 +471,8 @@ source "fs/Kconfig"
1008 source "arch/sparc64/Kconfig.debug"
1010 +source "kernel/vserver/Kconfig"
1012 source "security/Kconfig"
1014 source "crypto/Kconfig"
1015 diff -NurpP --minimal linux-2.6.25/arch/sparc64/kernel/binfmt_aout32.c linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/binfmt_aout32.c
1016 --- linux-2.6.25/arch/sparc64/kernel/binfmt_aout32.c 2008-04-17 12:05:30.000000000 -0400
1017 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/binfmt_aout32.c 2008-04-19 15:14:52.000000000 -0400
1019 #include <linux/binfmts.h>
1020 #include <linux/personality.h>
1021 #include <linux/init.h>
1022 +#include <linux/vs_memory.h>
1024 #include <asm/system.h>
1025 #include <asm/uaccess.h>
1026 diff -NurpP --minimal linux-2.6.25/arch/sparc64/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/ptrace.c
1027 --- linux-2.6.25/arch/sparc64/kernel/ptrace.c 2008-04-17 12:05:30.000000000 -0400
1028 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/ptrace.c 2008-04-21 10:36:34.000000000 -0400
1030 #include <linux/regset.h>
1031 #include <linux/compat.h>
1032 #include <linux/elf.h>
1033 +#include <linux/vs_base.h>
1035 #include <asm/asi.h>
1036 #include <asm/pgtable.h>
1037 @@ -222,6 +223,10 @@ static int genregs64_get(struct task_str
1041 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT)) {
1042 + pt_error_return(regs, ESRCH);
1047 /* TSTATE, TPC, TNPC */
1048 diff -NurpP --minimal linux-2.6.25/arch/sparc64/kernel/sys_sparc32.c linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/sys_sparc32.c
1049 --- linux-2.6.25/arch/sparc64/kernel/sys_sparc32.c 2008-04-17 12:05:30.000000000 -0400
1050 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/sys_sparc32.c 2008-04-19 15:14:52.000000000 -0400
1051 @@ -722,7 +722,7 @@ asmlinkage long sys32_gettimeofday(struc
1055 - do_gettimeofday(&ktv);
1056 + vx_gettimeofday(&ktv);
1057 if (put_tv32(tv, &ktv))
1060 diff -NurpP --minimal linux-2.6.25/arch/sparc64/kernel/systbls.S linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/systbls.S
1061 --- linux-2.6.25/arch/sparc64/kernel/systbls.S 2008-04-17 12:05:30.000000000 -0400
1062 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/systbls.S 2008-04-19 15:14:52.000000000 -0400
1063 @@ -71,7 +71,7 @@ sys_call_table32:
1064 /*250*/ .word sys32_mremap, sys32_sysctl, sys32_getsid, sys_fdatasync, sys32_nfsservctl
1065 .word sys32_sync_file_range, compat_sys_clock_settime, compat_sys_clock_gettime, compat_sys_clock_getres, sys32_clock_nanosleep
1066 /*260*/ .word compat_sys_sched_getaffinity, compat_sys_sched_setaffinity, sys32_timer_settime, compat_sys_timer_gettime, sys_timer_getoverrun
1067 - .word sys_timer_delete, compat_sys_timer_create, sys_ni_syscall, compat_sys_io_setup, sys_io_destroy
1068 + .word sys_timer_delete, compat_sys_timer_create, sys32_vserver, compat_sys_io_setup, sys_io_destroy
1069 /*270*/ .word sys32_io_submit, sys_io_cancel, compat_sys_io_getevents, sys32_mq_open, sys_mq_unlink
1070 .word compat_sys_mq_timedsend, compat_sys_mq_timedreceive, compat_sys_mq_notify, compat_sys_mq_getsetattr, compat_sys_waitid
1071 /*280*/ .word sys32_tee, sys_add_key, sys_request_key, sys_keyctl, compat_sys_openat
1072 @@ -144,7 +144,7 @@ sys_call_table:
1073 /*250*/ .word sys64_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nfsservctl
1074 .word sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
1075 /*260*/ .word sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
1076 - .word sys_timer_delete, sys_timer_create, sys_ni_syscall, sys_io_setup, sys_io_destroy
1077 + .word sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
1078 /*270*/ .word sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
1079 .word sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
1080 /*280*/ .word sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
1081 diff -NurpP --minimal linux-2.6.25/arch/sparc64/kernel/traps.c linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/traps.c
1082 --- linux-2.6.25/arch/sparc64/kernel/traps.c 2008-04-17 12:05:30.000000000 -0400
1083 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
1084 @@ -2183,7 +2183,8 @@ void die_if_kernel(char *str, struct pt_
1088 - printk("%s(%d): %s [#%d]\n", current->comm, task_pid_nr(current), str, ++die_counter);
1089 + printk("%s(%d[#%u]): %s [#%d]\n", current->comm,
1090 + task_pid_nr(current), current->xid, str, ++die_counter);
1091 notify_die(DIE_OOPS, str, regs, 0, 255, SIGSEGV);
1092 __asm__ __volatile__("flushw");
1094 diff -NurpP --minimal linux-2.6.25/arch/sparc64/mm/fault.c linux-2.6.25-vs2.3.0.34.9/arch/sparc64/mm/fault.c
1095 --- linux-2.6.25/arch/sparc64/mm/fault.c 2008-04-17 12:05:30.000000000 -0400
1096 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
1097 @@ -453,7 +453,8 @@ handle_kernel_fault:
1099 insn = get_fault_insn(regs, insn);
1100 up_read(&mm->mmap_sem);
1101 - printk("VM: killing process %s\n", current->comm);
1102 + printk("VM: killing process %s(%d:#%u)\n",
1103 + current->comm, current->pid, current->xid);
1104 if (!(regs->tstate & TSTATE_PRIV))
1105 do_group_exit(SIGKILL);
1106 goto handle_kernel_fault;
1107 diff -NurpP --minimal linux-2.6.25/arch/sparc64/solaris/fs.c linux-2.6.25-vs2.3.0.34.9/arch/sparc64/solaris/fs.c
1108 --- linux-2.6.25/arch/sparc64/solaris/fs.c 2008-04-17 12:05:30.000000000 -0400
1109 +++ linux-2.6.25-vs2.3.0.34.9/arch/sparc64/solaris/fs.c 2008-04-19 15:14:52.000000000 -0400
1110 @@ -368,7 +368,7 @@ static int report_statvfs(struct vfsmoun
1114 - if (IS_RDONLY(inode)) i = 1;
1115 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt)) i = 1;
1116 if (mnt->mnt_flags & MNT_NOSUID) i |= 2;
1117 if (!sysv_valid_dev(inode->i_sb->s_dev))
1119 @@ -404,7 +404,7 @@ static int report_statvfs64(struct vfsmo
1123 - if (IS_RDONLY(inode)) i = 1;
1124 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt)) i = 1;
1125 if (mnt->mnt_flags & MNT_NOSUID) i |= 2;
1126 if (!sysv_valid_dev(inode->i_sb->s_dev))
1128 diff -NurpP --minimal linux-2.6.25/arch/um/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/um/Kconfig
1129 --- linux-2.6.25/arch/um/Kconfig 2008-04-17 12:05:30.000000000 -0400
1130 +++ linux-2.6.25-vs2.3.0.34.9/arch/um/Kconfig 2008-04-19 15:14:52.000000000 -0400
1131 @@ -245,6 +245,8 @@ source "drivers/connector/Kconfig"
1135 +source "kernel/vserver/Kconfig"
1137 source "security/Kconfig"
1139 source "crypto/Kconfig"
1140 diff -NurpP --minimal linux-2.6.25/arch/um/kernel/trap.c linux-2.6.25-vs2.3.0.34.9/arch/um/kernel/trap.c
1141 --- linux-2.6.25/arch/um/kernel/trap.c 2008-04-17 12:05:30.000000000 -0400
1142 +++ linux-2.6.25-vs2.3.0.34.9/arch/um/kernel/trap.c 2008-04-19 15:14:52.000000000 -0400
1143 @@ -215,7 +215,8 @@ unsigned long segv(struct faultinfo fi,
1144 current->thread.arch.faultinfo = fi;
1145 force_sig_info(SIGBUS, &si, current);
1146 } else if (err == -ENOMEM) {
1147 - printk(KERN_INFO "VM: killing process %s\n", current->comm);
1148 + printk(KERN_INFO "VM: killing process %s(%d:#%u)\n",
1149 + current->comm, task_pid_nr(current), current->xid);
1152 BUG_ON(err != -EFAULT);
1153 diff -NurpP --minimal linux-2.6.25/arch/v850/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/v850/Kconfig
1154 --- linux-2.6.25/arch/v850/Kconfig 2008-04-17 12:05:30.000000000 -0400
1155 +++ linux-2.6.25-vs2.3.0.34.9/arch/v850/Kconfig 2008-04-19 15:14:52.000000000 -0400
1156 @@ -344,6 +344,8 @@ source "drivers/usb/Kconfig"
1158 source "arch/v850/Kconfig.debug"
1160 +source "kernel/vserver/Kconfig"
1162 source "security/Kconfig"
1164 source "crypto/Kconfig"
1165 diff -NurpP --minimal linux-2.6.25/arch/v850/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/arch/v850/kernel/ptrace.c
1166 --- linux-2.6.25/arch/v850/kernel/ptrace.c 2008-04-17 10:37:14.000000000 -0400
1167 +++ linux-2.6.25-vs2.3.0.34.9/arch/v850/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
1169 #include <linux/sched.h>
1170 #include <linux/ptrace.h>
1171 #include <linux/signal.h>
1172 +#include <linux/vs_base.h>
1174 #include <asm/errno.h>
1175 #include <asm/ptrace.h>
1176 @@ -116,6 +117,9 @@ long arch_ptrace(struct task_struct *chi
1180 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
1186 diff -NurpP --minimal linux-2.6.25/arch/x86/ia32/ia32entry.S linux-2.6.25-vs2.3.0.34.9/arch/x86/ia32/ia32entry.S
1187 --- linux-2.6.25/arch/x86/ia32/ia32entry.S 2008-04-17 12:05:30.000000000 -0400
1188 +++ linux-2.6.25-vs2.3.0.34.9/arch/x86/ia32/ia32entry.S 2008-04-22 20:07:49.000000000 -0400
1189 @@ -673,7 +673,7 @@ ia32_sys_call_table:
1190 .quad sys_tgkill /* 270 */
1191 .quad compat_sys_utimes
1192 .quad sys32_fadvise64_64
1193 - .quad quiet_ni_syscall /* sys_vserver */
1194 + .quad sys32_vserver
1196 .quad compat_sys_get_mempolicy /* 275 */
1197 .quad sys_set_mempolicy
1198 diff -NurpP --minimal linux-2.6.25/arch/x86/Kconfig linux-2.6.25-vs2.3.0.34.9/arch/x86/Kconfig
1199 --- linux-2.6.25/arch/x86/Kconfig 2008-04-17 12:05:30.000000000 -0400
1200 +++ linux-2.6.25-vs2.3.0.34.9/arch/x86/Kconfig 2008-04-19 15:14:52.000000000 -0400
1201 @@ -1611,6 +1611,8 @@ source "fs/Kconfig"
1203 source "arch/x86/Kconfig.debug"
1205 +source "kernel/vserver/Kconfig"
1207 source "security/Kconfig"
1209 source "crypto/Kconfig"
1210 diff -NurpP --minimal linux-2.6.25/arch/x86/kernel/syscall_table_32.S linux-2.6.25-vs2.3.0.34.9/arch/x86/kernel/syscall_table_32.S
1211 --- linux-2.6.25/arch/x86/kernel/syscall_table_32.S 2008-04-17 12:05:30.000000000 -0400
1212 +++ linux-2.6.25-vs2.3.0.34.9/arch/x86/kernel/syscall_table_32.S 2008-04-19 15:14:52.000000000 -0400
1213 @@ -272,7 +272,7 @@ ENTRY(sys_call_table)
1214 .long sys_tgkill /* 270 */
1216 .long sys_fadvise64_64
1217 - .long sys_ni_syscall /* sys_vserver */
1220 .long sys_get_mempolicy
1221 .long sys_set_mempolicy
1222 diff -NurpP --minimal linux-2.6.25/Documentation/vserver/debug.txt linux-2.6.25-vs2.3.0.34.9/Documentation/vserver/debug.txt
1223 --- linux-2.6.25/Documentation/vserver/debug.txt 1969-12-31 19:00:00.000000000 -0500
1224 +++ linux-2.6.25-vs2.3.0.34.9/Documentation/vserver/debug.txt 2008-04-19 15:14:51.000000000 -0400
1229 + 2 4 "vx_map_tgid: %p/%llx: %d -> %d"
1230 + "vx_rmap_tgid: %p/%llx: %d -> %d"
1234 + 0 1 "ALLOC (%p,#%d)%c inode (%d)"
1235 + "FREE (%p,#%d)%c inode"
1236 + 1 2 "ALLOC (%p,#%d)%c %lld bytes (%d)"
1237 + "FREE (%p,#%d)%c %lld bytes"
1238 + 2 4 "ADJUST: %lld,%lld on %ld,%ld [mult=%d]"
1239 + 3 8 "ext3_has_free_blocks(%p): %lu<%lu+1, %c, %u!=%u r=%d"
1240 + "ext3_has_free_blocks(%p): free=%lu, root=%lu"
1241 + "rcu_free_dl_info(%p)"
1242 + 4 10 "alloc_dl_info(%p,%d) = %p"
1243 + "dealloc_dl_info(%p)"
1244 + "get_dl_info(%p[#%d.%d])"
1245 + "put_dl_info(%p[#%d.%d])"
1246 + 5 20 "alloc_dl_info(%p,%d)*"
1247 + 6 40 "__hash_dl_info: %p[#%d]"
1248 + "__unhash_dl_info: %p[#%d]"
1249 + 7 80 "locate_dl_info(%p,#%d) = %p"
1253 + 0 1 "destroy_dqhash: %p [#0x%08x] c=%d"
1254 + "new_dqhash: %p [#0x%08x]"
1255 + "vroot[%d]_clr_dev: dev=%p[%lu,%d:%d]"
1256 + "vroot[%d]_get_real_bdev: dev=%p[%lu,%d:%d]"
1257 + "vroot[%d]_set_dev: dev=%p[%lu,%d:%d]"
1258 + "vroot_get_real_bdev not set"
1259 + 1 2 "cow_break_link(»%s«)"
1260 + "temp copy »%s«"
1261 + 2 4 "dentry_open(new): %p"
1262 + "dentry_open(old): %p"
1263 + "lookup_create(new): %p"
1265 + "path_lookup(old): %d"
1266 + "vfs_create(new): %d"
1268 + "vfs_sendfile: %d"
1269 + 3 8 "fput(new_file=%p[#%d])"
1270 + "fput(old_file=%p[#%d])"
1271 + 4 10 "vx_info_kill(%p[#%d],%d,%d) = %d"
1272 + "vx_info_kill(%p[#%d],%d,%d)*"
1273 + 5 20 "vs_reboot(%p[#%d],%d)"
1274 + 6 40 "dropping task %p[#%u,%u] for %p[#%u,%u]"
1278 + 2 4 "nx_addr_conflict(%p,%p) %d.%d,%d.%d"
1279 + 3 8 "inet_bind(%p) %d.%d.%d.%d, %d.%d.%d.%d, %d.%d.%d.%d"
1280 + "inet_bind(%p)* %p,%p;%lx %d.%d.%d.%d"
1281 + 4 10 "ip_route_connect(%p) %p,%p;%lx"
1282 + 5 20 "__addr_in_socket(%p,%d.%d.%d.%d) %p:%d.%d.%d.%d %p;%lx"
1283 + 6 40 "sk,egf: %p [#%d] (from %d)"
1284 + "sk,egn: %p [#%d] (from %d)"
1285 + "sk,req: %p [#%d] (from %d)"
1286 + "sk: %p [#%d] (from %d)"
1287 + "tw: %p [#%d] (from %d)"
1288 + 7 80 "__sock_recvmsg: %p[%p,%p,%p;%d]:%d/%d"
1289 + "__sock_sendmsg: %p[%p,%p,%p;%d]:%d/%d"
1293 + 0 1 "__lookup_nx_info(#%u): %p[#%u]"
1294 + "alloc_nx_info(%d) = %p"
1295 + "create_nx_info(%d) (dynamic rejected)"
1296 + "create_nx_info(%d) = %p (already there)"
1297 + "create_nx_info(%d) = %p (new)"
1298 + "dealloc_nx_info(%p)"
1299 + 1 2 "alloc_nx_info(%d)*"
1300 + "create_nx_info(%d)*"
1301 + 2 4 "get_nx_info(%p[#%d.%d])"
1302 + "put_nx_info(%p[#%d.%d])"
1303 + 3 8 "claim_nx_info(%p[#%d.%d.%d]) %p"
1304 + "clr_nx_info(%p[#%d.%d])"
1305 + "init_nx_info(%p[#%d.%d])"
1306 + "release_nx_info(%p[#%d.%d.%d]) %p"
1307 + "set_nx_info(%p[#%d.%d])"
1308 + 4 10 "__hash_nx_info: %p[#%d]"
1309 + "__nx_dynamic_id: [#%d]"
1310 + "__unhash_nx_info: %p[#%d.%d.%d]"
1311 + 5 20 "moved task %p into nxi:%p[#%d]"
1312 + "nx_migrate_task(%p,%p[#%d.%d.%d])"
1313 + "task_get_nx_info(%p)"
1314 + 6 40 "nx_clear_persistent(%p[#%d])"
1318 + 0 1 "quota_sync_dqh(%p,%d) discard inode %p"
1319 + 1 2 "quota_sync_dqh(%p,%d)"
1320 + "sync_dquots(%p,%d)"
1321 + "sync_dquots_dqh(%p,%d)"
1322 + 3 8 "do_quotactl(%p,%d,cmd=%d,id=%d,%p)"
1326 + 0 1 "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]"
1327 + 1 2 "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]"
1328 + 4 10 "%s: (%s %s) returned %s with %d"
1332 + 7 80 "dx_parse_tag(»%s«): %d:#%d"
1333 + "dx_propagate_tag(%p[#%lu.%d]): %d,%d"
1337 + 0 1 "__lookup_vx_info(#%u): %p[#%u]"
1338 + "alloc_vx_info(%d) = %p"
1339 + "alloc_vx_info(%d)*"
1340 + "create_vx_info(%d) (dynamic rejected)"
1341 + "create_vx_info(%d) = %p (already there)"
1342 + "create_vx_info(%d) = %p (new)"
1343 + "dealloc_vx_info(%p)"
1344 + "loc_vx_info(%d) = %p (found)"
1345 + "loc_vx_info(%d) = %p (new)"
1346 + "loc_vx_info(%d) = %p (not available)"
1347 + 1 2 "create_vx_info(%d)*"
1348 + "loc_vx_info(%d)*"
1349 + 2 4 "get_vx_info(%p[#%d.%d])"
1350 + "put_vx_info(%p[#%d.%d])"
1351 + 3 8 "claim_vx_info(%p[#%d.%d.%d]) %p"
1352 + "clr_vx_info(%p[#%d.%d])"
1353 + "init_vx_info(%p[#%d.%d])"
1354 + "release_vx_info(%p[#%d.%d.%d]) %p"
1355 + "set_vx_info(%p[#%d.%d])"
1356 + 4 10 "__hash_vx_info: %p[#%d]"
1357 + "__unhash_vx_info: %p[#%d.%d.%d]"
1358 + "__vx_dynamic_id: [#%d]"
1359 + 5 20 "enter_vx_info(%p[#%d],%p) %p[#%d,%p]"
1360 + "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]"
1361 + "moved task %p into vxi:%p[#%d]"
1362 + "task_get_vx_info(%p)"
1363 + "vx_migrate_task(%p,%p[#%d.%d])"
1364 + 6 40 "vx_clear_persistent(%p[#%d])"
1365 + "vx_exit_init(%p[#%d],%p[#%d,%d,%d])"
1366 + "vx_set_init(%p[#%d],%p[#%d,%d,%d])"
1367 + "vx_set_persistent(%p[#%d])"
1368 + "vx_set_reaper(%p[#%d],%p[#%d,%d])"
1369 + 7 80 "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]"
1374 + n 2^n "vx_acc_cres[%5d,%s,%2d]: %5d%s"
1375 + "vx_cres_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
1377 + m 2^m "vx_acc_page[%5d,%s,%2d]: %5d%s"
1378 + "vx_acc_pages[%5d,%s,%2d]: %5d += %5d"
1379 + "vx_pages_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
1380 diff -NurpP --minimal linux-2.6.25/drivers/block/Kconfig linux-2.6.25-vs2.3.0.34.9/drivers/block/Kconfig
1381 --- linux-2.6.25/drivers/block/Kconfig 2008-04-17 12:05:31.000000000 -0400
1382 +++ linux-2.6.25-vs2.3.0.34.9/drivers/block/Kconfig 2008-04-19 15:14:52.000000000 -0400
1383 @@ -263,6 +263,13 @@ config BLK_DEV_CRYPTOLOOP
1384 instead, which can be configured to be on-disk compatible with the
1387 +config BLK_DEV_VROOT
1388 + tristate "Virtual Root device support"
1389 + depends on QUOTACTL
1391 + Saying Y here will allow you to use quota/fs ioctls on a shared
1392 + partition within a virtual server without compromising security.
1395 tristate "Network block device support"
1397 diff -NurpP --minimal linux-2.6.25/drivers/block/loop.c linux-2.6.25-vs2.3.0.34.9/drivers/block/loop.c
1398 --- linux-2.6.25/drivers/block/loop.c 2008-04-17 12:05:32.000000000 -0400
1399 +++ linux-2.6.25-vs2.3.0.34.9/drivers/block/loop.c 2008-04-19 15:14:52.000000000 -0400
1401 #include <linux/gfp.h>
1402 #include <linux/kthread.h>
1403 #include <linux/splice.h>
1404 +#include <linux/vs_context.h>
1406 #include <asm/uaccess.h>
1408 @@ -789,6 +790,7 @@ static int loop_set_fd(struct loop_devic
1409 lo->lo_blocksize = lo_blocksize;
1410 lo->lo_device = bdev;
1411 lo->lo_flags = lo_flags;
1412 + lo->lo_xid = vx_current_xid();
1413 lo->lo_backing_file = file;
1414 lo->transfer = transfer_none;
1416 @@ -908,6 +910,7 @@ static int loop_clr_fd(struct loop_devic
1417 lo->lo_encrypt_key_size = 0;
1419 lo->lo_thread = NULL;
1421 memset(lo->lo_encrypt_key, 0, LO_KEY_SIZE);
1422 memset(lo->lo_crypt_name, 0, LO_NAME_SIZE);
1423 memset(lo->lo_file_name, 0, LO_NAME_SIZE);
1424 @@ -929,7 +932,7 @@ loop_set_status(struct loop_device *lo,
1425 struct loop_func_table *xfer;
1427 if (lo->lo_encrypt_key_size && lo->lo_key_owner != current->uid &&
1428 - !capable(CAP_SYS_ADMIN))
1429 + !vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP))
1431 if (lo->lo_state != Lo_bound)
1433 @@ -1013,7 +1016,8 @@ loop_get_status(struct loop_device *lo,
1434 memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE);
1435 info->lo_encrypt_type =
1436 lo->lo_encryption ? lo->lo_encryption->number : 0;
1437 - if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) {
1438 + if (lo->lo_encrypt_key_size &&
1439 + vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP)) {
1440 info->lo_encrypt_key_size = lo->lo_encrypt_key_size;
1441 memcpy(info->lo_encrypt_key, lo->lo_encrypt_key,
1442 lo->lo_encrypt_key_size);
1443 @@ -1322,6 +1326,9 @@ static int lo_open(struct inode *inode,
1445 struct loop_device *lo = inode->i_bdev->bd_disk->private_data;
1447 + if (!vx_check(lo->lo_xid, VS_IDENT|VS_HOSTID|VS_ADMIN_P))
1450 mutex_lock(&lo->lo_ctl_mutex);
1452 mutex_unlock(&lo->lo_ctl_mutex);
1453 diff -NurpP --minimal linux-2.6.25/drivers/block/Makefile linux-2.6.25-vs2.3.0.34.9/drivers/block/Makefile
1454 --- linux-2.6.25/drivers/block/Makefile 2008-04-17 12:05:31.000000000 -0400
1455 +++ linux-2.6.25-vs2.3.0.34.9/drivers/block/Makefile 2008-04-19 15:14:52.000000000 -0400
1456 @@ -29,5 +29,6 @@ obj-$(CONFIG_VIRTIO_BLK) += virtio_blk.o
1457 obj-$(CONFIG_VIODASD) += viodasd.o
1458 obj-$(CONFIG_BLK_DEV_SX8) += sx8.o
1459 obj-$(CONFIG_BLK_DEV_UB) += ub.o
1460 +obj-$(CONFIG_BLK_DEV_VROOT) += vroot.o
1462 obj-$(CONFIG_XEN_BLKDEV_FRONTEND) += xen-blkfront.o
1463 diff -NurpP --minimal linux-2.6.25/drivers/block/vroot.c linux-2.6.25-vs2.3.0.34.9/drivers/block/vroot.c
1464 --- linux-2.6.25/drivers/block/vroot.c 1969-12-31 19:00:00.000000000 -0500
1465 +++ linux-2.6.25-vs2.3.0.34.9/drivers/block/vroot.c 2008-04-19 15:14:52.000000000 -0400
1468 + * linux/drivers/block/vroot.c
1470 + * written by Herbert Pötzl, 9/11/2002
1471 + * ported to 2.6.10 by Herbert Pötzl, 30/12/2004
1473 + * based on the loop.c code by Theodore Ts'o.
1475 + * Copyright (C) 2002-2007 by Herbert Pötzl.
1476 + * Redistribution of this file is permitted under the
1477 + * GNU General Public License.
1481 +#include <linux/module.h>
1482 +#include <linux/moduleparam.h>
1483 +#include <linux/file.h>
1484 +#include <linux/major.h>
1485 +#include <linux/blkdev.h>
1487 +#include <linux/vroot.h>
1488 +#include <linux/vs_context.h>
1491 +static int max_vroot = 8;
1493 +static struct vroot_device *vroot_dev;
1494 +static struct gendisk **disks;
1497 +static int vroot_set_dev(
1498 + struct vroot_device *vr,
1499 + struct file *vr_file,
1500 + struct block_device *bdev,
1503 + struct block_device *real_bdev;
1504 + struct file *file;
1505 + struct inode *inode;
1509 + if (vr->vr_state != Vr_unbound)
1518 + inode = file->f_dentry->d_inode;
1521 + if (S_ISBLK(inode->i_mode)) {
1522 + real_bdev = inode->i_bdev;
1523 + vr->vr_device = real_bdev;
1524 + __iget(real_bdev->bd_inode);
1528 + vxdprintk(VXD_CBIT(misc, 0),
1529 + "vroot[%d]_set_dev: dev=" VXF_DEV,
1530 + vr->vr_number, VXD_DEV(real_bdev));
1532 + vr->vr_state = Vr_bound;
1541 +static int vroot_clr_dev(
1542 + struct vroot_device *vr,
1543 + struct file *vr_file,
1544 + struct block_device *bdev)
1546 + struct block_device *real_bdev;
1548 + if (vr->vr_state != Vr_bound)
1550 + if (vr->vr_refcnt > 1) /* we needed one fd for the ioctl */
1553 + real_bdev = vr->vr_device;
1555 + vxdprintk(VXD_CBIT(misc, 0),
1556 + "vroot[%d]_clr_dev: dev=" VXF_DEV,
1557 + vr->vr_number, VXD_DEV(real_bdev));
1560 + vr->vr_state = Vr_unbound;
1561 + vr->vr_device = NULL;
1566 +static int vr_ioctl(struct inode *inode, struct file *file,
1567 + unsigned int cmd, unsigned long arg)
1569 + struct vroot_device *vr = inode->i_bdev->bd_disk->private_data;
1572 + down(&vr->vr_ctl_mutex);
1574 + case VROOT_SET_DEV:
1575 + err = vroot_set_dev(vr, file, inode->i_bdev, arg);
1577 + case VROOT_CLR_DEV:
1578 + err = vroot_clr_dev(vr, file, inode->i_bdev);
1584 + up(&vr->vr_ctl_mutex);
1588 +static int vr_open(struct inode *inode, struct file *file)
1590 + struct vroot_device *vr = inode->i_bdev->bd_disk->private_data;
1592 + down(&vr->vr_ctl_mutex);
1594 + up(&vr->vr_ctl_mutex);
1598 +static int vr_release(struct inode *inode, struct file *file)
1600 + struct vroot_device *vr = inode->i_bdev->bd_disk->private_data;
1602 + down(&vr->vr_ctl_mutex);
1604 + up(&vr->vr_ctl_mutex);
1608 +static struct block_device_operations vr_fops = {
1609 + .owner = THIS_MODULE,
1611 + .release = vr_release,
1612 + .ioctl = vr_ioctl,
1615 +struct block_device *__vroot_get_real_bdev(struct block_device *bdev)
1617 + struct inode *inode = bdev->bd_inode;
1618 + struct vroot_device *vr;
1619 + struct block_device *real_bdev;
1620 + int minor = iminor(inode);
1622 + vr = &vroot_dev[minor];
1623 + real_bdev = vr->vr_device;
1625 + vxdprintk(VXD_CBIT(misc, 0),
1626 + "vroot[%d]_get_real_bdev: dev=" VXF_DEV,
1627 + vr->vr_number, VXD_DEV(real_bdev));
1629 + if (vr->vr_state != Vr_bound)
1630 + return ERR_PTR(-ENXIO);
1632 + __iget(real_bdev->bd_inode);
1637 + * And now the modules code and kernel interface.
1640 +module_param(max_vroot, int, 0);
1642 +MODULE_PARM_DESC(max_vroot, "Maximum number of vroot devices (1-256)");
1643 +MODULE_LICENSE("GPL");
1644 +MODULE_ALIAS_BLOCKDEV_MAJOR(VROOT_MAJOR);
1646 +MODULE_AUTHOR ("Herbert Pötzl");
1647 +MODULE_DESCRIPTION ("Virtual Root Device Mapper");
1650 +int __init vroot_init(void)
1654 + if (max_vroot < 1 || max_vroot > 256) {
1655 + max_vroot = MAX_VROOT_DEFAULT;
1656 + printk(KERN_WARNING "vroot: invalid max_vroot "
1657 + "(must be between 1 and 256), "
1658 + "using default (%d)\n", max_vroot);
1661 + if (register_blkdev(VROOT_MAJOR, "vroot"))
1665 + vroot_dev = kmalloc(max_vroot * sizeof(struct vroot_device), GFP_KERNEL);
1668 + memset(vroot_dev, 0, max_vroot * sizeof(struct vroot_device));
1670 + disks = kmalloc(max_vroot * sizeof(struct gendisk *), GFP_KERNEL);
1674 + for (i = 0; i < max_vroot; i++) {
1675 + disks[i] = alloc_disk(1);
1680 + for (i = 0; i < max_vroot; i++) {
1681 + struct vroot_device *vr = &vroot_dev[i];
1682 + struct gendisk *disk = disks[i];
1684 + memset(vr, 0, sizeof(*vr));
1685 + init_MUTEX(&vr->vr_ctl_mutex);
1686 + vr->vr_number = i;
1687 + disk->major = VROOT_MAJOR;
1688 + disk->first_minor = i;
1689 + disk->fops = &vr_fops;
1690 + sprintf(disk->disk_name, "vroot%d", i);
1691 + disk->private_data = vr;
1694 + err = register_vroot_grb(&__vroot_get_real_bdev);
1698 + for (i = 0; i < max_vroot; i++)
1699 + add_disk(disks[i]);
1700 + printk(KERN_INFO "vroot: loaded (max %d devices)\n", max_vroot);
1705 + put_disk(disks[i]);
1710 + unregister_blkdev(VROOT_MAJOR, "vroot");
1711 + printk(KERN_ERR "vroot: ran out of memory\n");
1715 +void vroot_exit(void)
1719 + if (unregister_vroot_grb(&__vroot_get_real_bdev))
1720 + printk(KERN_WARNING "vroot: cannot unregister grb\n");
1722 + for (i = 0; i < max_vroot; i++) {
1723 + del_gendisk(disks[i]);
1724 + put_disk(disks[i]);
1726 + unregister_blkdev(VROOT_MAJOR, "vroot");
1732 +module_init(vroot_init);
1733 +module_exit(vroot_exit);
1737 +static int __init max_vroot_setup(char *str)
1739 + max_vroot = simple_strtol(str, NULL, 0);
1743 +__setup("max_vroot=", max_vroot_setup);
1747 diff -NurpP --minimal linux-2.6.25/drivers/char/sysrq.c linux-2.6.25-vs2.3.0.34.9/drivers/char/sysrq.c
1748 --- linux-2.6.25/drivers/char/sysrq.c 2008-04-17 11:31:27.000000000 -0400
1749 +++ linux-2.6.25-vs2.3.0.34.9/drivers/char/sysrq.c 2008-04-19 15:14:52.000000000 -0400
1751 #include <linux/irq.h>
1752 #include <linux/hrtimer.h>
1753 #include <linux/oom.h>
1754 +#include <linux/vserver/debug.h>
1756 #include <asm/ptrace.h>
1757 #include <asm/irq_regs.h>
1758 @@ -310,6 +311,21 @@ static struct sysrq_key_op sysrq_unrt_op
1759 .enable_mask = SYSRQ_ENABLE_RTNICE,
1763 +#ifdef CONFIG_VSERVER_DEBUG
1764 +static void sysrq_handle_vxinfo(int key, struct tty_struct *tty)
1766 + dump_vx_info_inactive((key == 'x')?0:1);
1769 +static struct sysrq_key_op sysrq_showvxinfo_op = {
1770 + .handler = sysrq_handle_vxinfo,
1771 + .help_msg = "conteXt",
1772 + .action_msg = "Show Context Info",
1773 + .enable_mask = SYSRQ_ENABLE_DUMP,
1777 /* Key Operations table and lock */
1778 static DEFINE_SPINLOCK(sysrq_key_table_lock);
1780 @@ -358,7 +374,11 @@ static struct sysrq_key_op *sysrq_key_ta
1781 /* x: May be registered on ppc/powerpc for xmon */
1785 +#ifdef CONFIG_VSERVER_DEBUG
1786 + &sysrq_showvxinfo_op, /* z */
1792 /* key2index calculation, -1 on invalid index */
1793 @@ -370,6 +390,8 @@ static int sysrq_key_table_key2index(int
1795 else if ((key >= 'a') && (key <= 'z'))
1796 retval = key + 10 - 'a';
1797 + else if ((key >= 'A') && (key <= 'Z'))
1798 + retval = key + 10 - 'A';
1802 diff -NurpP --minimal linux-2.6.25/drivers/char/tty_io.c linux-2.6.25-vs2.3.0.34.9/drivers/char/tty_io.c
1803 --- linux-2.6.25/drivers/char/tty_io.c 2008-04-17 12:05:32.000000000 -0400
1804 +++ linux-2.6.25-vs2.3.0.34.9/drivers/char/tty_io.c 2008-04-19 15:14:52.000000000 -0400
1807 #include <linux/kmod.h>
1808 #include <linux/nsproxy.h>
1809 +#include <linux/vs_pid.h>
1811 #undef TTY_DEBUG_HANGUP
1813 @@ -3142,6 +3143,7 @@ static int tiocspgrp(struct tty_struct *
1815 if (get_user(pgrp_nr, p))
1817 + pgrp_nr = vx_rmap_pid(pgrp_nr);
1821 diff -NurpP --minimal linux-2.6.25/drivers/infiniband/hw/ipath/ipath_user_pages.c linux-2.6.25-vs2.3.0.34.9/drivers/infiniband/hw/ipath/ipath_user_pages.c
1822 --- linux-2.6.25/drivers/infiniband/hw/ipath/ipath_user_pages.c 2008-04-17 10:37:17.000000000 -0400
1823 +++ linux-2.6.25-vs2.3.0.34.9/drivers/infiniband/hw/ipath/ipath_user_pages.c 2008-04-19 15:14:52.000000000 -0400
1826 #include <linux/mm.h>
1827 #include <linux/device.h>
1828 +#include <linux/vs_memory.h>
1830 #include "ipath_kernel.h"
1832 @@ -61,7 +62,8 @@ static int __get_user_pages(unsigned lon
1833 lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur >>
1836 - if (num_pages > lock_limit) {
1837 + if (num_pages > lock_limit ||
1838 + !vx_vmlocked_avail(current->mm, num_pages)) {
1842 @@ -78,7 +80,7 @@ static int __get_user_pages(unsigned lon
1846 - current->mm->locked_vm += num_pages;
1847 + vx_vmlocked_add(current->mm, num_pages);
1851 @@ -177,7 +179,7 @@ void ipath_release_user_pages(struct pag
1853 __ipath_release_user_pages(p, num_pages, 1);
1855 - current->mm->locked_vm -= num_pages;
1856 + vx_vmlocked_sub(current->mm, num_pages);
1858 up_write(¤t->mm->mmap_sem);
1860 @@ -194,7 +196,7 @@ static void user_pages_account(struct wo
1861 container_of(_work, struct ipath_user_pages_work, work);
1863 down_write(&work->mm->mmap_sem);
1864 - work->mm->locked_vm -= work->num_pages;
1865 + vx_vmlocked_sub(work->mm, work->num_pages);
1866 up_write(&work->mm->mmap_sem);
1869 diff -NurpP --minimal linux-2.6.25/drivers/md/dm.c linux-2.6.25-vs2.3.0.34.9/drivers/md/dm.c
1870 --- linux-2.6.25/drivers/md/dm.c 2008-04-17 12:05:33.000000000 -0400
1871 +++ linux-2.6.25-vs2.3.0.34.9/drivers/md/dm.c 2008-04-19 15:14:52.000000000 -0400
1873 #include <linux/hdreg.h>
1874 #include <linux/blktrace_api.h>
1875 #include <linux/smp_lock.h>
1876 +#include <linux/vs_base.h>
1878 #define DM_MSG_PREFIX "core"
1880 @@ -91,6 +92,7 @@ struct mapped_device {
1883 atomic_t open_count;
1886 unsigned long flags;
1888 @@ -250,6 +252,7 @@ static void __exit dm_exit(void)
1889 static int dm_blk_open(struct inode *inode, struct file *file)
1891 struct mapped_device *md;
1894 spin_lock(&_minor_lock);
1896 @@ -258,18 +261,19 @@ static int dm_blk_open(struct inode *ino
1899 if (test_bit(DMF_FREEING, &md->flags) ||
1900 - test_bit(DMF_DELETING, &md->flags)) {
1902 + test_bit(DMF_DELETING, &md->flags))
1906 + if (!vx_check(md->xid, VS_IDENT|VS_HOSTID))
1911 atomic_inc(&md->open_count);
1915 spin_unlock(&_minor_lock);
1917 - return md ? 0 : -ENXIO;
1921 static int dm_blk_close(struct inode *inode, struct file *file)
1922 @@ -465,6 +469,14 @@ int dm_set_geometry(struct mapped_device
1927 + * Get the xid associated with a dm device
1929 +xid_t dm_get_xid(struct mapped_device *md)
1934 /*-----------------------------------------------------------------
1936 * A more elegant soln is in the works that uses the queue
1937 @@ -1022,6 +1034,7 @@ static struct mapped_device *alloc_dev(i
1938 INIT_LIST_HEAD(&md->uevent_list);
1939 spin_lock_init(&md->uevent_lock);
1941 + md->xid = vx_current_xid();
1942 md->queue = blk_alloc_queue(GFP_KERNEL);
1945 diff -NurpP --minimal linux-2.6.25/drivers/md/dm.h linux-2.6.25-vs2.3.0.34.9/drivers/md/dm.h
1946 --- linux-2.6.25/drivers/md/dm.h 2008-04-17 11:31:28.000000000 -0400
1947 +++ linux-2.6.25-vs2.3.0.34.9/drivers/md/dm.h 2008-04-19 15:14:52.000000000 -0400
1948 @@ -127,6 +127,8 @@ void dm_put_target_type(struct target_ty
1949 int dm_target_iterate(void (*iter_func)(struct target_type *tt,
1950 void *param), void *param);
1952 +xid_t dm_get_xid(struct mapped_device *md);
1954 /*-----------------------------------------------------------------
1956 *---------------------------------------------------------------*/
1957 diff -NurpP --minimal linux-2.6.25/drivers/md/dm-ioctl.c linux-2.6.25-vs2.3.0.34.9/drivers/md/dm-ioctl.c
1958 --- linux-2.6.25/drivers/md/dm-ioctl.c 2008-04-17 12:05:33.000000000 -0400
1959 +++ linux-2.6.25-vs2.3.0.34.9/drivers/md/dm-ioctl.c 2008-04-21 10:45:53.000000000 -0400
1961 #include <linux/dm-ioctl.h>
1962 #include <linux/hdreg.h>
1963 #include <linux/compat.h>
1964 +#include <linux/vs_context.h>
1966 #include <asm/uaccess.h>
1968 @@ -101,7 +102,8 @@ static struct hash_cell *__get_name_cell
1969 unsigned int h = hash_str(str);
1971 list_for_each_entry (hc, _name_buckets + h, name_list)
1972 - if (!strcmp(hc->name, str)) {
1973 + if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
1974 + !strcmp(hc->name, str)) {
1978 @@ -115,7 +117,8 @@ static struct hash_cell *__get_uuid_cell
1979 unsigned int h = hash_str(str);
1981 list_for_each_entry (hc, _uuid_buckets + h, uuid_list)
1982 - if (!strcmp(hc->uuid, str)) {
1983 + if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
1984 + !strcmp(hc->uuid, str)) {
1988 @@ -352,6 +355,9 @@ typedef int (*ioctl_fn)(struct dm_ioctl
1990 static int remove_all(struct dm_ioctl *param, size_t param_size)
1992 + if (!vx_check(0, VS_ADMIN))
1995 dm_hash_remove_all(1);
1996 param->data_size = 0;
1998 @@ -399,6 +405,8 @@ static int list_devices(struct dm_ioctl
2000 for (i = 0; i < NUM_BUCKETS; i++) {
2001 list_for_each_entry (hc, _name_buckets + i, name_list) {
2002 + if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
2004 needed += sizeof(struct dm_name_list);
2005 needed += strlen(hc->name) + 1;
2006 needed += ALIGN_MASK;
2007 @@ -422,6 +430,8 @@ static int list_devices(struct dm_ioctl
2009 for (i = 0; i < NUM_BUCKETS; i++) {
2010 list_for_each_entry (hc, _name_buckets + i, name_list) {
2011 + if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
2014 old_nl->next = (uint32_t) ((void *) nl -
2016 @@ -612,10 +622,11 @@ static struct hash_cell *__find_device_h
2020 - mdptr = dm_get_mdptr(md);
2021 + if (vx_check(dm_get_xid(md), VS_WATCH_P | VS_IDENT))
2022 + mdptr = dm_get_mdptr(md);
2030 @@ -1406,8 +1417,8 @@ static int ctl_ioctl(uint command, struc
2034 - /* only root can play with this */
2035 - if (!capable(CAP_SYS_ADMIN))
2036 + /* only root and certain contexts can play with this */
2037 + if (!vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_MAPPER))
2040 if (_IOC_TYPE(command) != DM_IOCTL)
2041 diff -NurpP --minimal linux-2.6.25/drivers/net/tun.c linux-2.6.25-vs2.3.0.34.9/drivers/net/tun.c
2042 --- linux-2.6.25/drivers/net/tun.c 2008-04-17 12:05:36.000000000 -0400
2043 +++ linux-2.6.25-vs2.3.0.34.9/drivers/net/tun.c 2008-04-19 15:39:04.000000000 -0400
2045 #include <linux/if_ether.h>
2046 #include <linux/if_tun.h>
2047 #include <linux/crc32.h>
2048 +#include <linux/vs_network.h>
2049 #include <net/net_namespace.h>
2051 #include <asm/system.h>
2052 @@ -86,6 +87,7 @@ struct tun_struct {
2058 wait_queue_head_t read_wait;
2059 struct sk_buff_head readq;
2060 @@ -465,6 +467,7 @@ static void tun_setup(struct net_device
2064 + tun->nid = current->nid;
2066 dev->open = tun_net_open;
2067 dev->hard_start_xmit = tun_net_xmit;
2068 @@ -494,6 +497,9 @@ static int tun_set_iff(struct file *file
2070 tun = tun_get_by_name(ifr->ifr_name);
2072 + if (!nx_check(tun->nid, VS_IDENT | VS_HOSTID | VS_ADMIN_P))
2078 @@ -502,7 +508,7 @@ static int tun_set_iff(struct file *file
2079 current->euid != tun->owner) ||
2080 (tun->group != -1 &&
2081 current->egid != tun->group)) &&
2082 - !capable(CAP_NET_ADMIN))
2083 + !cap_raised(current->cap_effective, CAP_NET_ADMIN))
2086 else if (__dev_get_by_name(&init_net, ifr->ifr_name))
2087 @@ -513,7 +519,7 @@ static int tun_set_iff(struct file *file
2091 - if (!capable(CAP_NET_ADMIN))
2092 + if (!nx_capable(CAP_NET_ADMIN, NXC_TUN_CREATE))
2096 @@ -656,6 +662,16 @@ static int tun_chr_ioctl(struct inode *i
2097 DBG(KERN_INFO "%s: group set to %d\n", tun->dev->name, tun->group);
2101 + if (!capable(CAP_CONTEXT))
2104 + /* Set nid owner of the device */
2105 + tun->nid = (nid_t) arg;
2107 + DBG(KERN_INFO "%s: nid owner set to %u\n", tun->dev->name, tun->nid);
2111 /* Only allow setting the type when the interface is down */
2112 if (tun->dev->flags & IFF_UP) {
2113 diff -NurpP --minimal linux-2.6.25/fs/attr.c linux-2.6.25-vs2.3.0.34.9/fs/attr.c
2114 --- linux-2.6.25/fs/attr.c 2008-04-17 11:31:35.000000000 -0400
2115 +++ linux-2.6.25-vs2.3.0.34.9/fs/attr.c 2008-04-19 15:14:52.000000000 -0400
2117 #include <linux/fcntl.h>
2118 #include <linux/quotaops.h>
2119 #include <linux/security.h>
2120 +#include <linux/proc_fs.h>
2121 +#include <linux/devpts_fs.h>
2122 +#include <linux/vs_base.h>
2124 /* Taken over from the old code... */
2126 @@ -55,6 +58,27 @@ int inode_change_ok(struct inode *inode,
2127 if (!is_owner_or_cap(inode))
2131 + /* Check for evil vserver activity */
2132 + if (vx_check(0, VS_ADMIN))
2135 + if (IS_BARRIER(inode)) {
2136 + vxwprintk_task(1, "messing with the barrier.");
2139 + switch (inode->i_sb->s_magic) {
2140 + case PROC_SUPER_MAGIC:
2141 + /* maybe allow that in the future? */
2142 + vxwprintk_task(1, "messing with the procfs.");
2144 + case DEVPTS_SUPER_MAGIC:
2145 + /* devpts is xid tagged */
2146 + if (vx_check((xid_t)inode->i_tag, VS_IDENT))
2148 + vxwprintk_task(1, "messing with the devpts.");
2154 @@ -78,6 +102,8 @@ int inode_setattr(struct inode * inode,
2155 inode->i_uid = attr->ia_uid;
2156 if (ia_valid & ATTR_GID)
2157 inode->i_gid = attr->ia_gid;
2158 + if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode))
2159 + inode->i_tag = attr->ia_tag;
2160 if (ia_valid & ATTR_ATIME)
2161 inode->i_atime = timespec_trunc(attr->ia_atime,
2162 inode->i_sb->s_time_gran);
2163 @@ -167,7 +193,8 @@ int notify_change(struct dentry * dentry
2164 error = security_inode_setattr(dentry, attr);
2166 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
2167 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
2168 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
2169 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag))
2170 error = DQUOT_TRANSFER(inode, attr) ? -EDQUOT : 0;
2172 error = inode_setattr(inode, attr);
2173 diff -NurpP --minimal linux-2.6.25/fs/binfmt_aout.c linux-2.6.25-vs2.3.0.34.9/fs/binfmt_aout.c
2174 --- linux-2.6.25/fs/binfmt_aout.c 2008-04-17 12:05:39.000000000 -0400
2175 +++ linux-2.6.25-vs2.3.0.34.9/fs/binfmt_aout.c 2008-04-19 15:14:52.000000000 -0400
2177 #include <linux/binfmts.h>
2178 #include <linux/personality.h>
2179 #include <linux/init.h>
2180 +#include <linux/vs_memory.h>
2182 #include <asm/system.h>
2183 #include <asm/uaccess.h>
2184 diff -NurpP --minimal linux-2.6.25/fs/binfmt_elf.c linux-2.6.25-vs2.3.0.34.9/fs/binfmt_elf.c
2185 --- linux-2.6.25/fs/binfmt_elf.c 2008-04-17 12:05:39.000000000 -0400
2186 +++ linux-2.6.25-vs2.3.0.34.9/fs/binfmt_elf.c 2008-04-19 15:14:52.000000000 -0400
2188 #include <linux/random.h>
2189 #include <linux/elf.h>
2190 #include <linux/utsname.h>
2191 +#include <linux/vs_memory.h>
2192 #include <asm/uaccess.h>
2193 #include <asm/param.h>
2194 #include <asm/page.h>
2195 diff -NurpP --minimal linux-2.6.25/fs/binfmt_flat.c linux-2.6.25-vs2.3.0.34.9/fs/binfmt_flat.c
2196 --- linux-2.6.25/fs/binfmt_flat.c 2008-04-17 12:05:39.000000000 -0400
2197 +++ linux-2.6.25-vs2.3.0.34.9/fs/binfmt_flat.c 2008-04-19 15:14:52.000000000 -0400
2199 #include <linux/init.h>
2200 #include <linux/flat.h>
2201 #include <linux/syscalls.h>
2202 +#include <linux/vs_memory.h>
2204 #include <asm/byteorder.h>
2205 #include <asm/system.h>
2206 diff -NurpP --minimal linux-2.6.25/fs/binfmt_som.c linux-2.6.25-vs2.3.0.34.9/fs/binfmt_som.c
2207 --- linux-2.6.25/fs/binfmt_som.c 2008-04-17 12:05:39.000000000 -0400
2208 +++ linux-2.6.25-vs2.3.0.34.9/fs/binfmt_som.c 2008-04-19 15:14:52.000000000 -0400
2210 #include <linux/shm.h>
2211 #include <linux/personality.h>
2212 #include <linux/init.h>
2213 +#include <linux/vs_memory.h>
2215 #include <asm/uaccess.h>
2216 #include <asm/pgtable.h>
2217 diff -NurpP --minimal linux-2.6.25/fs/block_dev.c linux-2.6.25-vs2.3.0.34.9/fs/block_dev.c
2218 --- linux-2.6.25/fs/block_dev.c 2008-04-17 12:05:39.000000000 -0400
2219 +++ linux-2.6.25-vs2.3.0.34.9/fs/block_dev.c 2008-04-19 15:14:52.000000000 -0400
2221 #include <linux/uio.h>
2222 #include <linux/namei.h>
2223 #include <linux/log2.h>
2224 +#include <linux/vs_device.h>
2225 #include <asm/uaccess.h>
2226 #include "internal.h"
2228 @@ -388,6 +389,7 @@ struct block_device *bdget(dev_t dev)
2229 bdev->bd_invalidated = 0;
2230 inode->i_mode = S_IFBLK;
2231 inode->i_rdev = dev;
2232 + inode->i_mdev = dev;
2233 inode->i_bdev = bdev;
2234 inode->i_data.a_ops = &def_blk_aops;
2235 mapping_set_gfp_mask(&inode->i_data, GFP_USER);
2236 @@ -424,6 +426,11 @@ EXPORT_SYMBOL(bdput);
2237 static struct block_device *bd_acquire(struct inode *inode)
2239 struct block_device *bdev;
2242 + if (!vs_map_blkdev(inode->i_rdev, &mdev, DATTR_OPEN))
2244 + inode->i_mdev = mdev;
2246 spin_lock(&bdev_lock);
2247 bdev = inode->i_bdev;
2248 @@ -434,7 +441,7 @@ static struct block_device *bd_acquire(s
2250 spin_unlock(&bdev_lock);
2252 - bdev = bdget(inode->i_rdev);
2253 + bdev = bdget(mdev);
2255 spin_lock(&bdev_lock);
2256 if (!inode->i_bdev) {
2257 diff -NurpP --minimal linux-2.6.25/fs/char_dev.c linux-2.6.25-vs2.3.0.34.9/fs/char_dev.c
2258 --- linux-2.6.25/fs/char_dev.c 2008-04-17 12:05:39.000000000 -0400
2259 +++ linux-2.6.25-vs2.3.0.34.9/fs/char_dev.c 2008-04-29 18:44:50.000000000 -0400
2261 #include <linux/cdev.h>
2262 #include <linux/mutex.h>
2263 #include <linux/backing-dev.h>
2264 +#include <linux/vs_context.h>
2265 +#include <linux/vs_device.h>
2268 #include <linux/kmod.h>
2269 @@ -362,14 +364,21 @@ static int chrdev_open(struct inode *ino
2271 struct cdev *new = NULL;
2275 + if (!vs_map_chrdev(inode->i_rdev, &mdev, DATTR_OPEN))
2277 + inode->i_mdev = mdev;
2279 spin_lock(&cdev_lock);
2282 struct kobject *kobj;
2285 spin_unlock(&cdev_lock);
2286 - kobj = kobj_lookup(cdev_map, inode->i_rdev, &idx);
2288 + kobj = kobj_lookup(cdev_map, mdev, &idx);
2291 new = container_of(kobj, struct cdev, kobj);
2292 diff -NurpP --minimal linux-2.6.25/fs/dcache.c linux-2.6.25-vs2.3.0.34.9/fs/dcache.c
2293 --- linux-2.6.25/fs/dcache.c 2008-04-17 12:05:39.000000000 -0400
2294 +++ linux-2.6.25-vs2.3.0.34.9/fs/dcache.c 2008-04-19 17:06:15.000000000 -0400
2296 #include <linux/seqlock.h>
2297 #include <linux/swap.h>
2298 #include <linux/bootmem.h>
2299 +#include <linux/vs_limit.h>
2300 #include "internal.h"
2303 @@ -184,6 +185,7 @@ void dput(struct dentry *dentry)
2307 + vx_dentry_dec(dentry);
2309 if (atomic_read(&dentry->d_count) == 1)
2311 @@ -197,6 +199,8 @@ repeat:
2315 + vx_dentry_dec(dentry);
2318 * AV: ->d_delete() is _NOT_ allowed to block now.
2320 @@ -288,6 +292,7 @@ static inline struct dentry * __dget_loc
2322 atomic_inc(&dentry->d_count);
2323 dentry_lru_remove(dentry);
2324 + vx_dentry_inc(dentry);
2328 @@ -885,6 +890,9 @@ struct dentry *d_alloc(struct dentry * p
2329 struct dentry *dentry;
2332 + if (!vx_dentry_avail(1))
2335 dentry = kmem_cache_alloc(dentry_cache, GFP_KERNEL);
2338 @@ -933,6 +941,7 @@ struct dentry *d_alloc(struct dentry * p
2340 list_add(&dentry->d_u.d_child, &parent->d_subdirs);
2341 dentry_stat.nr_dentry++;
2342 + vx_dentry_inc(dentry);
2343 spin_unlock(&dcache_lock);
2346 @@ -1282,6 +1291,7 @@ struct dentry * __d_lookup(struct dentry
2348 if (!d_unhashed(dentry)) {
2349 atomic_inc(&dentry->d_count);
2350 + vx_dentry_inc(dentry);
2353 spin_unlock(&dentry->d_lock);
2354 diff -NurpP --minimal linux-2.6.25/fs/devpts/inode.c linux-2.6.25-vs2.3.0.34.9/fs/devpts/inode.c
2355 --- linux-2.6.25/fs/devpts/inode.c 2008-04-17 12:05:39.000000000 -0400
2356 +++ linux-2.6.25-vs2.3.0.34.9/fs/devpts/inode.c 2008-04-21 09:23:34.000000000 -0400
2358 #include <linux/namei.h>
2359 #include <linux/mount.h>
2360 #include <linux/tty.h>
2361 +#include <linux/magic.h>
2362 #include <linux/devpts_fs.h>
2363 #include <linux/parser.h>
2364 #include <linux/fsnotify.h>
2365 #include <linux/seq_file.h>
2366 +#include <linux/vs_base.h>
2368 -#define DEVPTS_SUPER_MAGIC 0x1cd1
2370 #define DEVPTS_DEFAULT_MODE 0600
2372 +static int devpts_permission(struct inode *inode, int mask, struct nameidata *nd)
2374 + int ret = -EACCES;
2376 + /* devpts is xid tagged */
2377 + if (vx_check((xid_t)inode->i_tag, VS_WATCH_P | VS_IDENT))
2378 + ret = generic_permission(inode, mask, NULL);
2382 +static struct inode_operations devpts_file_inode_operations = {
2383 + .permission = devpts_permission,
2386 static struct vfsmount *devpts_mnt;
2387 static struct dentry *devpts_root;
2389 @@ -106,6 +121,25 @@ static int devpts_show_options(struct se
2393 +static int devpts_filter(struct dentry *de)
2395 + /* devpts is xid tagged */
2396 + return vx_check((xid_t)de->d_inode->i_tag, VS_WATCH_P | VS_IDENT);
2399 +static int devpts_readdir(struct file * filp, void * dirent, filldir_t filldir)
2401 + return dcache_readdir_filter(filp, dirent, filldir, devpts_filter);
2404 +static struct file_operations devpts_dir_operations = {
2405 + .open = dcache_dir_open,
2406 + .release = dcache_dir_close,
2407 + .llseek = dcache_dir_lseek,
2408 + .read = generic_read_dir,
2409 + .readdir = devpts_readdir,
2412 static const struct super_operations devpts_sops = {
2413 .statfs = simple_statfs,
2414 .remount_fs = devpts_remount,
2415 @@ -132,8 +166,10 @@ devpts_fill_super(struct super_block *s,
2416 inode->i_uid = inode->i_gid = 0;
2417 inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO | S_IWUSR;
2418 inode->i_op = &simple_dir_inode_operations;
2419 - inode->i_fop = &simple_dir_operations;
2420 + inode->i_fop = &devpts_dir_operations;
2422 + /* devpts is xid tagged */
2423 + inode->i_tag = (tag_t)vx_current_xid();
2425 devpts_root = s->s_root = d_alloc_root(inode);
2427 @@ -191,6 +227,9 @@ int devpts_pty_new(struct tty_struct *tt
2428 inode->i_gid = config.setgid ? config.gid : current->fsgid;
2429 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
2430 init_special_inode(inode, S_IFCHR|config.mode, device);
2431 + /* devpts is xid tagged */
2432 + inode->i_tag = (tag_t)vx_current_xid();
2433 + inode->i_op = &devpts_file_inode_operations;
2434 inode->i_private = tty;
2436 dentry = get_node(number);
2437 diff -NurpP --minimal linux-2.6.25/fs/ecryptfs/inode.c linux-2.6.25-vs2.3.0.34.9/fs/ecryptfs/inode.c
2438 --- linux-2.6.25/fs/ecryptfs/inode.c 2008-04-17 12:05:40.000000000 -0400
2439 +++ linux-2.6.25-vs2.3.0.34.9/fs/ecryptfs/inode.c 2008-04-19 15:14:52.000000000 -0400
2440 @@ -400,7 +400,7 @@ static int ecryptfs_link(struct dentry *
2441 dget(lower_new_dentry);
2442 lower_dir_dentry = lock_parent(lower_new_dentry);
2443 rc = vfs_link(lower_old_dentry, lower_dir_dentry->d_inode,
2444 - lower_new_dentry);
2445 + lower_new_dentry, NULL);
2446 if (rc || !lower_new_dentry->d_inode)
2448 rc = ecryptfs_interpose(lower_new_dentry, new_dentry, dir->i_sb, 0);
2449 @@ -428,7 +428,7 @@ static int ecryptfs_unlink(struct inode
2450 struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
2452 lock_parent(lower_dentry);
2453 - rc = vfs_unlink(lower_dir_inode, lower_dentry);
2454 + rc = vfs_unlink(lower_dir_inode, lower_dentry, NULL);
2456 printk(KERN_ERR "Error in vfs_unlink; rc = [%d]\n", rc);
2458 @@ -466,7 +466,7 @@ static int ecryptfs_symlink(struct inode
2461 rc = vfs_symlink(lower_dir_dentry->d_inode, lower_dentry,
2462 - encoded_symname, mode);
2463 + encoded_symname, mode, NULL);
2464 kfree(encoded_symname);
2465 if (rc || !lower_dentry->d_inode)
2467 @@ -491,7 +491,7 @@ static int ecryptfs_mkdir(struct inode *
2469 lower_dentry = ecryptfs_dentry_to_lower(dentry);
2470 lower_dir_dentry = lock_parent(lower_dentry);
2471 - rc = vfs_mkdir(lower_dir_dentry->d_inode, lower_dentry, mode);
2472 + rc = vfs_mkdir(lower_dir_dentry->d_inode, lower_dentry, mode, NULL);
2473 if (rc || !lower_dentry->d_inode)
2475 rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
2476 @@ -517,7 +517,7 @@ static int ecryptfs_rmdir(struct inode *
2478 lower_dir_dentry = lock_parent(lower_dentry);
2480 - rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry);
2481 + rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry, NULL);
2484 d_delete(lower_dentry);
2485 @@ -539,7 +539,7 @@ ecryptfs_mknod(struct inode *dir, struct
2487 lower_dentry = ecryptfs_dentry_to_lower(dentry);
2488 lower_dir_dentry = lock_parent(lower_dentry);
2489 - rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev);
2490 + rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev, NULL);
2491 if (rc || !lower_dentry->d_inode)
2493 rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
2494 diff -NurpP --minimal linux-2.6.25/fs/exec.c linux-2.6.25-vs2.3.0.34.9/fs/exec.c
2495 --- linux-2.6.25/fs/exec.c 2008-04-17 12:05:40.000000000 -0400
2496 +++ linux-2.6.25-vs2.3.0.34.9/fs/exec.c 2008-04-19 15:14:52.000000000 -0400
2497 @@ -249,7 +249,9 @@ static int __bprm_mm_init(struct linux_b
2501 - mm->stack_vm = mm->total_vm = 1;
2503 + vx_vmpages_inc(mm);
2505 up_write(&mm->mmap_sem);
2507 bprm->p = vma->vm_end - sizeof(void *);
2508 @@ -1452,7 +1454,7 @@ static int format_corename(char *corenam
2509 /* UNIX time of coredump */
2512 - do_gettimeofday(&tv);
2513 + vx_gettimeofday(&tv);
2514 rc = snprintf(out_ptr, out_end - out_ptr,
2516 if (rc > out_end - out_ptr)
2517 diff -NurpP --minimal linux-2.6.25/fs/ext2/balloc.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/balloc.c
2518 --- linux-2.6.25/fs/ext2/balloc.c 2008-04-17 12:05:40.000000000 -0400
2519 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/balloc.c 2008-04-19 15:14:52.000000000 -0400
2521 #include <linux/sched.h>
2522 #include <linux/buffer_head.h>
2523 #include <linux/capability.h>
2524 +#include <linux/vs_dlimit.h>
2525 +#include <linux/vs_tag.h>
2528 * balloc.c contains the blocks allocation and deallocation routines
2529 @@ -569,6 +571,7 @@ do_more:
2533 + DLIMIT_FREE_BLOCK(inode, freed);
2534 release_blocks(sb, freed);
2535 DQUOT_FREE_BLOCK(inode, freed);
2537 @@ -701,7 +704,6 @@ ext2_try_to_allocate(struct super_block
2539 end = EXT2_BLOCKS_PER_GROUP(sb);
2542 BUG_ON(start > EXT2_BLOCKS_PER_GROUP(sb));
2545 @@ -1251,6 +1253,11 @@ ext2_fsblk_t ext2_new_blocks(struct inod
2549 + if (DLIMIT_ALLOC_BLOCK(inode, num)) {
2551 + DQUOT_FREE_BLOCK(inode, num);
2556 es = EXT2_SB(sb)->s_es;
2557 @@ -1403,6 +1410,7 @@ allocated:
2561 + DLIMIT_FREE_BLOCK(inode, *count-num);
2562 DQUOT_FREE_BLOCK(inode, *count-num);
2565 @@ -1413,8 +1421,10 @@ out:
2567 * Undo the block allocation
2569 - if (!performed_allocation)
2570 + if (!performed_allocation) {
2571 + DLIMIT_FREE_BLOCK(inode, *count);
2572 DQUOT_FREE_BLOCK(inode, *count);
2577 diff -NurpP --minimal linux-2.6.25/fs/ext2/ext2.h linux-2.6.25-vs2.3.0.34.9/fs/ext2/ext2.h
2578 --- linux-2.6.25/fs/ext2/ext2.h 2008-04-17 12:05:40.000000000 -0400
2579 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/ext2.h 2008-04-19 15:14:52.000000000 -0400
2580 @@ -168,6 +168,7 @@ extern const struct file_operations ext2
2581 extern const struct address_space_operations ext2_aops;
2582 extern const struct address_space_operations ext2_aops_xip;
2583 extern const struct address_space_operations ext2_nobh_aops;
2584 +extern int ext2_sync_flags(struct inode *inode);
2587 extern const struct inode_operations ext2_dir_inode_operations;
2588 diff -NurpP --minimal linux-2.6.25/fs/ext2/file.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/file.c
2589 --- linux-2.6.25/fs/ext2/file.c 2008-04-17 12:05:40.000000000 -0400
2590 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/file.c 2008-04-19 15:14:52.000000000 -0400
2591 @@ -86,4 +86,5 @@ const struct inode_operations ext2_file_
2593 .setattr = ext2_setattr,
2594 .permission = ext2_permission,
2595 + .sync_flags = ext2_sync_flags,
2597 diff -NurpP --minimal linux-2.6.25/fs/ext2/ialloc.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/ialloc.c
2598 --- linux-2.6.25/fs/ext2/ialloc.c 2008-04-17 11:31:35.000000000 -0400
2599 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/ialloc.c 2008-04-19 15:14:52.000000000 -0400
2601 #include <linux/backing-dev.h>
2602 #include <linux/buffer_head.h>
2603 #include <linux/random.h>
2604 +#include <linux/vs_dlimit.h>
2605 +#include <linux/vs_tag.h>
2609 @@ -125,6 +127,7 @@ void ext2_free_inode (struct inode * ino
2610 ext2_xattr_delete_inode(inode);
2611 DQUOT_FREE_INODE(inode);
2613 + DLIMIT_FREE_INODE(inode);
2616 es = EXT2_SB(sb)->s_es;
2617 @@ -456,6 +459,11 @@ struct inode *ext2_new_inode(struct inod
2619 return ERR_PTR(-ENOMEM);
2621 + inode->i_tag = dx_current_fstag(sb);
2622 + if (DLIMIT_ALLOC_INODE(inode)) {
2629 @@ -569,7 +577,8 @@ got:
2630 inode->i_blocks = 0;
2631 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
2632 memset(ei->i_data, 0, sizeof(ei->i_data));
2633 - ei->i_flags = EXT2_I(dir)->i_flags & ~EXT2_BTREE_FL;
2634 + ei->i_flags = EXT2_I(dir)->i_flags &
2635 + ~(EXT2_BTREE_FL|EXT2_IUNLINK_FL|EXT2_BARRIER_FL);
2637 ei->i_flags &= ~(EXT2_IMMUTABLE_FL|EXT2_APPEND_FL);
2638 /* dirsync is only applied to directories */
2639 @@ -614,12 +623,15 @@ fail_free_drop:
2643 + DLIMIT_FREE_INODE(inode);
2644 inode->i_flags |= S_NOQUOTA;
2647 return ERR_PTR(err);
2650 + DLIMIT_FREE_INODE(inode);
2652 make_bad_inode(inode);
2654 return ERR_PTR(err);
2655 diff -NurpP --minimal linux-2.6.25/fs/ext2/inode.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/inode.c
2656 --- linux-2.6.25/fs/ext2/inode.c 2008-04-17 12:05:40.000000000 -0400
2657 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/inode.c 2008-04-21 10:14:57.000000000 -0400
2659 #include <linux/writeback.h>
2660 #include <linux/buffer_head.h>
2661 #include <linux/mpage.h>
2662 +#include <linux/vs_tag.h>
2666 @@ -1011,7 +1012,7 @@ void ext2_truncate(struct inode *inode)
2668 if (ext2_inode_is_fast_symlink(inode))
2670 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
2671 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
2674 blocksize = inode->i_sb->s_blocksize;
2675 @@ -1149,13 +1150,20 @@ void ext2_set_inode_flags(struct inode *
2677 unsigned int flags = EXT2_I(inode)->i_flags;
2679 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
2680 + inode->i_flags &= ~(S_IMMUTABLE | S_IUNLINK | S_BARRIER |
2681 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
2683 + if (flags & EXT2_IMMUTABLE_FL)
2684 + inode->i_flags |= S_IMMUTABLE;
2685 + if (flags & EXT2_IUNLINK_FL)
2686 + inode->i_flags |= S_IUNLINK;
2687 + if (flags & EXT2_BARRIER_FL)
2688 + inode->i_flags |= S_BARRIER;
2690 if (flags & EXT2_SYNC_FL)
2691 inode->i_flags |= S_SYNC;
2692 if (flags & EXT2_APPEND_FL)
2693 inode->i_flags |= S_APPEND;
2694 - if (flags & EXT2_IMMUTABLE_FL)
2695 - inode->i_flags |= S_IMMUTABLE;
2696 if (flags & EXT2_NOATIME_FL)
2697 inode->i_flags |= S_NOATIME;
2698 if (flags & EXT2_DIRSYNC_FL)
2699 @@ -1181,6 +1189,30 @@ void ext2_get_inode_flags(struct ext2_in
2700 ei->i_flags |= EXT2_DIRSYNC_FL;
2703 +int ext2_sync_flags(struct inode *inode)
2705 + unsigned int oldflags, newflags;
2707 + oldflags = EXT2_I(inode)->i_flags;
2708 + newflags = oldflags & ~(EXT2_IMMUTABLE_FL |
2709 + EXT2_IUNLINK_FL | EXT2_BARRIER_FL);
2711 + if (IS_IMMUTABLE(inode))
2712 + newflags |= EXT2_IMMUTABLE_FL;
2713 + if (IS_IUNLINK(inode))
2714 + newflags |= EXT2_IUNLINK_FL;
2715 + if (IS_BARRIER(inode))
2716 + newflags |= EXT2_BARRIER_FL;
2718 + if (oldflags ^ newflags) {
2719 + EXT2_I(inode)->i_flags = newflags;
2720 + inode->i_ctime = CURRENT_TIME;
2721 + mark_inode_dirty(inode);
2727 struct inode *ext2_iget (struct super_block *sb, unsigned long ino)
2729 struct ext2_inode_info *ei;
2730 @@ -1188,6 +1220,8 @@ struct inode *ext2_iget (struct super_bl
2731 struct ext2_inode *raw_inode;
2732 struct inode *inode;
2738 inode = iget_locked(sb, ino);
2739 @@ -1210,12 +1244,17 @@ struct inode *ext2_iget (struct super_bl
2742 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
2743 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
2744 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
2745 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
2746 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
2747 if (!(test_opt (inode->i_sb, NO_UID32))) {
2748 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
2749 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
2750 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
2751 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
2753 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
2754 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
2755 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
2756 + le16_to_cpu(raw_inode->i_raw_tag));
2758 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
2759 inode->i_size = le32_to_cpu(raw_inode->i_size);
2760 inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
2761 @@ -1311,8 +1350,8 @@ static int ext2_update_inode(struct inod
2762 struct ext2_inode_info *ei = EXT2_I(inode);
2763 struct super_block *sb = inode->i_sb;
2764 ino_t ino = inode->i_ino;
2765 - uid_t uid = inode->i_uid;
2766 - gid_t gid = inode->i_gid;
2767 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
2768 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
2769 struct buffer_head * bh;
2770 struct ext2_inode * raw_inode = ext2_get_inode(sb, ino, &bh);
2772 @@ -1348,6 +1387,9 @@ static int ext2_update_inode(struct inod
2773 raw_inode->i_uid_high = 0;
2774 raw_inode->i_gid_high = 0;
2776 +#ifdef CONFIG_TAGGING_INTERN
2777 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
2779 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
2780 raw_inode->i_size = cpu_to_le32(inode->i_size);
2781 raw_inode->i_atime = cpu_to_le32(inode->i_atime.tv_sec);
2782 @@ -1434,7 +1476,8 @@ int ext2_setattr(struct dentry *dentry,
2785 if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) ||
2786 - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) {
2787 + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) ||
2788 + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) {
2789 error = DQUOT_TRANSFER(inode, iattr) ? -EDQUOT : 0;
2792 diff -NurpP --minimal linux-2.6.25/fs/ext2/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/ioctl.c
2793 --- linux-2.6.25/fs/ext2/ioctl.c 2008-04-17 12:05:40.000000000 -0400
2794 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/ioctl.c 2008-04-19 15:14:52.000000000 -0400
2796 #include <linux/sched.h>
2797 #include <linux/compat.h>
2798 #include <linux/smp_lock.h>
2799 +#include <linux/mount.h>
2800 #include <asm/current.h>
2801 #include <asm/uaccess.h>
2803 @@ -34,7 +35,8 @@ long ext2_ioctl(struct file *filp, unsig
2804 case EXT2_IOC_SETFLAGS: {
2805 unsigned int oldflags;
2807 - if (IS_RDONLY(inode))
2808 + if (IS_RDONLY(inode) ||
2809 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
2812 if (!is_owner_or_cap(inode))
2813 @@ -60,7 +62,9 @@ long ext2_ioctl(struct file *filp, unsig
2815 * This test looks nicer. Thanks to Pauline Middelink
2817 - if ((flags ^ oldflags) & (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL)) {
2818 + if ((oldflags & EXT2_IMMUTABLE_FL) ||
2819 + ((flags ^ oldflags) & (EXT2_APPEND_FL |
2820 + EXT2_IMMUTABLE_FL | EXT2_IUNLINK_FL))) {
2821 if (!capable(CAP_LINUX_IMMUTABLE)) {
2822 mutex_unlock(&inode->i_mutex);
2824 @@ -82,7 +86,8 @@ long ext2_ioctl(struct file *filp, unsig
2825 case EXT2_IOC_SETVERSION:
2826 if (!is_owner_or_cap(inode))
2828 - if (IS_RDONLY(inode))
2829 + if (IS_RDONLY(inode) ||
2830 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
2832 if (get_user(inode->i_generation, (int __user *) arg))
2834 diff -NurpP --minimal linux-2.6.25/fs/ext2/namei.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/namei.c
2835 --- linux-2.6.25/fs/ext2/namei.c 2008-04-17 12:05:40.000000000 -0400
2836 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/namei.c 2008-04-21 10:12:49.000000000 -0400
2840 #include <linux/pagemap.h>
2841 +#include <linux/vs_tag.h>
2845 @@ -66,6 +67,7 @@ static struct dentry *ext2_lookup(struct
2846 inode = ext2_iget(dir->i_sb, ino);
2848 return ERR_CAST(inode);
2849 + dx_propagate_tag(nd, inode);
2851 return d_splice_alias(inode, dentry);
2853 @@ -391,6 +393,7 @@ const struct inode_operations ext2_dir_i
2855 .setattr = ext2_setattr,
2856 .permission = ext2_permission,
2857 + .sync_flags = ext2_sync_flags,
2860 const struct inode_operations ext2_special_inode_operations = {
2861 @@ -402,4 +405,5 @@ const struct inode_operations ext2_speci
2863 .setattr = ext2_setattr,
2864 .permission = ext2_permission,
2865 + .sync_flags = ext2_sync_flags,
2867 diff -NurpP --minimal linux-2.6.25/fs/ext2/super.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/super.c
2868 --- linux-2.6.25/fs/ext2/super.c 2008-04-17 12:05:40.000000000 -0400
2869 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/super.c 2008-04-19 15:14:52.000000000 -0400
2870 @@ -390,7 +390,8 @@ enum {
2871 Opt_err_ro, Opt_nouid32, Opt_nocheck, Opt_debug,
2872 Opt_oldalloc, Opt_orlov, Opt_nobh, Opt_user_xattr, Opt_nouser_xattr,
2873 Opt_acl, Opt_noacl, Opt_xip, Opt_ignore, Opt_err, Opt_quota,
2874 - Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation
2875 + Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation,
2876 + Opt_tag, Opt_notag, Opt_tagid
2879 static match_table_t tokens = {
2880 @@ -418,6 +419,9 @@ static match_table_t tokens = {
2882 {Opt_noacl, "noacl"},
2885 + {Opt_notag, "notag"},
2886 + {Opt_tagid, "tagid=%u"},
2887 {Opt_grpquota, "grpquota"},
2888 {Opt_ignore, "noquota"},
2889 {Opt_quota, "quota"},
2890 @@ -488,6 +492,20 @@ static int parse_options (char * options
2892 set_opt (sbi->s_mount_opt, NO_UID32);
2894 +#ifndef CONFIG_TAGGING_NONE
2896 + set_opt (sbi->s_mount_opt, TAGGED);
2899 + clear_opt (sbi->s_mount_opt, TAGGED);
2902 +#ifdef CONFIG_PROPAGATE
2905 + set_opt (sbi->s_mount_opt, TAGGED);
2909 clear_opt (sbi->s_mount_opt, CHECK);
2911 @@ -831,6 +849,8 @@ static int ext2_fill_super(struct super_
2912 if (!parse_options ((char *) data, sbi))
2915 + if (EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_TAGGED)
2916 + sb->s_flags |= MS_TAGGED;
2917 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
2918 ((EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ?
2920 @@ -1164,6 +1184,13 @@ static int ext2_remount (struct super_bl
2924 + if ((sbi->s_mount_opt & EXT2_MOUNT_TAGGED) &&
2925 + !(sb->s_flags & MS_TAGGED)) {
2926 + printk("EXT2-fs: %s: tagging not permitted on remount.\n",
2931 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
2932 ((sbi->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
2934 diff -NurpP --minimal linux-2.6.25/fs/ext2/symlink.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/symlink.c
2935 --- linux-2.6.25/fs/ext2/symlink.c 2008-04-17 10:32:27.000000000 -0400
2936 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/symlink.c 2008-04-19 15:14:52.000000000 -0400
2937 @@ -38,6 +38,7 @@ const struct inode_operations ext2_symli
2938 .listxattr = ext2_listxattr,
2939 .removexattr = generic_removexattr,
2941 + .sync_flags = ext2_sync_flags,
2944 const struct inode_operations ext2_fast_symlink_inode_operations = {
2945 @@ -49,4 +50,5 @@ const struct inode_operations ext2_fast_
2946 .listxattr = ext2_listxattr,
2947 .removexattr = generic_removexattr,
2949 + .sync_flags = ext2_sync_flags,
2951 diff -NurpP --minimal linux-2.6.25/fs/ext2/xattr.c linux-2.6.25-vs2.3.0.34.9/fs/ext2/xattr.c
2952 --- linux-2.6.25/fs/ext2/xattr.c 2008-04-17 12:05:40.000000000 -0400
2953 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext2/xattr.c 2008-04-19 15:14:52.000000000 -0400
2955 #include <linux/mbcache.h>
2956 #include <linux/quotaops.h>
2957 #include <linux/rwsem.h>
2958 +#include <linux/vs_dlimit.h>
2962 @@ -641,8 +642,12 @@ ext2_xattr_set2(struct inode *inode, str
2964 ea_bdebug(new_bh, "reusing block");
2967 + if (DLIMIT_ALLOC_BLOCK(inode, 1))
2970 if (DQUOT_ALLOC_BLOCK(inode, 1)) {
2971 + DLIMIT_FREE_BLOCK(inode, 1);
2972 unlock_buffer(new_bh);
2975 @@ -735,6 +740,7 @@ ext2_xattr_set2(struct inode *inode, str
2976 le32_to_cpu(HDR(old_bh)->h_refcount) - 1);
2978 mb_cache_entry_release(ce);
2979 + DLIMIT_FREE_BLOCK(inode, 1);
2980 DQUOT_FREE_BLOCK(inode, 1);
2981 mark_buffer_dirty(old_bh);
2982 ea_bdebug(old_bh, "refcount now=%d",
2983 @@ -799,6 +805,7 @@ ext2_xattr_delete_inode(struct inode *in
2984 mark_buffer_dirty(bh);
2986 sync_dirty_buffer(bh);
2987 + DLIMIT_FREE_BLOCK(inode, 1);
2988 DQUOT_FREE_BLOCK(inode, 1);
2990 EXT2_I(inode)->i_file_acl = 0;
2991 diff -NurpP --minimal linux-2.6.25/fs/ext3/balloc.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/balloc.c
2992 --- linux-2.6.25/fs/ext3/balloc.c 2008-04-17 12:05:40.000000000 -0400
2993 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/balloc.c 2008-04-19 15:14:52.000000000 -0400
2995 #include <linux/ext3_jbd.h>
2996 #include <linux/quotaops.h>
2997 #include <linux/buffer_head.h>
2998 +#include <linux/vs_dlimit.h>
2999 +#include <linux/vs_tag.h>
3002 * balloc.c contains the blocks allocation and deallocation routines
3003 @@ -675,8 +677,10 @@ void ext3_free_blocks(handle_t *handle,
3006 ext3_free_blocks_sb(handle, sb, block, count, &dquot_freed_blocks);
3007 - if (dquot_freed_blocks)
3008 + if (dquot_freed_blocks) {
3009 + DLIMIT_FREE_BLOCK(inode, dquot_freed_blocks);
3010 DQUOT_FREE_BLOCK(inode, dquot_freed_blocks);
3015 @@ -1415,18 +1419,33 @@ out:
3017 * Check if filesystem has at least 1 free block available for allocation.
3019 -static int ext3_has_free_blocks(struct ext3_sb_info *sbi)
3020 +static int ext3_has_free_blocks(struct super_block *sb)
3022 - ext3_fsblk_t free_blocks, root_blocks;
3023 + struct ext3_sb_info *sbi = EXT3_SB(sb);
3024 + unsigned long long free_blocks, root_blocks;
3027 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter);
3028 root_blocks = le32_to_cpu(sbi->s_es->s_r_blocks_count);
3029 - if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) &&
3031 + vxdprintk(VXD_CBIT(dlim, 3),
3032 + "ext3_has_free_blocks(%p): free=%llu, root=%llu",
3033 + sb, free_blocks, root_blocks);
3035 + DLIMIT_ADJUST_BLOCK(sb, dx_current_tag(), &free_blocks, &root_blocks);
3037 + cond = (free_blocks < root_blocks + 1 &&
3038 + !capable(CAP_SYS_RESOURCE) &&
3039 sbi->s_resuid != current->fsuid &&
3040 - (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) {
3044 + (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid)));
3046 + vxdprintk(VXD_CBIT(dlim, 3),
3047 + "ext3_has_free_blocks(%p): %llu<%llu+1, %c, %u!=%u r=%d",
3048 + sb, free_blocks, root_blocks,
3049 + !capable(CAP_SYS_RESOURCE)?'1':'0',
3050 + sbi->s_resuid, current->fsuid, cond?0:1);
3052 + return (cond ? 0 : 1);
3056 @@ -1443,7 +1462,7 @@ static int ext3_has_free_blocks(struct e
3058 int ext3_should_retry_alloc(struct super_block *sb, int *retries)
3060 - if (!ext3_has_free_blocks(EXT3_SB(sb)) || (*retries)++ > 3)
3061 + if (!ext3_has_free_blocks(sb) || (*retries)++ > 3)
3064 jbd_debug(1, "%s: retrying operation after ENOSPC\n", sb->s_id);
3065 @@ -1506,6 +1525,8 @@ ext3_fsblk_t ext3_new_blocks(handle_t *h
3069 + if (DLIMIT_ALLOC_BLOCK(inode, num))
3073 es = EXT3_SB(sb)->s_es;
3074 @@ -1522,7 +1543,7 @@ ext3_fsblk_t ext3_new_blocks(handle_t *h
3075 if (block_i && ((windowsz = block_i->rsv_window_node.rsv_goal_size) > 0))
3076 my_rsv = &block_i->rsv_window_node;
3078 - if (!ext3_has_free_blocks(sbi)) {
3079 + if (!ext3_has_free_blocks(sb)) {
3083 @@ -1710,12 +1731,16 @@ allocated:
3086 DQUOT_FREE_BLOCK(inode, *count-num);
3087 + DLIMIT_FREE_BLOCK(inode, *count-num);
3094 + if (!performed_allocation)
3095 + DLIMIT_FREE_BLOCK(inode, *count);
3099 ext3_std_error(sb, fatal);
3100 diff -NurpP --minimal linux-2.6.25/fs/ext3/file.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/file.c
3101 --- linux-2.6.25/fs/ext3/file.c 2008-04-17 10:37:23.000000000 -0400
3102 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/file.c 2008-04-19 15:14:52.000000000 -0400
3103 @@ -134,5 +134,6 @@ const struct inode_operations ext3_file_
3104 .removexattr = generic_removexattr,
3106 .permission = ext3_permission,
3107 + .sync_flags = ext3_sync_flags,
3110 diff -NurpP --minimal linux-2.6.25/fs/ext3/ialloc.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/ialloc.c
3111 --- linux-2.6.25/fs/ext3/ialloc.c 2008-04-17 12:05:40.000000000 -0400
3112 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/ialloc.c 2008-04-19 15:14:52.000000000 -0400
3114 #include <linux/buffer_head.h>
3115 #include <linux/random.h>
3116 #include <linux/bitops.h>
3117 +#include <linux/vs_dlimit.h>
3118 +#include <linux/vs_tag.h>
3120 #include <asm/byteorder.h>
3122 @@ -127,6 +129,7 @@ void ext3_free_inode (handle_t *handle,
3123 ext3_xattr_delete_inode(handle, inode);
3124 DQUOT_FREE_INODE(inode);
3126 + DLIMIT_FREE_INODE(inode);
3128 is_directory = S_ISDIR(inode->i_mode);
3130 @@ -440,6 +443,12 @@ struct inode *ext3_new_inode(handle_t *h
3131 inode = new_inode(sb);
3133 return ERR_PTR(-ENOMEM);
3135 + inode->i_tag = dx_current_fstag(sb);
3136 + if (DLIMIT_ALLOC_INODE(inode)) {
3143 @@ -559,7 +568,8 @@ got:
3144 ei->i_dir_start_lookup = 0;
3147 - ei->i_flags = EXT3_I(dir)->i_flags & ~EXT3_INDEX_FL;
3148 + ei->i_flags = EXT3_I(dir)->i_flags &
3149 + ~(EXT3_INDEX_FL|EXT3_IUNLINK_FL|EXT3_BARRIER_FL);
3151 ei->i_flags &= ~(EXT3_IMMUTABLE_FL|EXT3_APPEND_FL);
3152 /* dirsync only applies to directories */
3153 @@ -614,6 +624,8 @@ got:
3155 ext3_std_error(sb, err);
3157 + DLIMIT_FREE_INODE(inode);
3162 @@ -625,6 +637,7 @@ fail_free_drop:
3166 + DLIMIT_FREE_INODE(inode);
3167 inode->i_flags |= S_NOQUOTA;
3170 diff -NurpP --minimal linux-2.6.25/fs/ext3/inode.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/inode.c
3171 --- linux-2.6.25/fs/ext3/inode.c 2008-04-17 12:05:40.000000000 -0400
3172 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/inode.c 2008-04-20 13:25:49.000000000 -0400
3174 #include <linux/mpage.h>
3175 #include <linux/uio.h>
3176 #include <linux/bio.h>
3177 +#include <linux/vs_tag.h>
3181 @@ -2300,7 +2301,7 @@ void ext3_truncate(struct inode *inode)
3183 if (ext3_inode_is_fast_symlink(inode))
3185 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
3186 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
3190 @@ -2622,13 +2623,20 @@ void ext3_set_inode_flags(struct inode *
3192 unsigned int flags = EXT3_I(inode)->i_flags;
3194 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
3195 + inode->i_flags &= ~(S_IMMUTABLE | S_IUNLINK | S_BARRIER |
3196 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
3198 + if (flags & EXT3_IMMUTABLE_FL)
3199 + inode->i_flags |= S_IMMUTABLE;
3200 + if (flags & EXT3_IUNLINK_FL)
3201 + inode->i_flags |= S_IUNLINK;
3202 + if (flags & EXT3_BARRIER_FL)
3203 + inode->i_flags |= S_BARRIER;
3205 if (flags & EXT3_SYNC_FL)
3206 inode->i_flags |= S_SYNC;
3207 if (flags & EXT3_APPEND_FL)
3208 inode->i_flags |= S_APPEND;
3209 - if (flags & EXT3_IMMUTABLE_FL)
3210 - inode->i_flags |= S_IMMUTABLE;
3211 if (flags & EXT3_NOATIME_FL)
3212 inode->i_flags |= S_NOATIME;
3213 if (flags & EXT3_DIRSYNC_FL)
3214 @@ -2654,6 +2662,45 @@ void ext3_get_inode_flags(struct ext3_in
3215 ei->i_flags |= EXT3_DIRSYNC_FL;
3218 +int ext3_sync_flags(struct inode *inode)
3220 + unsigned int oldflags, newflags;
3223 + oldflags = EXT3_I(inode)->i_flags;
3224 + newflags = oldflags & ~(EXT3_IMMUTABLE_FL |
3225 + EXT3_IUNLINK_FL | EXT3_BARRIER_FL);
3227 + if (IS_IMMUTABLE(inode))
3228 + newflags |= EXT3_IMMUTABLE_FL;
3229 + if (IS_IUNLINK(inode))
3230 + newflags |= EXT3_IUNLINK_FL;
3231 + if (IS_BARRIER(inode))
3232 + newflags |= EXT3_BARRIER_FL;
3234 + if (oldflags ^ newflags) {
3236 + struct ext3_iloc iloc;
3238 + handle = ext3_journal_start(inode, 1);
3239 + if (IS_ERR(handle))
3240 + return PTR_ERR(handle);
3241 + if (IS_SYNC(inode))
3242 + handle->h_sync = 1;
3243 + err = ext3_reserve_inode_write(handle, inode, &iloc);
3247 + EXT3_I(inode)->i_flags = newflags;
3248 + inode->i_ctime = CURRENT_TIME;
3250 + err = ext3_mark_iloc_dirty(handle, inode, &iloc);
3252 + ext3_journal_stop(handle);
3257 struct inode *ext3_iget(struct super_block *sb, unsigned long ino)
3259 struct ext3_iloc iloc;
3260 @@ -2663,6 +2710,8 @@ struct inode *ext3_iget(struct super_blo
3261 struct inode *inode;
3267 inode = iget_locked(sb, ino);
3269 @@ -2683,12 +2732,17 @@ struct inode *ext3_iget(struct super_blo
3271 raw_inode = ext3_raw_inode(&iloc);
3272 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
3273 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3274 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3275 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3276 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3277 if(!(test_opt (inode->i_sb, NO_UID32))) {
3278 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3279 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3280 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3281 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3283 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
3284 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
3285 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
3286 + le16_to_cpu(raw_inode->i_raw_tag));
3288 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
3289 inode->i_size = le32_to_cpu(raw_inode->i_size);
3290 inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
3291 @@ -2817,6 +2871,8 @@ static int ext3_do_update_inode(handle_t
3292 struct ext3_inode *raw_inode = ext3_raw_inode(iloc);
3293 struct ext3_inode_info *ei = EXT3_I(inode);
3294 struct buffer_head *bh = iloc->bh;
3295 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
3296 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
3297 int err = 0, rc, block;
3299 /* For fields not not tracking in the in-memory inode,
3300 @@ -2827,29 +2883,32 @@ static int ext3_do_update_inode(handle_t
3301 ext3_get_inode_flags(ei);
3302 raw_inode->i_mode = cpu_to_le16(inode->i_mode);
3303 if(!(test_opt(inode->i_sb, NO_UID32))) {
3304 - raw_inode->i_uid_low = cpu_to_le16(low_16_bits(inode->i_uid));
3305 - raw_inode->i_gid_low = cpu_to_le16(low_16_bits(inode->i_gid));
3306 + raw_inode->i_uid_low = cpu_to_le16(low_16_bits(uid));
3307 + raw_inode->i_gid_low = cpu_to_le16(low_16_bits(gid));
3309 * Fix up interoperability with old kernels. Otherwise, old inodes get
3310 * re-used with the upper 16 bits of the uid/gid intact
3313 raw_inode->i_uid_high =
3314 - cpu_to_le16(high_16_bits(inode->i_uid));
3315 + cpu_to_le16(high_16_bits(uid));
3316 raw_inode->i_gid_high =
3317 - cpu_to_le16(high_16_bits(inode->i_gid));
3318 + cpu_to_le16(high_16_bits(gid));
3320 raw_inode->i_uid_high = 0;
3321 raw_inode->i_gid_high = 0;
3324 raw_inode->i_uid_low =
3325 - cpu_to_le16(fs_high2lowuid(inode->i_uid));
3326 + cpu_to_le16(fs_high2lowuid(uid));
3327 raw_inode->i_gid_low =
3328 - cpu_to_le16(fs_high2lowgid(inode->i_gid));
3329 + cpu_to_le16(fs_high2lowgid(gid));
3330 raw_inode->i_uid_high = 0;
3331 raw_inode->i_gid_high = 0;
3333 +#ifdef CONFIG_TAGGING_INTERN
3334 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
3336 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
3337 raw_inode->i_size = cpu_to_le32(ei->i_disksize);
3338 raw_inode->i_atime = cpu_to_le32(inode->i_atime.tv_sec);
3339 @@ -3002,7 +3061,8 @@ int ext3_setattr(struct dentry *dentry,
3342 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
3343 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
3344 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
3345 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
3348 /* (user+group)*(old+new) structure, inode write (sb,
3349 @@ -3024,6 +3084,8 @@ int ext3_setattr(struct dentry *dentry,
3350 inode->i_uid = attr->ia_uid;
3351 if (attr->ia_valid & ATTR_GID)
3352 inode->i_gid = attr->ia_gid;
3353 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
3354 + inode->i_tag = attr->ia_tag;
3355 error = ext3_mark_inode_dirty(handle, inode);
3356 ext3_journal_stop(handle);
3358 diff -NurpP --minimal linux-2.6.25/fs/ext3/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/ioctl.c
3359 --- linux-2.6.25/fs/ext3/ioctl.c 2008-04-17 11:31:35.000000000 -0400
3360 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/ioctl.c 2008-04-19 15:14:52.000000000 -0400
3364 #include <linux/fs.h>
3365 +#include <linux/mount.h>
3366 #include <linux/jbd.h>
3367 #include <linux/capability.h>
3368 #include <linux/ext3_fs.h>
3370 #include <linux/time.h>
3371 #include <linux/compat.h>
3372 #include <linux/smp_lock.h>
3373 +#include <linux/vs_tag.h>
3374 #include <asm/uaccess.h>
3376 int ext3_ioctl (struct inode * inode, struct file * filp, unsigned int cmd,
3377 @@ -38,7 +40,8 @@ int ext3_ioctl (struct inode * inode, st
3378 unsigned int oldflags;
3381 - if (IS_RDONLY(inode))
3382 + if (IS_RDONLY(inode) ||
3383 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3386 if (!is_owner_or_cap(inode))
3387 @@ -67,7 +70,9 @@ int ext3_ioctl (struct inode * inode, st
3389 * This test looks nicer. Thanks to Pauline Middelink
3391 - if ((flags ^ oldflags) & (EXT3_APPEND_FL | EXT3_IMMUTABLE_FL)) {
3392 + if ((oldflags & EXT3_IMMUTABLE_FL) ||
3393 + ((flags ^ oldflags) & (EXT3_APPEND_FL |
3394 + EXT3_IMMUTABLE_FL | EXT3_IUNLINK_FL))) {
3395 if (!capable(CAP_LINUX_IMMUTABLE)) {
3396 mutex_unlock(&inode->i_mutex);
3398 @@ -129,7 +134,8 @@ flags_err:
3400 if (!is_owner_or_cap(inode))
3402 - if (IS_RDONLY(inode))
3403 + if (IS_RDONLY(inode) ||
3404 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3406 if (get_user(generation, (int __user *) arg))
3408 @@ -183,7 +189,8 @@ flags_err:
3409 if (!test_opt(inode->i_sb, RESERVATION) ||!S_ISREG(inode->i_mode))
3412 - if (IS_RDONLY(inode))
3413 + if (IS_RDONLY(inode) ||
3414 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3417 if (!is_owner_or_cap(inode))
3418 @@ -218,7 +225,8 @@ flags_err:
3419 if (!capable(CAP_SYS_RESOURCE))
3422 - if (IS_RDONLY(inode))
3423 + if (IS_RDONLY(inode) ||
3424 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3427 if (get_user(n_blocks_count, (__u32 __user *)arg))
3428 @@ -239,7 +247,8 @@ flags_err:
3429 if (!capable(CAP_SYS_RESOURCE))
3432 - if (IS_RDONLY(inode))
3433 + if (IS_RDONLY(inode) ||
3434 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3437 if (copy_from_user(&input, (struct ext3_new_group_input __user *)arg,
3438 diff -NurpP --minimal linux-2.6.25/fs/ext3/namei.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/namei.c
3439 --- linux-2.6.25/fs/ext3/namei.c 2008-04-17 12:05:40.000000000 -0400
3440 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/namei.c 2008-04-19 15:14:52.000000000 -0400
3442 #include <linux/quotaops.h>
3443 #include <linux/buffer_head.h>
3444 #include <linux/bio.h>
3445 +#include <linux/vs_tag.h>
3449 @@ -907,6 +908,7 @@ restart:
3451 ll_rw_block(READ_META, 1, &bh);
3453 + dx_propagate_tag(nd, inode);
3455 if ((bh = bh_use[ra_ptr++]) == NULL)
3457 @@ -2417,6 +2419,7 @@ const struct inode_operations ext3_dir_i
3458 .removexattr = generic_removexattr,
3460 .permission = ext3_permission,
3461 + .sync_flags = ext3_sync_flags,
3464 const struct inode_operations ext3_special_inode_operations = {
3465 @@ -2428,4 +2431,5 @@ const struct inode_operations ext3_speci
3466 .removexattr = generic_removexattr,
3468 .permission = ext3_permission,
3469 + .sync_flags = ext3_sync_flags,
3471 diff -NurpP --minimal linux-2.6.25/fs/ext3/super.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/super.c
3472 --- linux-2.6.25/fs/ext3/super.c 2008-04-17 12:05:40.000000000 -0400
3473 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/super.c 2008-04-20 13:26:55.000000000 -0400
3474 @@ -756,7 +756,7 @@ enum {
3475 Opt_usrjquota, Opt_grpjquota, Opt_offusrjquota, Opt_offgrpjquota,
3476 Opt_jqfmt_vfsold, Opt_jqfmt_vfsv0, Opt_quota, Opt_noquota,
3477 Opt_ignore, Opt_barrier, Opt_err, Opt_resize, Opt_usrquota,
3479 + Opt_grpquota, Opt_tag, Opt_notag, Opt_tagid
3482 static match_table_t tokens = {
3483 @@ -807,6 +807,9 @@ static match_table_t tokens = {
3484 {Opt_usrquota, "usrquota"},
3485 {Opt_barrier, "barrier=%u"},
3486 {Opt_resize, "resize"},
3488 + {Opt_notag, "notag"},
3489 + {Opt_tagid, "tagid=%u"},
3493 @@ -899,6 +902,20 @@ static int parse_options (char *options,
3495 set_opt (sbi->s_mount_opt, NO_UID32);
3497 +#ifndef CONFIG_TAGGING_NONE
3499 + set_opt (sbi->s_mount_opt, TAGGED);
3502 + clear_opt (sbi->s_mount_opt, TAGGED);
3505 +#ifdef CONFIG_PROPAGATE
3508 + set_opt (sbi->s_mount_opt, TAGGED);
3512 clear_opt (sbi->s_mount_opt, CHECK);
3514 @@ -1591,6 +1608,9 @@ static int ext3_fill_super (struct super
3518 + if (EXT3_SB(sb)->s_mount_opt & EXT3_MOUNT_TAGGED)
3519 + sb->s_flags |= MS_TAGGED;
3521 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3522 ((sbi->s_mount_opt & EXT3_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
3524 @@ -2428,6 +2448,12 @@ static int ext3_remount (struct super_bl
3526 if (sbi->s_mount_opt & EXT3_MOUNT_ABORT)
3527 ext3_abort(sb, __FUNCTION__, "Abort forced by user");
3528 + if ((sbi->s_mount_opt & EXT3_MOUNT_TAGGED) &&
3529 + !(sb->s_flags & MS_TAGGED)) {
3530 + printk("EXT3-fs: %s: tagging not permitted on remount.\n",
3535 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3536 ((sbi->s_mount_opt & EXT3_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
3537 diff -NurpP --minimal linux-2.6.25/fs/ext3/symlink.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/symlink.c
3538 --- linux-2.6.25/fs/ext3/symlink.c 2008-04-17 10:32:27.000000000 -0400
3539 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/symlink.c 2008-04-19 15:14:52.000000000 -0400
3540 @@ -40,6 +40,7 @@ const struct inode_operations ext3_symli
3541 .listxattr = ext3_listxattr,
3542 .removexattr = generic_removexattr,
3544 + .sync_flags = ext3_sync_flags,
3547 const struct inode_operations ext3_fast_symlink_inode_operations = {
3548 @@ -51,4 +52,5 @@ const struct inode_operations ext3_fast_
3549 .listxattr = ext3_listxattr,
3550 .removexattr = generic_removexattr,
3552 + .sync_flags = ext3_sync_flags,
3554 diff -NurpP --minimal linux-2.6.25/fs/ext3/xattr.c linux-2.6.25-vs2.3.0.34.9/fs/ext3/xattr.c
3555 --- linux-2.6.25/fs/ext3/xattr.c 2008-04-17 12:05:40.000000000 -0400
3556 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext3/xattr.c 2008-04-19 15:14:52.000000000 -0400
3558 #include <linux/mbcache.h>
3559 #include <linux/quotaops.h>
3560 #include <linux/rwsem.h>
3561 +#include <linux/vs_dlimit.h>
3565 @@ -496,6 +497,7 @@ ext3_xattr_release_block(handle_t *handl
3566 error = ext3_journal_dirty_metadata(handle, bh);
3569 + DLIMIT_FREE_BLOCK(inode, 1);
3570 DQUOT_FREE_BLOCK(inode, 1);
3571 ea_bdebug(bh, "refcount now=%d; releasing",
3572 le32_to_cpu(BHDR(bh)->h_refcount));
3573 @@ -769,11 +771,14 @@ inserted:
3574 if (new_bh == bs->bh)
3575 ea_bdebug(new_bh, "keeping");
3578 + if (DLIMIT_ALLOC_BLOCK(inode, 1))
3580 /* The old block is released after updating
3583 if (DQUOT_ALLOC_BLOCK(inode, 1))
3585 + goto cleanup_dlimit;
3586 error = ext3_journal_get_write_access(handle,
3589 @@ -849,6 +854,8 @@ cleanup:
3592 DQUOT_FREE_BLOCK(inode, 1);
3594 + DLIMIT_FREE_BLOCK(inode, 1);
3598 diff -NurpP --minimal linux-2.6.25/fs/ext4/balloc.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/balloc.c
3599 --- linux-2.6.25/fs/ext4/balloc.c 2008-04-17 12:05:40.000000000 -0400
3600 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/balloc.c 2008-04-21 10:23:33.000000000 -0400
3602 #include <linux/ext4_jbd2.h>
3603 #include <linux/quotaops.h>
3604 #include <linux/buffer_head.h>
3605 +#include <linux/vs_dlimit.h>
3606 +#include <linux/vs_tag.h>
3610 @@ -810,8 +812,10 @@ void ext4_free_blocks(handle_t *handle,
3612 ext4_mb_free_blocks(handle, inode, block, count,
3613 metadata, &dquot_freed_blocks);
3614 - if (dquot_freed_blocks)
3615 + if (dquot_freed_blocks) {
3616 + DLIMIT_FREE_BLOCK(inode, dquot_freed_blocks);
3617 DQUOT_FREE_BLOCK(inode, dquot_freed_blocks);
3622 @@ -1551,18 +1555,33 @@ out:
3624 * Check if filesystem has at least 1 free block available for allocation.
3626 -static int ext4_has_free_blocks(struct ext4_sb_info *sbi)
3627 +static int ext4_has_free_blocks(struct super_block *sb)
3629 + struct ext4_sb_info *sbi = EXT4_SB(sb);
3630 ext4_fsblk_t free_blocks, root_blocks;
3633 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter);
3634 root_blocks = ext4_r_blocks_count(sbi->s_es);
3635 - if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) &&
3637 + vxdprintk(VXD_CBIT(dlim, 3),
3638 + "ext4_has_free_blocks(%p): free=%llu, root=%llu",
3639 + sb, free_blocks, root_blocks);
3641 + DLIMIT_ADJUST_BLOCK(sb, dx_current_tag(), &free_blocks, &root_blocks);
3643 + cond = (free_blocks < root_blocks + 1 &&
3644 + !capable(CAP_SYS_RESOURCE) &&
3645 sbi->s_resuid != current->fsuid &&
3646 - (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) {
3650 + (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid)));
3652 + vxdprintk(VXD_CBIT(dlim, 3),
3653 + "ext4_has_free_blocks(%p): %llu<%llu+1, %c, %u!=%u r=%d",
3654 + sb, free_blocks, root_blocks,
3655 + !capable(CAP_SYS_RESOURCE)?'1':'0',
3656 + sbi->s_resuid, current->fsuid, cond?0:1);
3658 + return (cond ? 0 : 1);
3662 @@ -1579,7 +1598,7 @@ static int ext4_has_free_blocks(struct e
3664 int ext4_should_retry_alloc(struct super_block *sb, int *retries)
3666 - if (!ext4_has_free_blocks(EXT4_SB(sb)) || (*retries)++ > 3)
3667 + if (!ext4_has_free_blocks(sb) || (*retries)++ > 3)
3670 jbd_debug(1, "%s: retrying operation after ENOSPC\n", sb->s_id);
3671 @@ -1639,6 +1658,8 @@ ext4_fsblk_t ext4_new_blocks_old(handle_
3675 + if (DLIMIT_ALLOC_BLOCK(inode, num))
3679 es = EXT4_SB(sb)->s_es;
3680 @@ -1655,7 +1676,7 @@ ext4_fsblk_t ext4_new_blocks_old(handle_
3681 if (block_i && ((windowsz = block_i->rsv_window_node.rsv_goal_size) > 0))
3682 my_rsv = &block_i->rsv_window_node;
3684 - if (!ext4_has_free_blocks(sbi)) {
3685 + if (!ext4_has_free_blocks(sb)) {
3689 @@ -1841,12 +1862,16 @@ allocated:
3692 DQUOT_FREE_BLOCK(inode, *count-num);
3693 + DLIMIT_FREE_BLOCK(inode, *count-num);
3700 + if (!performed_allocation)
3701 + DLIMIT_FREE_BLOCK(inode, *count);
3705 ext4_std_error(sb, fatal);
3706 diff -NurpP --minimal linux-2.6.25/fs/ext4/file.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/file.c
3707 --- linux-2.6.25/fs/ext4/file.c 2008-04-17 12:05:40.000000000 -0400
3708 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/file.c 2008-04-19 15:14:52.000000000 -0400
3709 @@ -152,5 +152,6 @@ const struct inode_operations ext4_file_
3711 .permission = ext4_permission,
3712 .fallocate = ext4_fallocate,
3713 + .sync_flags = ext4_sync_flags,
3716 diff -NurpP --minimal linux-2.6.25/fs/ext4/ialloc.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/ialloc.c
3717 --- linux-2.6.25/fs/ext4/ialloc.c 2008-04-17 12:05:40.000000000 -0400
3718 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/ialloc.c 2008-04-21 10:29:28.000000000 -0400
3720 #include <linux/random.h>
3721 #include <linux/bitops.h>
3722 #include <linux/blkdev.h>
3723 +#include <linux/vs_dlimit.h>
3724 +#include <linux/vs_tag.h>
3725 #include <asm/byteorder.h>
3728 @@ -186,6 +188,7 @@ void ext4_free_inode (handle_t *handle,
3729 ext4_xattr_delete_inode(handle, inode);
3730 DQUOT_FREE_INODE(inode);
3732 + DLIMIT_FREE_INODE(inode);
3734 is_directory = S_ISDIR(inode->i_mode);
3736 @@ -513,6 +516,12 @@ struct inode *ext4_new_inode(handle_t *h
3737 inode = new_inode(sb);
3739 return ERR_PTR(-ENOMEM);
3741 + inode->i_tag = dx_current_fstag(sb);
3742 + if (DLIMIT_ALLOC_INODE(inode)) {
3749 @@ -707,7 +716,8 @@ got:
3750 * newly created directory and file only if -o extent mount option is
3753 - ei->i_flags = EXT4_I(dir)->i_flags & ~(EXT4_INDEX_FL|EXT4_EXTENTS_FL);
3754 + ei->i_flags = EXT4_I(dir)->i_flags &
3755 + ~(EXT4_INDEX_FL|EXT4_EXTENTS_FL|EXT4_IUNLINK_FL|EXT4_BARRIER_FL);
3757 ei->i_flags &= ~(EXT4_IMMUTABLE_FL|EXT4_APPEND_FL);
3758 /* dirsync only applies to directories */
3759 @@ -766,6 +776,8 @@ got:
3761 ext4_std_error(sb, err);
3763 + DLIMIT_FREE_INODE(inode);
3768 @@ -777,6 +789,7 @@ fail_free_drop:
3772 + DLIMIT_FREE_INODE(inode);
3773 inode->i_flags |= S_NOQUOTA;
3776 diff -NurpP --minimal linux-2.6.25/fs/ext4/inode.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/inode.c
3777 --- linux-2.6.25/fs/ext4/inode.c 2008-04-17 12:05:40.000000000 -0400
3778 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/inode.c 2008-04-21 10:20:53.000000000 -0400
3780 #include <linux/mpage.h>
3781 #include <linux/uio.h>
3782 #include <linux/bio.h>
3783 +#include <linux/vs_tag.h>
3787 @@ -2342,7 +2343,7 @@ void ext4_truncate(struct inode *inode)
3789 if (ext4_inode_is_fast_symlink(inode))
3791 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
3792 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
3796 @@ -2671,13 +2672,20 @@ void ext4_set_inode_flags(struct inode *
3798 unsigned int flags = EXT4_I(inode)->i_flags;
3800 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
3801 + inode->i_flags &= ~(S_IMMUTABLE | S_IUNLINK | S_BARRIER |
3802 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
3804 + if (flags & EXT4_IMMUTABLE_FL)
3805 + inode->i_flags |= S_IMMUTABLE;
3806 + if (flags & EXT4_IUNLINK_FL)
3807 + inode->i_flags |= S_IUNLINK;
3808 + if (flags & EXT4_BARRIER_FL)
3809 + inode->i_flags |= S_BARRIER;
3811 if (flags & EXT4_SYNC_FL)
3812 inode->i_flags |= S_SYNC;
3813 if (flags & EXT4_APPEND_FL)
3814 inode->i_flags |= S_APPEND;
3815 - if (flags & EXT4_IMMUTABLE_FL)
3816 - inode->i_flags |= S_IMMUTABLE;
3817 if (flags & EXT4_NOATIME_FL)
3818 inode->i_flags |= S_NOATIME;
3819 if (flags & EXT4_DIRSYNC_FL)
3820 @@ -2702,6 +2710,46 @@ void ext4_get_inode_flags(struct ext4_in
3821 if (flags & S_DIRSYNC)
3822 ei->i_flags |= EXT4_DIRSYNC_FL;
3825 +int ext4_sync_flags(struct inode *inode)
3827 + unsigned int oldflags, newflags;
3830 + oldflags = EXT4_I(inode)->i_flags;
3831 + newflags = oldflags & ~(EXT4_IMMUTABLE_FL |
3832 + EXT4_IUNLINK_FL | EXT4_BARRIER_FL);
3834 + if (IS_IMMUTABLE(inode))
3835 + newflags |= EXT4_IMMUTABLE_FL;
3836 + if (IS_IUNLINK(inode))
3837 + newflags |= EXT4_IUNLINK_FL;
3838 + if (IS_BARRIER(inode))
3839 + newflags |= EXT4_BARRIER_FL;
3841 + if (oldflags ^ newflags) {
3843 + struct ext4_iloc iloc;
3845 + handle = ext4_journal_start(inode, 1);
3846 + if (IS_ERR(handle))
3847 + return PTR_ERR(handle);
3848 + if (IS_SYNC(inode))
3849 + handle->h_sync = 1;
3850 + err = ext4_reserve_inode_write(handle, inode, &iloc);
3854 + EXT4_I(inode)->i_flags = newflags;
3855 + inode->i_ctime = CURRENT_TIME;
3857 + err = ext4_mark_iloc_dirty(handle, inode, &iloc);
3859 + ext4_journal_stop(handle);
3864 static blkcnt_t ext4_inode_blocks(struct ext4_inode *raw_inode,
3865 struct ext4_inode_info *ei)
3867 @@ -2734,6 +2782,8 @@ struct inode *ext4_iget(struct super_blo
3868 struct inode *inode;
3874 inode = iget_locked(sb, ino);
3876 @@ -2754,12 +2804,17 @@ struct inode *ext4_iget(struct super_blo
3878 raw_inode = ext4_raw_inode(&iloc);
3879 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
3880 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3881 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3882 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3883 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3884 if(!(test_opt (inode->i_sb, NO_UID32))) {
3885 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3886 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3887 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3888 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3890 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
3891 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
3892 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
3893 + le16_to_cpu(raw_inode->i_raw_tag));
3895 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
3898 @@ -2933,6 +2988,8 @@ static int ext4_do_update_inode(handle_t
3899 struct ext4_inode *raw_inode = ext4_raw_inode(iloc);
3900 struct ext4_inode_info *ei = EXT4_I(inode);
3901 struct buffer_head *bh = iloc->bh;
3902 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
3903 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
3904 int err = 0, rc, block;
3906 /* For fields not not tracking in the in-memory inode,
3907 @@ -2943,29 +3000,32 @@ static int ext4_do_update_inode(handle_t
3908 ext4_get_inode_flags(ei);
3909 raw_inode->i_mode = cpu_to_le16(inode->i_mode);
3910 if(!(test_opt(inode->i_sb, NO_UID32))) {
3911 - raw_inode->i_uid_low = cpu_to_le16(low_16_bits(inode->i_uid));
3912 - raw_inode->i_gid_low = cpu_to_le16(low_16_bits(inode->i_gid));
3913 + raw_inode->i_uid_low = cpu_to_le16(low_16_bits(uid));
3914 + raw_inode->i_gid_low = cpu_to_le16(low_16_bits(gid));
3916 * Fix up interoperability with old kernels. Otherwise, old inodes get
3917 * re-used with the upper 16 bits of the uid/gid intact
3920 raw_inode->i_uid_high =
3921 - cpu_to_le16(high_16_bits(inode->i_uid));
3922 + cpu_to_le16(high_16_bits(uid));
3923 raw_inode->i_gid_high =
3924 - cpu_to_le16(high_16_bits(inode->i_gid));
3925 + cpu_to_le16(high_16_bits(gid));
3927 raw_inode->i_uid_high = 0;
3928 raw_inode->i_gid_high = 0;
3931 raw_inode->i_uid_low =
3932 - cpu_to_le16(fs_high2lowuid(inode->i_uid));
3933 + cpu_to_le16(fs_high2lowuid(uid));
3934 raw_inode->i_gid_low =
3935 - cpu_to_le16(fs_high2lowgid(inode->i_gid));
3936 + cpu_to_le16(fs_high2lowgid(gid));
3937 raw_inode->i_uid_high = 0;
3938 raw_inode->i_gid_high = 0;
3940 +#ifdef CONFIG_TAGGING_INTERN
3941 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
3943 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
3945 EXT4_INODE_SET_XTIME(i_ctime, inode, raw_inode);
3946 @@ -3121,7 +3181,8 @@ int ext4_setattr(struct dentry *dentry,
3949 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
3950 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
3951 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
3952 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
3955 /* (user+group)*(old+new) structure, inode write (sb,
3956 @@ -3143,6 +3204,8 @@ int ext4_setattr(struct dentry *dentry,
3957 inode->i_uid = attr->ia_uid;
3958 if (attr->ia_valid & ATTR_GID)
3959 inode->i_gid = attr->ia_gid;
3960 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
3961 + inode->i_tag = attr->ia_tag;
3962 error = ext4_mark_inode_dirty(handle, inode);
3963 ext4_journal_stop(handle);
3965 diff -NurpP --minimal linux-2.6.25/fs/ext4/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/ioctl.c
3966 --- linux-2.6.25/fs/ext4/ioctl.c 2008-04-17 12:05:40.000000000 -0400
3967 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/ioctl.c 2008-04-19 15:14:52.000000000 -0400
3971 #include <linux/fs.h>
3972 +#include <linux/mount.h>
3973 #include <linux/jbd2.h>
3974 #include <linux/capability.h>
3975 #include <linux/ext4_fs.h>
3977 #include <linux/time.h>
3978 #include <linux/compat.h>
3979 #include <linux/smp_lock.h>
3980 +#include <linux/vs_tag.h>
3981 #include <asm/uaccess.h>
3983 int ext4_ioctl (struct inode * inode, struct file * filp, unsigned int cmd,
3984 @@ -38,7 +40,8 @@ int ext4_ioctl (struct inode * inode, st
3985 unsigned int oldflags;
3988 - if (IS_RDONLY(inode))
3989 + if (IS_RDONLY(inode) ||
3990 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3993 if (!is_owner_or_cap(inode))
3994 @@ -67,7 +70,9 @@ int ext4_ioctl (struct inode * inode, st
3996 * This test looks nicer. Thanks to Pauline Middelink
3998 - if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) {
3999 + if ((oldflags & EXT4_IMMUTABLE_FL) ||
4000 + ((flags ^ oldflags) & (EXT4_APPEND_FL |
4001 + EXT4_IMMUTABLE_FL | EXT4_IUNLINK_FL))) {
4002 if (!capable(CAP_LINUX_IMMUTABLE)) {
4003 mutex_unlock(&inode->i_mutex);
4005 @@ -129,7 +134,8 @@ flags_err:
4007 if (!is_owner_or_cap(inode))
4009 - if (IS_RDONLY(inode))
4010 + if (IS_RDONLY(inode) ||
4011 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4013 if (get_user(generation, (int __user *) arg))
4015 @@ -183,7 +189,8 @@ flags_err:
4016 if (!test_opt(inode->i_sb, RESERVATION) ||!S_ISREG(inode->i_mode))
4019 - if (IS_RDONLY(inode))
4020 + if (IS_RDONLY(inode) ||
4021 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4024 if (!is_owner_or_cap(inode))
4025 @@ -218,7 +225,8 @@ flags_err:
4026 if (!capable(CAP_SYS_RESOURCE))
4029 - if (IS_RDONLY(inode))
4030 + if (IS_RDONLY(inode) ||
4031 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4034 if (get_user(n_blocks_count, (__u32 __user *)arg))
4035 @@ -239,7 +247,8 @@ flags_err:
4036 if (!capable(CAP_SYS_RESOURCE))
4039 - if (IS_RDONLY(inode))
4040 + if (IS_RDONLY(inode) ||
4041 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4044 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
4045 diff -NurpP --minimal linux-2.6.25/fs/ext4/namei.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/namei.c
4046 --- linux-2.6.25/fs/ext4/namei.c 2008-04-17 12:05:40.000000000 -0400
4047 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/namei.c 2008-04-19 15:14:52.000000000 -0400
4049 #include <linux/quotaops.h>
4050 #include <linux/buffer_head.h>
4051 #include <linux/bio.h>
4052 +#include <linux/vs_tag.h>
4056 @@ -908,6 +909,7 @@ restart:
4058 ll_rw_block(READ_META, 1, &bh);
4060 + dx_propagate_tag(nd, inode);
4062 if ((bh = bh_use[ra_ptr++]) == NULL)
4064 @@ -2448,6 +2450,7 @@ const struct inode_operations ext4_dir_i
4065 .removexattr = generic_removexattr,
4067 .permission = ext4_permission,
4068 + .sync_flags = ext4_sync_flags,
4071 const struct inode_operations ext4_special_inode_operations = {
4072 @@ -2459,4 +2462,5 @@ const struct inode_operations ext4_speci
4073 .removexattr = generic_removexattr,
4075 .permission = ext4_permission,
4076 + .sync_flags = ext4_sync_flags,
4078 diff -NurpP --minimal linux-2.6.25/fs/ext4/super.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/super.c
4079 --- linux-2.6.25/fs/ext4/super.c 2008-04-17 12:05:40.000000000 -0400
4080 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/super.c 2008-04-21 10:31:22.000000000 -0400
4081 @@ -887,6 +887,7 @@ enum {
4082 Opt_ignore, Opt_barrier, Opt_err, Opt_resize, Opt_usrquota,
4083 Opt_grpquota, Opt_extents, Opt_noextents, Opt_i_version,
4084 Opt_mballoc, Opt_nomballoc, Opt_stripe,
4085 + Opt_tag, Opt_notag, Opt_tagid
4088 static match_table_t tokens = {
4089 @@ -944,8 +945,11 @@ static match_table_t tokens = {
4090 {Opt_mballoc, "mballoc"},
4091 {Opt_nomballoc, "nomballoc"},
4092 {Opt_stripe, "stripe=%u"},
4094 {Opt_resize, "resize"},
4096 + {Opt_notag, "notag"},
4097 + {Opt_tagid, "tagid=%u"},
4101 static ext4_fsblk_t get_sb_block(void **data)
4102 @@ -1037,6 +1041,20 @@ static int parse_options (char *options,
4104 set_opt (sbi->s_mount_opt, NO_UID32);
4106 +#ifndef CONFIG_TAGGING_NONE
4108 + set_opt (sbi->s_mount_opt, TAGGED);
4111 + clear_opt (sbi->s_mount_opt, TAGGED);
4114 +#ifdef CONFIG_PROPAGATE
4117 + set_opt (sbi->s_mount_opt, TAGGED);
4121 clear_opt (sbi->s_mount_opt, CHECK);
4123 @@ -1909,6 +1927,9 @@ static int ext4_fill_super (struct super
4127 + if (EXT4_SB(sb)->s_mount_opt & EXT4_MOUNT_TAGGED)
4128 + sb->s_flags |= MS_TAGGED;
4130 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
4131 ((sbi->s_mount_opt & EXT4_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
4133 @@ -2828,6 +2849,12 @@ static int ext4_remount (struct super_bl
4135 if (sbi->s_mount_opt & EXT4_MOUNT_ABORT)
4136 ext4_abort(sb, __FUNCTION__, "Abort forced by user");
4137 + if ((sbi->s_mount_opt & EXT4_MOUNT_TAGGED) &&
4138 + !(sb->s_flags & MS_TAGGED)) {
4139 + printk("EXT4-fs: %s: tagging not permitted on remount.\n",
4144 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
4145 ((sbi->s_mount_opt & EXT4_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
4146 diff -NurpP --minimal linux-2.6.25/fs/ext4/symlink.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/symlink.c
4147 --- linux-2.6.25/fs/ext4/symlink.c 2008-04-17 10:32:27.000000000 -0400
4148 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/symlink.c 2008-04-19 15:14:52.000000000 -0400
4149 @@ -40,6 +40,7 @@ const struct inode_operations ext4_symli
4150 .listxattr = ext4_listxattr,
4151 .removexattr = generic_removexattr,
4153 + .sync_flags = ext4_sync_flags,
4156 const struct inode_operations ext4_fast_symlink_inode_operations = {
4157 @@ -51,4 +52,5 @@ const struct inode_operations ext4_fast_
4158 .listxattr = ext4_listxattr,
4159 .removexattr = generic_removexattr,
4161 + .sync_flags = ext4_sync_flags,
4163 diff -NurpP --minimal linux-2.6.25/fs/ext4/xattr.c linux-2.6.25-vs2.3.0.34.9/fs/ext4/xattr.c
4164 --- linux-2.6.25/fs/ext4/xattr.c 2008-04-17 12:05:40.000000000 -0400
4165 +++ linux-2.6.25-vs2.3.0.34.9/fs/ext4/xattr.c 2008-04-19 15:14:52.000000000 -0400
4167 #include <linux/mbcache.h>
4168 #include <linux/quotaops.h>
4169 #include <linux/rwsem.h>
4170 +#include <linux/vs_dlimit.h>
4174 @@ -489,6 +490,7 @@ ext4_xattr_release_block(handle_t *handl
4175 error = ext4_journal_dirty_metadata(handle, bh);
4178 + DLIMIT_FREE_BLOCK(inode, 1);
4179 DQUOT_FREE_BLOCK(inode, 1);
4180 ea_bdebug(bh, "refcount now=%d; releasing",
4181 le32_to_cpu(BHDR(bh)->h_refcount));
4182 @@ -779,11 +781,14 @@ inserted:
4183 if (new_bh == bs->bh)
4184 ea_bdebug(new_bh, "keeping");
4187 + if (DLIMIT_ALLOC_BLOCK(inode, 1))
4189 /* The old block is released after updating
4192 if (DQUOT_ALLOC_BLOCK(inode, 1))
4194 + goto cleanup_dlimit;
4195 error = ext4_journal_get_write_access(handle,
4198 @@ -860,6 +865,8 @@ cleanup:
4201 DQUOT_FREE_BLOCK(inode, 1);
4203 + DLIMIT_FREE_BLOCK(inode, 1);
4207 diff -NurpP --minimal linux-2.6.25/fs/fcntl.c linux-2.6.25-vs2.3.0.34.9/fs/fcntl.c
4208 --- linux-2.6.25/fs/fcntl.c 2008-04-17 12:05:40.000000000 -0400
4209 +++ linux-2.6.25-vs2.3.0.34.9/fs/fcntl.c 2008-04-19 15:14:52.000000000 -0400
4211 #include <linux/signal.h>
4212 #include <linux/rcupdate.h>
4213 #include <linux/pid_namespace.h>
4214 +#include <linux/vs_limit.h>
4216 #include <asm/poll.h>
4217 #include <asm/siginfo.h>
4218 @@ -85,6 +86,8 @@ repeat:
4220 if (newfd >= current->signal->rlim[RLIMIT_NOFILE].rlim_cur)
4222 + if (!vx_files_avail(1))
4225 error = expand_files(files, newfd);
4227 @@ -128,6 +131,7 @@ static int dupfd(struct file *file, unsi
4229 FD_CLR(fd, fdt->close_on_exec);
4230 spin_unlock(&files->file_lock);
4231 + vx_openfd_inc(fd);
4232 fd_install(fd, file);
4234 spin_unlock(&files->file_lock);
4235 @@ -180,6 +184,9 @@ asmlinkage long sys_dup2(unsigned int ol
4238 filp_close(tofree, files);
4240 + vx_openfd_inc(newfd); /* fd was unused */
4245 diff -NurpP --minimal linux-2.6.25/fs/file_table.c linux-2.6.25-vs2.3.0.34.9/fs/file_table.c
4246 --- linux-2.6.25/fs/file_table.c 2008-04-17 12:05:40.000000000 -0400
4247 +++ linux-2.6.25-vs2.3.0.34.9/fs/file_table.c 2008-04-19 15:14:52.000000000 -0400
4249 #include <linux/fsnotify.h>
4250 #include <linux/sysctl.h>
4251 #include <linux/percpu_counter.h>
4252 +#include <linux/vs_limit.h>
4253 +#include <linux/vs_context.h>
4255 #include <asm/atomic.h>
4257 @@ -124,6 +126,8 @@ struct file *get_empty_filp(void)
4258 f->f_gid = tsk->fsgid;
4259 eventpoll_init_file(f);
4260 /* f->f_version: 0 */
4261 + f->f_xid = vx_current_xid();
4266 @@ -239,6 +243,8 @@ void __fput(struct file *file)
4267 if (file->f_mode & FMODE_WRITE)
4268 put_write_access(inode);
4269 put_pid(file->f_owner.pid);
4270 + vx_files_dec(file);
4273 file->f_path.dentry = NULL;
4274 file->f_path.mnt = NULL;
4275 @@ -304,6 +310,8 @@ void put_filp(struct file *file)
4277 if (atomic_dec_and_test(&file->f_count)) {
4278 security_file_free(file);
4279 + vx_files_dec(file);
4284 diff -NurpP --minimal linux-2.6.25/fs/hfsplus/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/hfsplus/ioctl.c
4285 --- linux-2.6.25/fs/hfsplus/ioctl.c 2008-04-17 10:37:23.000000000 -0400
4286 +++ linux-2.6.25-vs2.3.0.34.9/fs/hfsplus/ioctl.c 2008-04-19 15:14:52.000000000 -0400
4288 #include <linux/fs.h>
4289 #include <linux/sched.h>
4290 #include <linux/xattr.h>
4291 +#include <linux/mount.h>
4292 #include <asm/uaccess.h>
4293 #include "hfsplus_fs.h"
4295 @@ -35,7 +36,8 @@ int hfsplus_ioctl(struct inode *inode, s
4296 flags |= FS_NODUMP_FL; /* EXT2_NODUMP_FL */
4297 return put_user(flags, (int __user *)arg);
4298 case HFSPLUS_IOC_EXT2_SETFLAGS: {
4299 - if (IS_RDONLY(inode))
4300 + if (IS_RDONLY(inode) ||
4301 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4304 if (!is_owner_or_cap(inode))
4305 diff -NurpP --minimal linux-2.6.25/fs/inode.c linux-2.6.25-vs2.3.0.34.9/fs/inode.c
4306 --- linux-2.6.25/fs/inode.c 2008-04-17 12:05:40.000000000 -0400
4307 +++ linux-2.6.25-vs2.3.0.34.9/fs/inode.c 2008-04-19 15:14:52.000000000 -0400
4308 @@ -124,6 +124,9 @@ static struct inode *alloc_inode(struct
4309 struct address_space * const mapping = &inode->i_data;
4313 + /* essential because of inode slab reuse */
4315 inode->i_blkbits = sb->s_blocksize_bits;
4317 atomic_set(&inode->i_count, 1);
4318 @@ -142,6 +145,7 @@ static struct inode *alloc_inode(struct
4319 inode->i_bdev = NULL;
4320 inode->i_cdev = NULL;
4322 + inode->i_mdev = 0;
4323 inode->dirtied_when = 0;
4324 if (security_inode_alloc(inode)) {
4325 if (inode->i_sb->s_op->destroy_inode)
4326 @@ -246,6 +250,8 @@ void __iget(struct inode * inode)
4327 inodes_stat.nr_unused--;
4330 +EXPORT_SYMBOL_GPL(__iget);
4333 * clear_inode - clear an inode
4334 * @inode: inode to clear
4335 @@ -1434,9 +1440,11 @@ void init_special_inode(struct inode *in
4336 if (S_ISCHR(mode)) {
4337 inode->i_fop = &def_chr_fops;
4338 inode->i_rdev = rdev;
4339 + inode->i_mdev = rdev;
4340 } else if (S_ISBLK(mode)) {
4341 inode->i_fop = &def_blk_fops;
4342 inode->i_rdev = rdev;
4343 + inode->i_mdev = rdev;
4344 } else if (S_ISFIFO(mode))
4345 inode->i_fop = &def_fifo_fops;
4346 else if (S_ISSOCK(mode))
4347 diff -NurpP --minimal linux-2.6.25/fs/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/ioctl.c
4348 --- linux-2.6.25/fs/ioctl.c 2008-04-17 12:05:40.000000000 -0400
4349 +++ linux-2.6.25-vs2.3.0.34.9/fs/ioctl.c 2008-04-21 09:25:46.000000000 -0400
4351 #include <linux/security.h>
4352 #include <linux/module.h>
4353 #include <linux/uaccess.h>
4354 +#include <linux/proc_fs.h>
4355 +#include <linux/vserver/inode.h>
4356 +#include <linux/vs_tag.h>
4358 #include <asm/ioctls.h>
4360 diff -NurpP --minimal linux-2.6.25/fs/ioprio.c linux-2.6.25-vs2.3.0.34.9/fs/ioprio.c
4361 --- linux-2.6.25/fs/ioprio.c 2008-04-17 12:05:40.000000000 -0400
4362 +++ linux-2.6.25-vs2.3.0.34.9/fs/ioprio.c 2008-04-19 15:14:52.000000000 -0400
4364 #include <linux/syscalls.h>
4365 #include <linux/security.h>
4366 #include <linux/pid_namespace.h>
4367 +#include <linux/vs_base.h>
4369 static int set_task_ioprio(struct task_struct *task, int ioprio)
4371 @@ -116,6 +117,8 @@ asmlinkage long sys_ioprio_set(int which
4373 pgrp = find_vpid(who);
4374 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
4375 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
4377 ret = set_task_ioprio(p, ioprio);
4380 @@ -205,6 +208,8 @@ asmlinkage long sys_ioprio_get(int which
4382 pgrp = find_vpid(who);
4383 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
4384 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
4386 tmpio = get_task_ioprio(p);
4389 diff -NurpP --minimal linux-2.6.25/fs/jfs/acl.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/acl.c
4390 --- linux-2.6.25/fs/jfs/acl.c 2007-02-04 13:44:54.000000000 -0500
4391 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/acl.c 2008-04-19 15:14:52.000000000 -0400
4392 @@ -232,7 +232,8 @@ int jfs_setattr(struct dentry *dentry, s
4395 if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) ||
4396 - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) {
4397 + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) ||
4398 + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) {
4399 if (DQUOT_TRANSFER(inode, iattr))
4402 diff -NurpP --minimal linux-2.6.25/fs/jfs/file.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/file.c
4403 --- linux-2.6.25/fs/jfs/file.c 2008-04-17 12:05:40.000000000 -0400
4404 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/file.c 2008-04-19 15:14:52.000000000 -0400
4405 @@ -98,6 +98,7 @@ const struct inode_operations jfs_file_i
4406 .setattr = jfs_setattr,
4407 .permission = jfs_permission,
4409 + .sync_flags = jfs_sync_flags,
4412 const struct file_operations jfs_file_operations = {
4413 diff -NurpP --minimal linux-2.6.25/fs/jfs/inode.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/inode.c
4414 --- linux-2.6.25/fs/jfs/inode.c 2008-04-17 12:05:40.000000000 -0400
4415 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/inode.c 2008-04-19 15:14:52.000000000 -0400
4417 #include <linux/buffer_head.h>
4418 #include <linux/pagemap.h>
4419 #include <linux/quotaops.h>
4420 +#include <linux/vs_dlimit.h>
4421 #include "jfs_incore.h"
4422 #include "jfs_inode.h"
4423 #include "jfs_filsys.h"
4424 @@ -155,6 +156,7 @@ void jfs_delete_inode(struct inode *inod
4426 DQUOT_FREE_INODE(inode);
4428 + DLIMIT_FREE_INODE(inode);
4432 diff -NurpP --minimal linux-2.6.25/fs/jfs/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/ioctl.c
4433 --- linux-2.6.25/fs/jfs/ioctl.c 2008-04-17 12:05:40.000000000 -0400
4434 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/ioctl.c 2008-04-21 09:25:22.000000000 -0400
4436 #include <linux/capability.h>
4437 #include <linux/time.h>
4438 #include <linux/sched.h>
4439 +#include <linux/mount.h>
4440 #include <asm/current.h>
4441 #include <asm/uaccess.h>
4443 @@ -66,7 +67,8 @@ long jfs_ioctl(struct file *filp, unsign
4444 case JFS_IOC_SETFLAGS: {
4445 unsigned int oldflags;
4447 - if (IS_RDONLY(inode))
4448 + if (IS_RDONLY(inode) ||
4449 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4452 if (!is_owner_or_cap(inode))
4453 @@ -94,8 +96,8 @@ long jfs_ioctl(struct file *filp, unsign
4454 * the relevant capability.
4456 if ((oldflags & JFS_IMMUTABLE_FL) ||
4457 - ((flags ^ oldflags) &
4458 - (JFS_APPEND_FL | JFS_IMMUTABLE_FL))) {
4459 + ((flags ^ oldflags) & (JFS_APPEND_FL |
4460 + JFS_IMMUTABLE_FL | JFS_IUNLINK_FL))) {
4461 if (!capable(CAP_LINUX_IMMUTABLE)) {
4462 mutex_unlock(&inode->i_mutex);
4464 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_dinode.h linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_dinode.h
4465 --- linux-2.6.25/fs/jfs/jfs_dinode.h 2008-04-17 12:05:40.000000000 -0400
4466 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_dinode.h 2008-04-19 15:14:52.000000000 -0400
4467 @@ -162,9 +162,12 @@ struct dinode {
4468 #define JFS_APPEND_FL 0x01000000 /* writes to file may only append */
4469 #define JFS_IMMUTABLE_FL 0x02000000 /* Immutable file */
4471 -#define JFS_FL_USER_VISIBLE 0x03F80000
4472 +#define JFS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
4473 +#define JFS_IUNLINK_FL 0x08000000 /* Immutable unlink */
4475 +#define JFS_FL_USER_VISIBLE 0x0FF80000
4476 #define JFS_FL_USER_MODIFIABLE 0x03F80000
4477 -#define JFS_FL_INHERIT 0x03C80000
4478 +#define JFS_FL_INHERIT 0x0BC80000
4480 /* These are identical to EXT[23]_IOC_GETFLAGS/SETFLAGS */
4481 #define JFS_IOC_GETFLAGS _IOR('f', 1, long)
4482 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_dtree.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_dtree.c
4483 --- linux-2.6.25/fs/jfs/jfs_dtree.c 2008-04-17 12:05:40.000000000 -0400
4484 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_dtree.c 2008-04-19 15:14:52.000000000 -0400
4487 #include <linux/fs.h>
4488 #include <linux/quotaops.h>
4489 +#include <linux/vs_dlimit.h>
4490 #include "jfs_incore.h"
4491 #include "jfs_superblock.h"
4492 #include "jfs_filsys.h"
4493 @@ -383,10 +384,10 @@ static u32 add_index(tid_t tid, struct i
4495 if (DQUOT_ALLOC_BLOCK(ip, sbi->nbperpage))
4497 - if (dbAlloc(ip, 0, sbi->nbperpage, &xaddr)) {
4498 - DQUOT_FREE_BLOCK(ip, sbi->nbperpage);
4501 + if (DLIMIT_ALLOC_BLOCK(ip, sbi->nbperpage))
4502 + goto clean_up_dquot;
4503 + if (dbAlloc(ip, 0, sbi->nbperpage, &xaddr))
4504 + goto clean_up_dlimit;
4507 * Save the table, we're going to overwrite it with the
4508 @@ -480,6 +481,12 @@ static u32 add_index(tid_t tid, struct i
4513 + DLIMIT_FREE_BLOCK(ip, sbi->nbperpage);
4516 + DQUOT_FREE_BLOCK(ip, sbi->nbperpage);
4520 jfs_ip->next_index--;
4521 @@ -951,6 +958,7 @@ static int dtSplitUp(tid_t tid,
4524 int quota_allocation = 0;
4525 + int dlimit_allocation = 0;
4527 /* get split page */
4529 @@ -1033,6 +1041,12 @@ static int dtSplitUp(tid_t tid,
4531 quota_allocation += n;
4533 + if (DLIMIT_ALLOC_BLOCK(ip, n)) {
4537 + dlimit_allocation += n;
4539 if ((rc = dbReAlloc(sbi->ipbmap, xaddr, (s64) xlen,
4542 @@ -1306,6 +1320,9 @@ static int dtSplitUp(tid_t tid,
4546 + /* Rollback dlimit allocation */
4547 + if (rc && dlimit_allocation)
4548 + DLIMIT_FREE_BLOCK(ip, dlimit_allocation);
4549 /* Rollback quota allocation */
4550 if (rc && quota_allocation)
4551 DQUOT_FREE_BLOCK(ip, quota_allocation);
4552 @@ -1373,6 +1390,12 @@ static int dtSplitPage(tid_t tid, struct
4553 release_metapage(rmp);
4556 + /* Allocate blocks to dlimit. */
4557 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
4558 + DQUOT_FREE_BLOCK(ip, lengthPXD(pxd));
4559 + release_metapage(rmp);
4563 jfs_info("dtSplitPage: ip:0x%p smp:0x%p rmp:0x%p", ip, smp, rmp);
4565 @@ -1920,6 +1943,12 @@ static int dtSplitRoot(tid_t tid,
4566 release_metapage(rmp);
4569 + /* Allocate blocks to dlimit. */
4570 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
4571 + DQUOT_FREE_BLOCK(ip, lengthPXD(pxd));
4572 + release_metapage(rmp);
4576 BT_MARK_DIRTY(rmp, ip);
4578 @@ -2286,6 +2315,8 @@ static int dtDeleteUp(tid_t tid, struct
4580 xlen = lengthPXD(&fp->header.self);
4582 + /* Free dlimit allocation. */
4583 + DLIMIT_FREE_BLOCK(ip, xlen);
4584 /* Free quota allocation. */
4585 DQUOT_FREE_BLOCK(ip, xlen);
4587 @@ -2362,6 +2393,8 @@ static int dtDeleteUp(tid_t tid, struct
4589 xlen = lengthPXD(&p->header.self);
4591 + /* Free dlimit allocation */
4592 + DLIMIT_FREE_BLOCK(ip, xlen);
4593 /* Free quota allocation */
4594 DQUOT_FREE_BLOCK(ip, xlen);
4596 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_extent.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_extent.c
4597 --- linux-2.6.25/fs/jfs/jfs_extent.c 2008-04-17 10:37:23.000000000 -0400
4598 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_extent.c 2008-04-19 15:14:52.000000000 -0400
4601 #include <linux/fs.h>
4602 #include <linux/quotaops.h>
4603 +#include <linux/vs_dlimit.h>
4604 #include "jfs_incore.h"
4605 #include "jfs_inode.h"
4606 #include "jfs_superblock.h"
4607 @@ -147,6 +148,14 @@ extAlloc(struct inode *ip, s64 xlen, s64
4611 + /* Allocate blocks to dlimit. */
4612 + if (DLIMIT_ALLOC_BLOCK(ip, nxlen)) {
4613 + DQUOT_FREE_BLOCK(ip, nxlen);
4614 + dbFree(ip, nxaddr, (s64) nxlen);
4615 + mutex_unlock(&JFS_IP(ip)->commit_mutex);
4619 /* determine the value of the extent flag */
4620 xflag = abnr ? XAD_NOTRECORDED : 0;
4622 @@ -164,6 +173,7 @@ extAlloc(struct inode *ip, s64 xlen, s64
4625 dbFree(ip, nxaddr, nxlen);
4626 + DLIMIT_FREE_BLOCK(ip, nxlen);
4627 DQUOT_FREE_BLOCK(ip, nxlen);
4628 mutex_unlock(&JFS_IP(ip)->commit_mutex);
4630 @@ -261,6 +271,13 @@ int extRealloc(struct inode *ip, s64 nxl
4631 mutex_unlock(&JFS_IP(ip)->commit_mutex);
4634 + /* Allocate blocks to dlimit. */
4635 + if (DLIMIT_ALLOC_BLOCK(ip, nxlen)) {
4636 + DQUOT_FREE_BLOCK(ip, nxlen);
4637 + dbFree(ip, nxaddr, (s64) nxlen);
4638 + up(&JFS_IP(ip)->commit_sem);
4642 delta = nxlen - xlen;
4644 @@ -297,6 +314,7 @@ int extRealloc(struct inode *ip, s64 nxl
4645 /* extend the extent */
4646 if ((rc = xtExtend(0, ip, xoff + xlen, (int) nextend, 0))) {
4647 dbFree(ip, xaddr + xlen, delta);
4648 + DLIMIT_FREE_BLOCK(ip, nxlen);
4649 DQUOT_FREE_BLOCK(ip, nxlen);
4652 @@ -308,6 +326,7 @@ int extRealloc(struct inode *ip, s64 nxl
4654 if ((rc = xtTailgate(0, ip, xoff, (int) ntail, nxaddr, 0))) {
4655 dbFree(ip, nxaddr, nxlen);
4656 + DLIMIT_FREE_BLOCK(ip, nxlen);
4657 DQUOT_FREE_BLOCK(ip, nxlen);
4660 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_filsys.h linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_filsys.h
4661 --- linux-2.6.25/fs/jfs/jfs_filsys.h 2008-04-17 10:37:23.000000000 -0400
4662 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_filsys.h 2008-04-19 15:14:52.000000000 -0400
4664 #define JFS_NAME_MAX 255
4665 #define JFS_PATH_MAX BPSIZE
4667 +#define JFS_TAGGED 0x00800000 /* Context Tagging */
4670 * file system state (superblock state)
4671 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_imap.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_imap.c
4672 --- linux-2.6.25/fs/jfs/jfs_imap.c 2008-04-17 12:05:40.000000000 -0400
4673 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_imap.c 2008-04-19 15:14:52.000000000 -0400
4675 #include <linux/buffer_head.h>
4676 #include <linux/pagemap.h>
4677 #include <linux/quotaops.h>
4678 +#include <linux/vs_tag.h>
4680 #include "jfs_incore.h"
4681 #include "jfs_inode.h"
4682 @@ -3061,6 +3062,8 @@ static int copy_from_dinode(struct dinod
4684 struct jfs_inode_info *jfs_ip = JFS_IP(ip);
4685 struct jfs_sb_info *sbi = JFS_SBI(ip->i_sb);
4689 jfs_ip->fileset = le32_to_cpu(dip->di_fileset);
4690 jfs_ip->mode2 = le32_to_cpu(dip->di_mode);
4691 @@ -3081,14 +3084,18 @@ static int copy_from_dinode(struct dinod
4693 ip->i_nlink = le32_to_cpu(dip->di_nlink);
4695 - jfs_ip->saved_uid = le32_to_cpu(dip->di_uid);
4696 + uid = le32_to_cpu(dip->di_uid);
4697 + gid = le32_to_cpu(dip->di_gid);
4698 + ip->i_tag = INOTAG_TAG(DX_TAG(ip), uid, gid, 0);
4700 + jfs_ip->saved_uid = INOTAG_UID(DX_TAG(ip), uid, gid);
4702 ip->i_uid = jfs_ip->saved_uid;
4704 ip->i_uid = sbi->uid;
4707 - jfs_ip->saved_gid = le32_to_cpu(dip->di_gid);
4708 + jfs_ip->saved_gid = INOTAG_GID(DX_TAG(ip), uid, gid);
4710 ip->i_gid = jfs_ip->saved_gid;
4712 @@ -3153,14 +3160,12 @@ static void copy_to_dinode(struct dinode
4713 dip->di_size = cpu_to_le64(ip->i_size);
4714 dip->di_nblocks = cpu_to_le64(PBLK2LBLK(ip->i_sb, ip->i_blocks));
4715 dip->di_nlink = cpu_to_le32(ip->i_nlink);
4716 - if (sbi->uid == -1)
4717 - dip->di_uid = cpu_to_le32(ip->i_uid);
4719 - dip->di_uid = cpu_to_le32(jfs_ip->saved_uid);
4720 - if (sbi->gid == -1)
4721 - dip->di_gid = cpu_to_le32(ip->i_gid);
4723 - dip->di_gid = cpu_to_le32(jfs_ip->saved_gid);
4725 + dip->di_uid = cpu_to_le32(TAGINO_UID(DX_TAG(ip),
4726 + (sbi->uid == -1) ? ip->i_uid : jfs_ip->saved_uid, ip->i_tag));
4727 + dip->di_gid = cpu_to_le32(TAGINO_GID(DX_TAG(ip),
4728 + (sbi->gid == -1) ? ip->i_gid : jfs_ip->saved_gid, ip->i_tag));
4730 jfs_get_inode_flags(jfs_ip);
4732 * mode2 is only needed for storing the higher order bits.
4733 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_inode.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_inode.c
4734 --- linux-2.6.25/fs/jfs/jfs_inode.c 2008-04-17 10:33:02.000000000 -0400
4735 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_inode.c 2008-04-19 15:14:52.000000000 -0400
4738 #include <linux/fs.h>
4739 #include <linux/quotaops.h>
4740 +#include <linux/vs_dlimit.h>
4741 +#include <linux/vs_tag.h>
4742 #include "jfs_incore.h"
4743 #include "jfs_inode.h"
4744 #include "jfs_filsys.h"
4745 @@ -30,19 +32,47 @@ void jfs_set_inode_flags(struct inode *i
4747 unsigned int flags = JFS_IP(inode)->mode2;
4749 - inode->i_flags &= ~(S_IMMUTABLE | S_APPEND |
4750 - S_NOATIME | S_DIRSYNC | S_SYNC);
4751 + inode->i_flags &= ~(S_IMMUTABLE | S_IUNLINK | S_BARRIER |
4752 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
4754 if (flags & JFS_IMMUTABLE_FL)
4755 inode->i_flags |= S_IMMUTABLE;
4756 + if (flags & JFS_IUNLINK_FL)
4757 + inode->i_flags |= S_IUNLINK;
4758 + if (flags & JFS_BARRIER_FL)
4759 + inode->i_flags |= S_BARRIER;
4761 + if (flags & JFS_SYNC_FL)
4762 + inode->i_flags |= S_SYNC;
4763 if (flags & JFS_APPEND_FL)
4764 inode->i_flags |= S_APPEND;
4765 if (flags & JFS_NOATIME_FL)
4766 inode->i_flags |= S_NOATIME;
4767 if (flags & JFS_DIRSYNC_FL)
4768 inode->i_flags |= S_DIRSYNC;
4769 - if (flags & JFS_SYNC_FL)
4770 - inode->i_flags |= S_SYNC;
4773 +int jfs_sync_flags(struct inode *inode)
4775 + unsigned int oldflags, newflags;
4777 + oldflags = JFS_IP(inode)->mode2;
4778 + newflags = oldflags & ~(JFS_IMMUTABLE_FL |
4779 + JFS_IUNLINK_FL | JFS_BARRIER_FL);
4781 + if (IS_IMMUTABLE(inode))
4782 + newflags |= JFS_IMMUTABLE_FL;
4783 + if (IS_IUNLINK(inode))
4784 + newflags |= JFS_IUNLINK_FL;
4785 + if (IS_BARRIER(inode))
4786 + newflags |= JFS_BARRIER_FL;
4788 + if (oldflags ^ newflags) {
4789 + JFS_IP(inode)->mode2 = newflags;
4790 + inode->i_ctime = CURRENT_TIME;
4791 + mark_inode_dirty(inode);
4796 void jfs_get_inode_flags(struct jfs_inode_info *jfs_ip)
4797 @@ -108,10 +138,17 @@ struct inode *ialloc(struct inode *paren
4798 jfs_inode->saved_uid = inode->i_uid;
4799 jfs_inode->saved_gid = inode->i_gid;
4801 + inode->i_tag = dx_current_fstag(sb);
4802 + if (DLIMIT_ALLOC_INODE(inode)) {
4804 + return ERR_PTR(-ENOSPC);
4808 * Allocate inode to quota.
4810 if (DQUOT_ALLOC_INODE(inode)) {
4811 + DLIMIT_FREE_INODE(inode);
4813 inode->i_flags |= S_NOQUOTA;
4815 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_inode.h linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_inode.h
4816 --- linux-2.6.25/fs/jfs/jfs_inode.h 2008-04-17 12:05:40.000000000 -0400
4817 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_inode.h 2008-04-19 15:14:52.000000000 -0400
4818 @@ -39,6 +39,7 @@ extern struct dentry *jfs_fh_to_dentry(s
4819 extern struct dentry *jfs_fh_to_parent(struct super_block *sb, struct fid *fid,
4820 int fh_len, int fh_type);
4821 extern void jfs_set_inode_flags(struct inode *);
4822 +extern int jfs_sync_flags(struct inode *);
4823 extern int jfs_get_block(struct inode *, sector_t, struct buffer_head *, int);
4825 extern const struct address_space_operations jfs_aops;
4826 diff -NurpP --minimal linux-2.6.25/fs/jfs/jfs_xtree.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_xtree.c
4827 --- linux-2.6.25/fs/jfs/jfs_xtree.c 2008-04-17 12:05:40.000000000 -0400
4828 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/jfs_xtree.c 2008-04-19 15:14:52.000000000 -0400
4831 #include <linux/fs.h>
4832 #include <linux/quotaops.h>
4833 +#include <linux/vs_dlimit.h>
4834 #include "jfs_incore.h"
4835 #include "jfs_filsys.h"
4836 #include "jfs_metapage.h"
4837 @@ -846,7 +847,12 @@ int xtInsert(tid_t tid, /* transaction
4839 if ((rc = DQUOT_ALLOC_BLOCK(ip, xlen)))
4841 + if ((rc = DLIMIT_ALLOC_BLOCK(ip, xlen))) {
4842 + DQUOT_FREE_BLOCK(ip, xlen);
4845 if ((rc = dbAlloc(ip, hint, (s64) xlen, &xaddr))) {
4846 + DLIMIT_FREE_BLOCK(ip, xlen);
4847 DQUOT_FREE_BLOCK(ip, xlen);
4850 @@ -876,6 +882,7 @@ int xtInsert(tid_t tid, /* transaction
4851 /* undo data extent allocation */
4853 dbFree(ip, xaddr, (s64) xlen);
4854 + DLIMIT_FREE_BLOCK(ip, xlen);
4855 DQUOT_FREE_BLOCK(ip, xlen);
4858 @@ -1236,6 +1243,7 @@ xtSplitPage(tid_t tid, struct inode *ip,
4860 struct xtlock *sxtlck = NULL, *rxtlck = NULL;
4861 int quota_allocation = 0;
4862 + int dlimit_allocation = 0;
4865 sp = XT_PAGE(ip, smp);
4866 @@ -1255,6 +1263,13 @@ xtSplitPage(tid_t tid, struct inode *ip,
4868 quota_allocation += lengthPXD(pxd);
4870 + /* Allocate blocks to dlimit. */
4871 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
4875 + dlimit_allocation += lengthPXD(pxd);
4878 * allocate the new right page for the split
4880 @@ -1456,6 +1471,9 @@ xtSplitPage(tid_t tid, struct inode *ip,
4884 + /* Rollback dlimit allocation. */
4885 + if (dlimit_allocation)
4886 + DLIMIT_FREE_BLOCK(ip, dlimit_allocation);
4887 /* Rollback quota allocation. */
4888 if (quota_allocation)
4889 DQUOT_FREE_BLOCK(ip, quota_allocation);
4890 @@ -1519,6 +1537,12 @@ xtSplitRoot(tid_t tid,
4891 release_metapage(rmp);
4894 + /* Allocate blocks to dlimit. */
4895 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
4896 + DQUOT_FREE_BLOCK(ip, lengthPXD(pxd));
4897 + release_metapage(rmp);
4901 jfs_info("xtSplitRoot: ip:0x%p rmp:0x%p", ip, rmp);
4903 @@ -3948,6 +3972,8 @@ s64 xtTruncate(tid_t tid, struct inode *
4905 ip->i_size = newsize;
4907 + /* update dlimit allocation to reflect freed blocks */
4908 + DLIMIT_FREE_BLOCK(ip, nfreed);
4909 /* update quota allocation to reflect freed blocks */
4910 DQUOT_FREE_BLOCK(ip, nfreed);
4912 diff -NurpP --minimal linux-2.6.25/fs/jfs/namei.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/namei.c
4913 --- linux-2.6.25/fs/jfs/namei.c 2008-04-17 12:05:40.000000000 -0400
4914 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/namei.c 2008-04-19 15:14:52.000000000 -0400
4916 #include <linux/ctype.h>
4917 #include <linux/quotaops.h>
4918 #include <linux/exportfs.h>
4919 +#include <linux/vs_tag.h>
4920 #include "jfs_incore.h"
4921 #include "jfs_superblock.h"
4922 #include "jfs_inode.h"
4923 @@ -1468,6 +1469,7 @@ static struct dentry *jfs_lookup(struct
4924 return ERR_CAST(ip);
4927 + dx_propagate_tag(nd, ip);
4928 dentry = d_splice_alias(ip, dentry);
4930 if (dentry && (JFS_SBI(dip->i_sb)->mntflag & JFS_OS2))
4931 @@ -1550,6 +1552,7 @@ const struct inode_operations jfs_dir_in
4932 .setattr = jfs_setattr,
4933 .permission = jfs_permission,
4935 + .sync_flags = jfs_sync_flags,
4938 const struct file_operations jfs_dir_operations = {
4939 diff -NurpP --minimal linux-2.6.25/fs/jfs/super.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/super.c
4940 --- linux-2.6.25/fs/jfs/super.c 2008-04-17 12:05:40.000000000 -0400
4941 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/super.c 2008-04-19 15:14:52.000000000 -0400
4942 @@ -195,7 +195,8 @@ static void jfs_put_super(struct super_b
4944 Opt_integrity, Opt_nointegrity, Opt_iocharset, Opt_resize,
4945 Opt_resize_nosize, Opt_errors, Opt_ignore, Opt_err, Opt_quota,
4946 - Opt_usrquota, Opt_grpquota, Opt_uid, Opt_gid, Opt_umask
4947 + Opt_usrquota, Opt_grpquota, Opt_uid, Opt_gid, Opt_umask,
4948 + Opt_tag, Opt_notag, Opt_tagid
4951 static match_table_t tokens = {
4952 @@ -205,6 +206,10 @@ static match_table_t tokens = {
4953 {Opt_resize, "resize=%u"},
4954 {Opt_resize_nosize, "resize"},
4955 {Opt_errors, "errors=%s"},
4957 + {Opt_notag, "notag"},
4958 + {Opt_tagid, "tagid=%u"},
4959 + {Opt_tag, "tagxid"},
4960 {Opt_ignore, "noquota"},
4961 {Opt_ignore, "quota"},
4962 {Opt_usrquota, "usrquota"},
4963 @@ -339,6 +344,20 @@ static int parse_options(char *options,
4967 +#ifndef CONFIG_TAGGING_NONE
4969 + *flag |= JFS_TAGGED;
4972 + *flag &= JFS_TAGGED;
4975 +#ifdef CONFIG_PROPAGATE
4978 + *flag |= JFS_TAGGED;
4982 printk("jfs: Unrecognized mount option \"%s\" "
4983 " or missing value\n", p);
4984 @@ -369,6 +388,13 @@ static int jfs_remount(struct super_bloc
4985 if (!parse_options(data, sb, &newLVSize, &flag)) {
4989 + if ((flag & JFS_TAGGED) && !(sb->s_flags & MS_TAGGED)) {
4990 + printk(KERN_ERR "JFS: %s: tagging not permitted on remount.\n",
4996 if (sb->s_flags & MS_RDONLY) {
4998 @@ -440,6 +466,9 @@ static int jfs_fill_super(struct super_b
4999 #ifdef CONFIG_JFS_POSIX_ACL
5000 sb->s_flags |= MS_POSIXACL;
5002 + /* map mount option tagxid */
5003 + if (sbi->flag & JFS_TAGGED)
5004 + sb->s_flags |= MS_TAGGED;
5007 printk(KERN_ERR "resize option for remount only\n");
5008 diff -NurpP --minimal linux-2.6.25/fs/jfs/xattr.c linux-2.6.25-vs2.3.0.34.9/fs/jfs/xattr.c
5009 --- linux-2.6.25/fs/jfs/xattr.c 2008-04-17 10:37:23.000000000 -0400
5010 +++ linux-2.6.25-vs2.3.0.34.9/fs/jfs/xattr.c 2008-04-19 15:14:52.000000000 -0400
5012 #include <linux/posix_acl_xattr.h>
5013 #include <linux/quotaops.h>
5014 #include <linux/security.h>
5015 +#include <linux/vs_dlimit.h>
5016 #include "jfs_incore.h"
5017 #include "jfs_superblock.h"
5018 #include "jfs_dmap.h"
5019 @@ -263,9 +264,16 @@ static int ea_write(struct inode *ip, st
5020 if (DQUOT_ALLOC_BLOCK(ip, nblocks)) {
5023 + /* Allocate new blocks to dlimit. */
5024 + if (DLIMIT_ALLOC_BLOCK(ip, nblocks)) {
5025 + DQUOT_FREE_BLOCK(ip, nblocks);
5029 rc = dbAlloc(ip, INOHINT(ip), nblocks, &blkno);
5031 + /*Rollback dlimit allocation. */
5032 + DLIMIT_FREE_BLOCK(ip, nblocks);
5033 /*Rollback quota allocation. */
5034 DQUOT_FREE_BLOCK(ip, nblocks);
5036 @@ -332,6 +340,8 @@ static int ea_write(struct inode *ip, st
5039 /* Rollback quota allocation. */
5040 + DLIMIT_FREE_BLOCK(ip, nblocks);
5041 + /* Rollback quota allocation. */
5042 DQUOT_FREE_BLOCK(ip, nblocks);
5044 dbFree(ip, blkno, nblocks);
5045 @@ -468,6 +478,7 @@ static int ea_get(struct inode *inode, s
5048 int quota_allocation = 0;
5049 + int dlimit_allocation = 0;
5051 /* When fsck.jfs clears a bad ea, it doesn't clear the size */
5052 if (ji->ea.flag == 0)
5053 @@ -543,6 +554,12 @@ static int ea_get(struct inode *inode, s
5055 quota_allocation = blocks_needed;
5057 + /* Allocate new blocks to dlimit. */
5059 + if (DLIMIT_ALLOC_BLOCK(inode, blocks_needed))
5061 + dlimit_allocation = blocks_needed;
5063 rc = dbAlloc(inode, INOHINT(inode), (s64) blocks_needed,
5066 @@ -600,6 +617,9 @@ static int ea_get(struct inode *inode, s
5070 + /* Rollback dlimit allocation */
5071 + if (dlimit_allocation)
5072 + DLIMIT_FREE_BLOCK(inode, dlimit_allocation);
5073 /* Rollback quota allocation */
5074 if (quota_allocation)
5075 DQUOT_FREE_BLOCK(inode, quota_allocation);
5076 @@ -676,8 +696,10 @@ static int ea_put(tid_t tid, struct inod
5079 /* If old blocks exist, they must be removed from quota allocation. */
5082 + DLIMIT_FREE_BLOCK(inode, old_blocks);
5083 DQUOT_FREE_BLOCK(inode, old_blocks);
5086 inode->i_ctime = CURRENT_TIME;
5088 diff -NurpP --minimal linux-2.6.25/fs/libfs.c linux-2.6.25-vs2.3.0.34.9/fs/libfs.c
5089 --- linux-2.6.25/fs/libfs.c 2008-04-17 12:05:40.000000000 -0400
5090 +++ linux-2.6.25-vs2.3.0.34.9/fs/libfs.c 2008-04-19 15:14:52.000000000 -0400
5091 @@ -125,7 +125,8 @@ static inline unsigned char dt_type(stru
5092 * both impossible due to the lock on directory.
5095 -int dcache_readdir(struct file * filp, void * dirent, filldir_t filldir)
5096 +static inline int do_dcache_readdir_filter(struct file *filp,
5097 + void *dirent, filldir_t filldir, int (*filter)(struct dentry *dentry))
5099 struct dentry *dentry = filp->f_path.dentry;
5100 struct dentry *cursor = filp->private_data;
5101 @@ -158,6 +159,8 @@ int dcache_readdir(struct file * filp, v
5102 next = list_entry(p, struct dentry, d_u.d_child);
5103 if (d_unhashed(next) || !next->d_inode)
5105 + if (filter && !filter(next))
5108 spin_unlock(&dcache_lock);
5109 if (filldir(dirent, next->d_name.name,
5110 @@ -176,6 +179,18 @@ int dcache_readdir(struct file * filp, v
5114 +int dcache_readdir(struct file *filp, void *dirent, filldir_t filldir)
5116 + return do_dcache_readdir_filter(filp, dirent, filldir, NULL);
5119 +int dcache_readdir_filter(struct file *filp, void *dirent, filldir_t filldir,
5120 + int (*filter)(struct dentry *))
5122 + return do_dcache_readdir_filter(filp, dirent, filldir, filter);
5126 ssize_t generic_read_dir(struct file *filp, char __user *buf, size_t siz, loff_t *ppos)
5129 @@ -778,6 +793,7 @@ EXPORT_SYMBOL(dcache_dir_close);
5130 EXPORT_SYMBOL(dcache_dir_lseek);
5131 EXPORT_SYMBOL(dcache_dir_open);
5132 EXPORT_SYMBOL(dcache_readdir);
5133 +EXPORT_SYMBOL(dcache_readdir_filter);
5134 EXPORT_SYMBOL(generic_read_dir);
5135 EXPORT_SYMBOL(get_sb_pseudo);
5136 EXPORT_SYMBOL(simple_write_begin);
5137 diff -NurpP --minimal linux-2.6.25/fs/locks.c linux-2.6.25-vs2.3.0.34.9/fs/locks.c
5138 --- linux-2.6.25/fs/locks.c 2008-04-17 12:05:40.000000000 -0400
5139 +++ linux-2.6.25-vs2.3.0.34.9/fs/locks.c 2008-04-22 20:05:36.000000000 -0400
5141 #include <linux/time.h>
5142 #include <linux/rcupdate.h>
5143 #include <linux/pid_namespace.h>
5144 +#include <linux/vs_base.h>
5145 +#include <linux/vs_limit.h>
5147 #include <asm/semaphore.h>
5148 #include <asm/uaccess.h>
5149 @@ -148,6 +150,8 @@ static struct kmem_cache *filelock_cache
5150 /* Allocate an empty lock structure. */
5151 static struct file_lock *locks_alloc_lock(void)
5153 + if (!vx_locks_avail(1))
5155 return kmem_cache_alloc(filelock_cache, GFP_KERNEL);
5158 @@ -173,6 +177,7 @@ static void locks_free_lock(struct file_
5159 BUG_ON(!list_empty(&fl->fl_block));
5160 BUG_ON(!list_empty(&fl->fl_link));
5163 locks_release_private(fl);
5164 kmem_cache_free(filelock_cache, fl);
5166 @@ -193,6 +198,7 @@ void locks_init_lock(struct file_lock *f
5167 fl->fl_start = fl->fl_end = 0;
5169 fl->fl_lmops = NULL;
5173 EXPORT_SYMBOL(locks_init_lock);
5174 @@ -246,6 +252,7 @@ void locks_copy_lock(struct file_lock *n
5175 new->fl_file = fl->fl_file;
5176 new->fl_ops = fl->fl_ops;
5177 new->fl_lmops = fl->fl_lmops;
5178 + new->fl_xid = fl->fl_xid;
5180 locks_copy_private(new, fl);
5182 @@ -284,6 +291,11 @@ static int flock_make_lock(struct file *
5183 fl->fl_flags = FL_FLOCK;
5185 fl->fl_end = OFFSET_MAX;
5187 + vxd_assert(filp->f_xid == vx_current_xid(),
5188 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
5189 + fl->fl_xid = filp->f_xid;
5194 @@ -449,6 +461,7 @@ static int lease_init(struct file *filp,
5196 fl->fl_owner = current->files;
5197 fl->fl_pid = current->tgid;
5198 + fl->fl_xid = vx_current_xid();
5201 fl->fl_flags = FL_LEASE;
5202 @@ -468,6 +481,11 @@ static struct file_lock *lease_alloc(str
5204 return ERR_PTR(error);
5206 + fl->fl_xid = vx_current_xid();
5208 + vxd_assert(filp->f_xid == fl->fl_xid,
5209 + "f_xid(%d) == fl_xid(%d)", filp->f_xid, fl->fl_xid);
5211 error = lease_init(filp, type, fl);
5213 locks_free_lock(fl);
5214 @@ -774,6 +792,7 @@ static int flock_lock_file(struct file *
5218 + new_fl->fl_xid = -1;
5220 for_each_lock(inode, before) {
5221 struct file_lock *fl = *before;
5222 @@ -792,6 +811,7 @@ find_conflict:
5224 locks_copy_lock(new_fl, request);
5225 locks_insert_lock(before, new_fl);
5226 + vx_locks_inc(new_fl);
5230 @@ -802,7 +822,8 @@ out:
5234 -static int __posix_lock_file(struct inode *inode, struct file_lock *request, struct file_lock *conflock)
5235 +static int __posix_lock_file(struct inode *inode, struct file_lock *request,
5236 + struct file_lock *conflock, xid_t xid)
5238 struct file_lock *fl;
5239 struct file_lock *new_fl = NULL;
5240 @@ -812,6 +833,8 @@ static int __posix_lock_file(struct inod
5241 struct file_lock **before;
5242 int error, added = 0;
5244 + vxd_assert(xid == vx_current_xid(),
5245 + "xid(%d) == current(%d)", xid, vx_current_xid());
5247 * We may need two file_lock structures for this operation,
5248 * so we get them in advance to avoid races.
5249 @@ -822,7 +845,11 @@ static int __posix_lock_file(struct inod
5250 (request->fl_type != F_UNLCK ||
5251 request->fl_start != 0 || request->fl_end != OFFSET_MAX)) {
5252 new_fl = locks_alloc_lock();
5253 + new_fl->fl_xid = xid;
5254 + vx_locks_inc(new_fl);
5255 new_fl2 = locks_alloc_lock();
5256 + new_fl2->fl_xid = xid;
5257 + vx_locks_inc(new_fl2);
5261 @@ -1021,7 +1048,8 @@ static int __posix_lock_file(struct inod
5262 int posix_lock_file(struct file *filp, struct file_lock *fl,
5263 struct file_lock *conflock)
5265 - return __posix_lock_file(filp->f_path.dentry->d_inode, fl, conflock);
5266 + return __posix_lock_file(filp->f_path.dentry->d_inode,
5267 + fl, conflock, filp->f_xid);
5269 EXPORT_SYMBOL(posix_lock_file);
5271 @@ -1111,7 +1139,7 @@ int locks_mandatory_area(int read_write,
5272 fl.fl_end = offset + count - 1;
5275 - error = __posix_lock_file(inode, &fl, NULL);
5276 + error = __posix_lock_file(inode, &fl, NULL, filp->f_xid);
5277 if (error != -EAGAIN)
5279 if (!(fl.fl_flags & FL_SLEEP))
5280 @@ -1425,6 +1453,7 @@ int generic_setlease(struct file *filp,
5282 locks_copy_lock(new_fl, lease);
5283 locks_insert_lock(before, new_fl);
5284 + vx_locks_inc(new_fl);
5288 @@ -1755,6 +1784,11 @@ int fcntl_setlk(unsigned int fd, struct
5289 if (file_lock == NULL)
5292 + vxd_assert(filp->f_xid == vx_current_xid(),
5293 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
5294 + file_lock->fl_xid = filp->f_xid;
5295 + vx_locks_inc(file_lock);
5298 * This might block, so we do it before checking the inode.
5300 @@ -1883,6 +1917,11 @@ int fcntl_setlk64(unsigned int fd, struc
5301 if (file_lock == NULL)
5304 + vxd_assert(filp->f_xid == vx_current_xid(),
5305 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
5306 + file_lock->fl_xid = filp->f_xid;
5307 + vx_locks_inc(file_lock);
5310 * This might block, so we do it before checking the inode.
5312 @@ -2163,8 +2202,11 @@ static int locks_show(struct seq_file *f
5314 lock_get_status(f, fl, (long)f->private, "");
5316 - list_for_each_entry(bfl, &fl->fl_block, fl_block)
5317 + list_for_each_entry(bfl, &fl->fl_block, fl_block) {
5318 + if (!vx_check(fl->fl_xid, VS_WATCH_P | VS_IDENT))
5320 lock_get_status(f, bfl, (long)f->private, " ->");
5325 diff -NurpP --minimal linux-2.6.25/fs/namei.c linux-2.6.25-vs2.3.0.34.9/fs/namei.c
5326 --- linux-2.6.25/fs/namei.c 2008-04-17 12:05:40.000000000 -0400
5327 +++ linux-2.6.25-vs2.3.0.34.9/fs/namei.c 2008-04-22 19:23:22.000000000 -0400
5329 #include <linux/capability.h>
5330 #include <linux/file.h>
5331 #include <linux/fcntl.h>
5332 +#include <linux/proc_fs.h>
5333 +#include <linux/vserver/inode.h>
5334 +#include <linux/vs_base.h>
5335 +#include <linux/vs_tag.h>
5336 +#include <linux/vs_cowbl.h>
5337 +#include <linux/vs_device.h>
5338 +#include <linux/vs_context.h>
5339 #include <asm/namei.h>
5340 #include <asm/uaccess.h>
5342 @@ -225,6 +232,28 @@ int generic_permission(struct inode *ino
5346 +static inline int dx_barrier(struct inode *inode)
5348 + if (IS_BARRIER(inode) && !vx_check(0, VS_ADMIN)) {
5349 + vxwprintk_task(1, "did hit the barrier.");
5355 +static inline int dx_permission(struct inode *inode, int mask, struct nameidata *nd)
5357 + if (dx_barrier(inode))
5359 + if (dx_notagcheck(nd) ||
5360 + dx_check(inode->i_tag, DX_HOSTID|DX_ADMIN|DX_WATCH|DX_IDENT))
5363 + vxwprintk_task(1, "denied access to %p[#%d,%lu] »%s«.",
5364 + inode, inode->i_tag, inode->i_ino, vxd_cond_path(nd));
5368 int permission(struct inode *inode, int mask, struct nameidata *nd)
5370 int retval, submask;
5371 @@ -239,14 +268,14 @@ int permission(struct inode *inode, int
5373 * Nobody gets write access to a read-only fs.
5375 - if (IS_RDONLY(inode) &&
5376 + if ((IS_RDONLY(inode) || (nd && MNT_IS_RDONLY(nd->path.mnt))) &&
5377 (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
5381 * Nobody gets write access to an immutable file.
5383 - if (IS_IMMUTABLE(inode))
5384 + if (IS_IMMUTABLE(inode) && !IS_COW(inode))
5388 @@ -261,6 +290,11 @@ int permission(struct inode *inode, int
5390 /* Ordinary permission routines do not understand MAY_APPEND. */
5391 submask = mask & ~MAY_APPEND;
5392 + if ((inode->i_sb->s_magic != DEVPTS_SUPER_MAGIC) &&
5393 + (inode->i_sb->s_magic != PROC_SUPER_MAGIC) &&
5394 + (retval = dx_permission(inode, mask, nd)))
5397 if (inode->i_op && inode->i_op->permission) {
5398 retval = inode->i_op->permission(inode, submask, nd);
5400 @@ -459,6 +493,8 @@ static int exec_permission_lite(struct i
5402 umode_t mode = inode->i_mode;
5404 + if (dx_barrier(inode))
5406 if (inode->i_op && inode->i_op->permission)
5409 @@ -789,7 +825,8 @@ static __always_inline void follow_dotdo
5410 if (nd->path.dentry == fs->root.dentry &&
5411 nd->path.mnt == fs->root.mnt) {
5412 read_unlock(&fs->lock);
5414 + /* for sane '/' avoid follow_mount() */
5417 read_unlock(&fs->lock);
5418 spin_lock(&dcache_lock);
5419 @@ -826,16 +863,39 @@ static int do_lookup(struct nameidata *n
5421 struct vfsmount *mnt = nd->path.mnt;
5422 struct dentry *dentry = __d_lookup(nd->path.dentry, name);
5423 + struct inode *inode;
5427 if (dentry->d_op && dentry->d_op->d_revalidate)
5428 goto need_revalidate;
5429 + inode = dentry->d_inode;
5433 + if (inode->i_sb->s_magic == PROC_SUPER_MAGIC) {
5434 + struct proc_dir_entry *de = PDE(inode);
5436 + if (de && !vx_hide_check(0, de->vx_flags))
5438 + } else if (inode->i_sb->s_magic == DEVPTS_SUPER_MAGIC) {
5439 + if (!vx_check((xid_t)inode->i_tag, VS_WATCH_P | VS_IDENT))
5442 + if (!dx_notagcheck(nd) && !dx_check(inode->i_tag,
5443 + DX_WATCH | DX_ADMIN | DX_HOSTID | DX_IDENT))
5448 path->dentry = dentry;
5449 __follow_mount(path);
5452 + vxwprintk_task(1, "did lookup hidden %p[#%d,%lu] »%s«.",
5453 + inode, inode->i_tag, inode->i_ino, vxd_path(path));
5458 dentry = real_lookup(nd->path.dentry, name, nd);
5459 @@ -1464,7 +1524,8 @@ static inline int check_sticky(struct in
5460 * 10. We don't allow removal of NFS sillyrenamed files; it's handled by
5461 * nfs_async_unlink().
5463 -static int may_delete(struct inode *dir,struct dentry *victim,int isdir)
5464 +static int may_delete(struct inode *dir, struct dentry *victim,
5465 + int isdir, struct nameidata *nd)
5469 @@ -1474,13 +1535,13 @@ static int may_delete(struct inode *dir,
5470 BUG_ON(victim->d_parent->d_inode != dir);
5471 audit_inode_child(victim->d_name.name, victim, dir);
5473 - error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);
5474 + error = permission(dir,MAY_WRITE | MAY_EXEC, nd);
5479 if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)||
5480 - IS_IMMUTABLE(victim->d_inode))
5481 + IS_IXORUNLINK(victim->d_inode))
5484 if (!S_ISDIR(victim->d_inode->i_mode))
5485 @@ -1626,6 +1687,14 @@ int may_open(struct nameidata *nd, int a
5486 } else if (IS_RDONLY(inode) && (acc_mode & MAY_WRITE))
5489 +#ifdef CONFIG_VSERVER_COWBL
5490 + if (IS_COW(inode) && (flag & FMODE_WRITE)) {
5491 + if (IS_COW_LINK(inode))
5493 + inode->i_flags &= ~(S_IUNLINK|S_IMMUTABLE);
5494 + mark_inode_dirty(inode);
5497 error = vfs_permission(nd, acc_mode);
5500 @@ -1717,6 +1786,11 @@ int open_namei(int dfd, const char *path
5504 +#ifdef CONFIG_VSERVER_COWBL
5509 acc_mode = ACC_MODE(flag);
5511 /* O_TRUNC implies we need access checks for write permissions */
5512 @@ -1810,6 +1884,22 @@ do_last:
5515 error = may_open(nd, acc_mode, flag);
5516 +#ifdef CONFIG_VSERVER_COWBL
5517 + if (error == -EMLINK) {
5518 + struct dentry *dentry;
5519 + dentry = cow_break_link(pathname);
5520 + if (IS_ERR(dentry)) {
5521 + error = PTR_ERR(dentry);
5525 + release_open_intent(nd);
5526 + path_put(&nd->path);
5535 @@ -1921,16 +2011,25 @@ fail:
5537 EXPORT_SYMBOL_GPL(lookup_create);
5539 -int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
5540 +int vfs_mknod(struct inode *dir, struct dentry *dentry,
5541 + int mode, dev_t dev, struct nameidata *nd)
5543 - int error = may_create(dir, dentry, NULL);
5544 + int error = may_create(dir, dentry, nd);
5549 - if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD))
5550 + if (!(S_ISCHR(mode) || S_ISBLK(mode)))
5553 + if (!capable(CAP_MKNOD))
5556 + if (S_ISCHR(mode) && !vs_chrdev_perm(dev, DATTR_CREATE))
5558 + if (S_ISBLK(mode) && !vs_blkdev_perm(dev, DATTR_CREATE))
5561 if (!dir->i_op || !dir->i_op->mknod)
5564 @@ -1973,11 +2072,12 @@ asmlinkage long sys_mknodat(int dfd, con
5565 error = vfs_create(nd.path.dentry->d_inode,dentry,mode,&nd);
5567 case S_IFCHR: case S_IFBLK:
5568 - error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode,
5569 - new_decode_dev(dev));
5570 + error = vfs_mknod(nd.path.dentry->d_inode, dentry, mode,
5571 + new_decode_dev(dev), &nd);
5573 case S_IFIFO: case S_IFSOCK:
5574 - error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode,0);
5575 + error = vfs_mknod(nd.path.dentry->d_inode, dentry, mode,
5580 @@ -2000,9 +2100,10 @@ asmlinkage long sys_mknod(const char __u
5581 return sys_mknodat(AT_FDCWD, filename, mode, dev);
5584 -int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
5585 +int vfs_mkdir(struct inode *dir, struct dentry *dentry,
5586 + int mode, struct nameidata *nd)
5588 - int error = may_create(dir, dentry, NULL);
5589 + int error = may_create(dir, dentry, nd);
5593 @@ -2044,7 +2145,7 @@ asmlinkage long sys_mkdirat(int dfd, con
5595 if (!IS_POSIXACL(nd.path.dentry->d_inode))
5596 mode &= ~current->fs->umask;
5597 - error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode);
5598 + error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode, &nd);
5601 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5602 @@ -2087,9 +2188,10 @@ void dentry_unhash(struct dentry *dentry
5603 spin_unlock(&dcache_lock);
5606 -int vfs_rmdir(struct inode *dir, struct dentry *dentry)
5607 +int vfs_rmdir(struct inode *dir, struct dentry *dentry,
5608 + struct nameidata *nd)
5610 - int error = may_delete(dir, dentry, 1);
5611 + int error = may_delete(dir, dentry, 1, nd);
5615 @@ -2151,7 +2253,7 @@ static long do_rmdir(int dfd, const char
5616 error = PTR_ERR(dentry);
5619 - error = vfs_rmdir(nd.path.dentry->d_inode, dentry);
5620 + error = vfs_rmdir(nd.path.dentry->d_inode, dentry, &nd);
5623 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5624 @@ -2167,9 +2269,10 @@ asmlinkage long sys_rmdir(const char __u
5625 return do_rmdir(AT_FDCWD, pathname);
5628 -int vfs_unlink(struct inode *dir, struct dentry *dentry)
5629 +int vfs_unlink(struct inode *dir, struct dentry *dentry,
5630 + struct nameidata *nd)
5632 - int error = may_delete(dir, dentry, 0);
5633 + int error = may_delete(dir, dentry, 0, nd);
5637 @@ -2232,7 +2335,7 @@ static long do_unlinkat(int dfd, const c
5638 inode = dentry->d_inode;
5640 atomic_inc(&inode->i_count);
5641 - error = vfs_unlink(nd.path.dentry->d_inode, dentry);
5642 + error = vfs_unlink(nd.path.dentry->d_inode, dentry, &nd);
5646 @@ -2267,9 +2370,10 @@ asmlinkage long sys_unlink(const char __
5647 return do_unlinkat(AT_FDCWD, pathname);
5650 -int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, int mode)
5651 +int vfs_symlink(struct inode *dir, struct dentry *dentry,
5652 + const char *oldname, int mode, struct nameidata *nd)
5654 - int error = may_create(dir, dentry, NULL);
5655 + int error = may_create(dir, dentry, nd);
5659 @@ -2313,7 +2417,8 @@ asmlinkage long sys_symlinkat(const char
5663 - error = vfs_symlink(nd.path.dentry->d_inode, dentry, from, S_IALLUGO);
5664 + error = vfs_symlink(nd.path.dentry->d_inode, dentry, from,
5668 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5669 @@ -2330,7 +2435,8 @@ asmlinkage long sys_symlink(const char _
5670 return sys_symlinkat(oldname, AT_FDCWD, newname);
5673 -int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry)
5674 +int vfs_link(struct dentry *old_dentry, struct inode *dir,
5675 + struct dentry *new_dentry, struct nameidata *nd)
5677 struct inode *inode = old_dentry->d_inode;
5679 @@ -2338,7 +2444,7 @@ int vfs_link(struct dentry *old_dentry,
5683 - error = may_create(dir, new_dentry, NULL);
5684 + error = may_create(dir, new_dentry, nd);
5688 @@ -2348,7 +2454,7 @@ int vfs_link(struct dentry *old_dentry,
5690 * A link to an append-only or immutable file cannot be created.
5692 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
5693 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
5695 if (!dir->i_op || !dir->i_op->link)
5697 @@ -2408,7 +2514,8 @@ asmlinkage long sys_linkat(int olddfd, c
5698 error = PTR_ERR(new_dentry);
5699 if (IS_ERR(new_dentry))
5701 - error = vfs_link(old_nd.path.dentry, nd.path.dentry->d_inode, new_dentry);
5702 + error = vfs_link(old_nd.path.dentry, nd.path.dentry->d_inode,
5706 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5707 @@ -2540,14 +2647,14 @@ int vfs_rename(struct inode *old_dir, st
5708 if (old_dentry->d_inode == new_dentry->d_inode)
5711 - error = may_delete(old_dir, old_dentry, is_dir);
5712 + error = may_delete(old_dir, old_dentry, is_dir, NULL);
5716 if (!new_dentry->d_inode)
5717 error = may_create(new_dir, new_dentry, NULL);
5719 - error = may_delete(new_dir, new_dentry, is_dir);
5720 + error = may_delete(new_dir, new_dentry, is_dir, NULL);
5724 @@ -2625,6 +2732,9 @@ static int do_rename(int olddfd, const c
5726 if (old_dentry == trap)
5729 + if (MNT_IS_RDONLY(newnd.path.mnt))
5731 new_dentry = lookup_hash(&newnd);
5732 error = PTR_ERR(new_dentry);
5733 if (IS_ERR(new_dentry))
5734 @@ -2718,6 +2828,214 @@ int vfs_follow_link(struct nameidata *nd
5735 return __vfs_follow_link(nd, link);
5739 +#ifdef CONFIG_VSERVER_COWBL
5741 +#include <linux/file.h>
5744 +long do_cow_splice(struct file *in, struct file *out, size_t len)
5748 + return do_splice_direct(in, &ppos, out, len, 0);
5751 +struct dentry *cow_break_link(const char *pathname)
5753 + int ret, mode, pathlen, redo = 0;
5754 + struct nameidata old_nd, dir_nd;
5755 + struct path old_path, new_path;
5756 + struct dentry *dir, *res = NULL;
5757 + struct file *old_file;
5758 + struct file *new_file;
5759 + char *to, *path, pad='\251';
5762 + vxdprintk(VXD_CBIT(misc, 1), "cow_break_link(»%s«)", pathname);
5763 + path = kmalloc(PATH_MAX, GFP_KERNEL);
5768 + /* old_nd will have refs to dentry and mnt */
5769 + ret = path_lookup(pathname, LOOKUP_FOLLOW, &old_nd);
5770 + vxdprintk(VXD_CBIT(misc, 2), "path_lookup(old): %d", ret);
5772 + goto out_free_path;
5774 + old_path = old_nd.path;
5775 + mode = old_path.dentry->d_inode->i_mode;
5777 + to = d_path(&old_path, path, PATH_MAX-2);
5778 + pathlen = strlen(to);
5779 + vxdprintk(VXD_CBIT(misc, 2), "old path »%s« [»%.*s«:%d]", to,
5780 + old_path.dentry->d_name.len, old_path.dentry->d_name.name,
5781 + old_path.dentry->d_name.len);
5783 + to[pathlen + 1] = 0;
5785 + to[pathlen] = pad--;
5787 + if (pad <= '\240')
5790 + vxdprintk(VXD_CBIT(misc, 1), "temp copy »%s«", to);
5791 + /* dir_nd will have refs to dentry and mnt */
5792 + ret = path_lookup(to,
5793 + LOOKUP_PARENT | LOOKUP_OPEN | LOOKUP_CREATE, &dir_nd);
5794 + vxdprintk(VXD_CBIT(misc, 2),
5795 + "path_lookup(new): %d", ret);
5799 + /* this puppy downs the inode mutex */
5800 + new_path.dentry = lookup_create(&dir_nd, 0);
5801 + vxdprintk(VXD_CBIT(misc, 2),
5802 + "lookup_create(new): %p [»%.*s«:%d]", new_path.dentry,
5803 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
5804 + new_path.dentry->d_name.len);
5805 + if (!new_path.dentry || IS_ERR(new_path.dentry)) {
5806 + path_put(&dir_nd.path);
5809 + dir = dir_nd.path.dentry;
5811 + ret = vfs_create(dir_nd.path.dentry->d_inode, new_path.dentry, mode, &dir_nd);
5812 + vxdprintk(VXD_CBIT(misc, 2),
5813 + "vfs_create(new): %d", ret);
5814 + if (ret == -EEXIST) {
5815 + mutex_unlock(&dir->d_inode->i_mutex);
5816 + dput(new_path.dentry);
5817 + path_put(&dir_nd.path);
5821 + goto out_unlock_new;
5823 + /* drop out early, ret passes ENOENT */
5825 + if ((redo = d_unhashed(old_path.dentry)))
5826 + goto out_unlock_new;
5828 + new_path.mnt = dir_nd.path.mnt;
5829 + dget(old_path.dentry);
5830 + mntget(old_path.mnt);
5831 + /* this one cleans up the dentry/mnt in case of failure */
5832 + old_file = dentry_open(old_path.dentry, old_path.mnt, O_RDONLY);
5833 + vxdprintk(VXD_CBIT(misc, 2),
5834 + "dentry_open(old): %p", old_file);
5835 + if (!old_file || IS_ERR(old_file)) {
5836 + res = IS_ERR(old_file) ? (void *) old_file : res;
5837 + goto out_unlock_new;
5840 + dget(new_path.dentry);
5841 + mntget(new_path.mnt);
5842 + /* this one cleans up the dentry/mnt in case of failure */
5843 + new_file = dentry_open(new_path.dentry, new_path.mnt, O_WRONLY);
5844 + vxdprintk(VXD_CBIT(misc, 2),
5845 + "dentry_open(new): %p", new_file);
5847 + ret = IS_ERR(new_file) ? PTR_ERR(new_file) : -ENOENT;
5848 + if (!new_file || IS_ERR(new_file))
5849 + goto out_fput_old;
5851 + size = i_size_read(old_file->f_dentry->d_inode);
5852 + ret = do_cow_splice(old_file, new_file, size);
5853 + vxdprintk(VXD_CBIT(misc, 2), "do_splice_direct: %d", ret);
5855 + goto out_fput_both;
5856 + } else if (ret < size) {
5858 + goto out_fput_both;
5860 + struct inode *old_inode = old_path.dentry->d_inode;
5861 + struct inode *new_inode = new_path.dentry->d_inode;
5862 + struct iattr attr = {
5863 + .ia_uid = old_inode->i_uid,
5864 + .ia_gid = old_inode->i_gid,
5865 + .ia_valid = ATTR_UID | ATTR_GID
5868 + ret = inode_setattr(new_inode, &attr);
5870 + goto out_fput_both;
5873 + mutex_lock(&old_path.dentry->d_inode->i_sb->s_vfs_rename_mutex);
5875 + /* drop out late */
5877 + if ((redo = d_unhashed(old_path.dentry)))
5880 + vxdprintk(VXD_CBIT(misc, 2),
5881 + "vfs_rename: [»%*s«:%d] -> [»%*s«:%d]",
5882 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
5883 + new_path.dentry->d_name.len,
5884 + old_path.dentry->d_name.len, old_path.dentry->d_name.name,
5885 + old_path.dentry->d_name.len);
5886 + ret = vfs_rename(dir_nd.path.dentry->d_inode, new_path.dentry,
5887 + old_nd.path.dentry->d_parent->d_inode, old_path.dentry);
5888 + vxdprintk(VXD_CBIT(misc, 2), "vfs_rename: %d", ret);
5889 + res = new_path.dentry;
5892 + mutex_unlock(&old_path.dentry->d_inode->i_sb->s_vfs_rename_mutex);
5895 + vxdprintk(VXD_CBIT(misc, 3),
5896 + "fput(new_file=%p[#%d])", new_file,
5897 + atomic_read(&new_file->f_count));
5901 + vxdprintk(VXD_CBIT(misc, 3),
5902 + "fput(old_file=%p[#%d])", old_file,
5903 + atomic_read(&old_file->f_count));
5907 + mutex_unlock(&dir->d_inode->i_mutex);
5911 + /* error path cleanup */
5912 + vfs_unlink(dir->d_inode, new_path.dentry, &dir_nd);
5913 + dput(new_path.dentry);
5917 + goto out_rel_both;
5918 + /* lookup dentry once again */
5919 + path_put(&old_nd.path);
5920 + ret = path_lookup(pathname, LOOKUP_FOLLOW, &old_nd);
5922 + goto out_rel_both;
5924 + new_path.dentry = old_nd.path.dentry;
5925 + vxdprintk(VXD_CBIT(misc, 2),
5926 + "path_lookup(redo): %p [»%.*s«:%d]", new_path.dentry,
5927 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
5928 + new_path.dentry->d_name.len);
5929 + dget(new_path.dentry);
5930 + res = new_path.dentry;
5933 + path_put(&dir_nd.path);
5935 + path_put(&old_nd.path);
5940 + res = ERR_PTR(ret);
5946 /* get the link contents into pagecache */
5947 static char *page_getlink(struct dentry * dentry, struct page **ppage)
5949 diff -NurpP --minimal linux-2.6.25/fs/namespace.c linux-2.6.25-vs2.3.0.34.9/fs/namespace.c
5950 --- linux-2.6.25/fs/namespace.c 2008-04-17 12:05:40.000000000 -0400
5951 +++ linux-2.6.25-vs2.3.0.34.9/fs/namespace.c 2008-04-21 17:20:53.000000000 -0400
5953 #include <linux/mount.h>
5954 #include <linux/ramfs.h>
5955 #include <linux/log2.h>
5956 +#include <linux/vs_base.h>
5957 +#include <linux/vs_context.h>
5958 +#include <linux/vs_tag.h>
5959 +#include <linux/vserver/space.h>
5960 +#include <linux/vserver/global.h>
5961 #include <asm/uaccess.h>
5962 #include <asm/unistd.h>
5964 @@ -244,6 +249,7 @@ static struct vfsmount *clone_mnt(struct
5965 mnt->mnt_root = dget(root);
5966 mnt->mnt_mountpoint = mnt->mnt_root;
5967 mnt->mnt_parent = mnt;
5968 + mnt->mnt_tag = old->mnt_tag;
5970 if (flag & CL_SLAVE) {
5971 list_add(&mnt->mnt_slave, &old->mnt_slave_list);
5972 @@ -323,6 +329,31 @@ static inline void mangle(struct seq_fil
5973 seq_escape(m, s, " \t\n\\");
5976 +static int mnt_is_reachable(struct vfsmount *mnt)
5979 + struct dentry *point;
5982 + if (mnt == mnt->mnt_ns->root)
5985 + spin_lock(&vfsmount_lock);
5986 + root = current->fs->root;
5987 + point = root.dentry;
5989 + while ((mnt != mnt->mnt_parent) && (mnt != root.mnt)) {
5990 + point = mnt->mnt_mountpoint;
5991 + mnt = mnt->mnt_parent;
5994 + ret = (mnt == root.mnt) && is_subdir(point, root.dentry);
5996 + spin_unlock(&vfsmount_lock);
6002 * Simple .show_options callback for filesystems which don't want to
6003 * implement more complex mount option showing.
6004 @@ -388,44 +419,61 @@ static int show_vfsmnt(struct seq_file *
6005 struct vfsmount *mnt = list_entry(v, struct vfsmount, mnt_list);
6007 static struct proc_fs_info {
6015 - { MS_SYNCHRONOUS, ",sync" },
6016 - { MS_DIRSYNC, ",dirsync" },
6017 - { MS_MANDLOCK, ",mand" },
6020 - static struct proc_fs_info mnt_info[] = {
6021 - { MNT_NOSUID, ",nosuid" },
6022 - { MNT_NODEV, ",nodev" },
6023 - { MNT_NOEXEC, ",noexec" },
6024 - { MNT_NOATIME, ",noatime" },
6025 - { MNT_NODIRATIME, ",nodiratime" },
6026 - { MNT_RELATIME, ",relatime" },
6028 + { MS_RDONLY, MNT_RDONLY, "ro", "rw" },
6029 + { MS_SYNCHRONOUS, 0, ",sync", NULL },
6030 + { MS_DIRSYNC, 0, ",dirsync", NULL },
6031 + { MS_MANDLOCK, 0, ",mand", NULL },
6032 + { MS_TAGGED, 0, ",tag", NULL },
6033 + { MS_NOATIME, MNT_NOATIME, ",noatime", NULL },
6034 + { MS_NODIRATIME, MNT_NODIRATIME, ",nodiratime", NULL },
6035 + { MS_RELATIME, MNT_RELATIME, ",relatime", NULL },
6036 + { 0, MNT_NOSUID, ",nosuid", NULL },
6037 + { 0, MNT_NODEV, ",nodev", NULL },
6038 + { 0, MNT_NOEXEC, ",noexec", NULL },
6039 + { 0, 0, NULL, NULL }
6041 - struct proc_fs_info *fs_infop;
6042 - struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
6043 + struct proc_fs_info *p;
6044 + unsigned long s_flags = mnt->mnt_sb->s_flags;
6045 + int mnt_flags = mnt->mnt_flags;
6047 - mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
6049 - seq_path(m, &mnt_path, " \t\n\\");
6051 - mangle(m, mnt->mnt_sb->s_type->name);
6052 - if (mnt->mnt_sb->s_subtype && mnt->mnt_sb->s_subtype[0]) {
6054 - mangle(m, mnt->mnt_sb->s_subtype);
6056 - seq_puts(m, mnt->mnt_sb->s_flags & MS_RDONLY ? " ro" : " rw");
6057 - for (fs_infop = fs_info; fs_infop->flag; fs_infop++) {
6058 - if (mnt->mnt_sb->s_flags & fs_infop->flag)
6059 - seq_puts(m, fs_infop->str);
6060 + if (vx_flags(VXF_HIDE_MOUNT, 0))
6062 + if (!mnt_is_reachable(mnt) && !vx_check(0, VS_WATCH_P))
6065 + if (!vx_check(0, VS_ADMIN|VS_WATCH) &&
6066 + mnt == current->fs->root.mnt) {
6067 + seq_puts(m, "/dev/root / ");
6069 + struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
6070 + mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
6072 + seq_path(m, &mnt_path, " \t\n\\");
6075 + if (mnt->mnt_sb->s_subtype && mnt->mnt_sb->s_subtype[0]) {
6077 + mangle(m, mnt->mnt_sb->s_subtype);
6080 - for (fs_infop = mnt_info; fs_infop->flag; fs_infop++) {
6081 - if (mnt->mnt_flags & fs_infop->flag)
6082 - seq_puts(m, fs_infop->str);
6083 + mangle(m, mnt->mnt_sb->s_type->name);
6085 + for (p = fs_info; (p->s_flag | p->mnt_flag) ; p++) {
6086 + if ((s_flags & p->s_flag) || (mnt_flags & p->mnt_flag)) {
6088 + seq_puts(m, p->set_str);
6091 + seq_puts(m, p->unset_str);
6094 + if (mnt->mnt_flags & MNT_TAGID)
6095 + seq_printf(m, ",tag=%d", mnt->mnt_tag);
6096 if (mnt->mnt_sb->s_op->show_options)
6097 err = mnt->mnt_sb->s_op->show_options(m, mnt);
6098 seq_puts(m, " 0 0\n");
6099 @@ -445,17 +493,27 @@ static int show_vfsstat(struct seq_file
6100 struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
6104 - if (mnt->mnt_devname) {
6105 - seq_puts(m, "device ");
6106 - mangle(m, mnt->mnt_devname);
6108 - seq_puts(m, "no device");
6109 + if (vx_flags(VXF_HIDE_MOUNT, 0))
6111 + if (!mnt_is_reachable(mnt) && !vx_check(0, VS_WATCH_P))
6115 - seq_puts(m, " mounted on ");
6116 - seq_path(m, &mnt_path, " \t\n\\");
6118 + if (!vx_check(0, VS_ADMIN|VS_WATCH) &&
6119 + mnt == current->fs->root.mnt) {
6120 + seq_puts(m, "device /dev/root mounted on / ");
6123 + if (mnt->mnt_devname) {
6124 + seq_puts(m, "device ");
6125 + mangle(m, mnt->mnt_devname);
6127 + seq_puts(m, "no device");
6130 + seq_puts(m, " mounted on ");
6131 + seq_path(m, &mnt_path, " \t\n\\");
6135 /* file system type */
6136 seq_puts(m, "with fstype ");
6137 @@ -693,7 +751,7 @@ asmlinkage long sys_umount(char __user *
6141 - if (!capable(CAP_SYS_ADMIN))
6142 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6145 retval = do_umount(nd.path.mnt, flags);
6146 @@ -719,7 +777,7 @@ asmlinkage long sys_oldumount(char __use
6148 static int mount_is_safe(struct nameidata *nd)
6150 - if (capable(CAP_SYS_ADMIN))
6151 + if (vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6155 @@ -974,11 +1032,13 @@ static noinline int do_change_type(struc
6156 * noinline this do_mount helper to save do_mount stack space.
6158 static noinline int do_loopback(struct nameidata *nd, char *old_name,
6160 + tag_t tag, unsigned long flags, int mnt_flags)
6162 struct nameidata old_nd;
6163 struct vfsmount *mnt = NULL;
6164 int err = mount_is_safe(nd);
6165 + int recurse = flags & MS_REC;
6169 if (!old_name || !*old_name)
6170 @@ -1004,6 +1064,12 @@ static noinline int do_loopback(struct n
6174 + mnt->mnt_flags = mnt_flags;
6175 + if (flags & MS_TAGID) {
6176 + mnt->mnt_tag = tag;
6177 + mnt->mnt_flags |= MNT_TAGID;
6180 err = graft_tree(mnt, nd);
6182 LIST_HEAD(umount_list);
6183 @@ -1012,6 +1078,7 @@ static noinline int do_loopback(struct n
6184 spin_unlock(&vfsmount_lock);
6185 release_mounts(&umount_list);
6187 + mnt->mnt_flags = mnt_flags;
6190 up_write(&namespace_sem);
6191 @@ -1026,12 +1093,12 @@ out:
6192 * noinline this do_mount helper to save do_mount stack space.
6194 static noinline int do_remount(struct nameidata *nd, int flags, int mnt_flags,
6196 + void *data, xid_t xid)
6199 struct super_block *sb = nd->path.mnt->mnt_sb;
6201 - if (!capable(CAP_SYS_ADMIN))
6202 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_REMOUNT))
6205 if (!check_mnt(nd->path.mnt))
6206 @@ -1069,7 +1136,7 @@ static noinline int do_move_mount(struct
6207 struct path parent_path;
6210 - if (!capable(CAP_SYS_ADMIN))
6211 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6213 if (!old_name || !*old_name)
6215 @@ -1152,7 +1219,7 @@ static noinline int do_new_mount(struct
6218 /* we need capabilities... */
6219 - if (!capable(CAP_SYS_ADMIN))
6220 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6223 mnt = do_kern_mount(type, flags, name, data);
6224 @@ -1397,6 +1464,7 @@ long do_mount(char *dev_name, char *dir_
6225 struct nameidata nd;
6231 if ((flags & MS_MGC_MSK) == MS_MGC_VAL)
6232 @@ -1412,7 +1480,17 @@ long do_mount(char *dev_name, char *dir_
6234 ((char *)data_page)[PAGE_SIZE - 1] = 0;
6236 + retval = dx_parse_tag(data_page, &tag, 1);
6238 + mnt_flags |= retval;
6239 + /* FIXME: bind and re-mounts get the tag flag? */
6240 + if (flags & (MS_BIND|MS_REMOUNT))
6241 + flags |= MS_TAGID;
6244 /* Separate the per-mountpoint flags */
6245 + if (flags & MS_RDONLY)
6246 + mnt_flags |= MNT_RDONLY;
6247 if (flags & MS_NOSUID)
6248 mnt_flags |= MNT_NOSUID;
6249 if (flags & MS_NODEV)
6250 @@ -1426,6 +1504,8 @@ long do_mount(char *dev_name, char *dir_
6251 if (flags & MS_RELATIME)
6252 mnt_flags |= MNT_RELATIME;
6254 + if (!capable(CAP_SYS_ADMIN))
6255 + mnt_flags |= MNT_NODEV;
6256 flags &= ~(MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_ACTIVE |
6257 MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT);
6259 @@ -1440,9 +1520,9 @@ long do_mount(char *dev_name, char *dir_
6261 if (flags & MS_REMOUNT)
6262 retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
6265 else if (flags & MS_BIND)
6266 - retval = do_loopback(&nd, dev_name, flags & MS_REC);
6267 + retval = do_loopback(&nd, dev_name, tag, flags, mnt_flags);
6268 else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
6269 retval = do_change_type(&nd, flags);
6270 else if (flags & MS_MOVE)
6271 @@ -1515,6 +1595,7 @@ static struct mnt_namespace *dup_mnt_ns(
6272 q = next_mnt(q, new_ns->root);
6274 up_write(&namespace_sem);
6275 + atomic_inc(&vs_global_mnt_ns);
6279 @@ -1850,5 +1931,6 @@ void __put_mnt_ns(struct mnt_namespace *
6280 spin_unlock(&vfsmount_lock);
6281 up_write(&namespace_sem);
6282 release_mounts(&umount_list);
6283 + atomic_dec(&vs_global_mnt_ns);
6286 diff -NurpP --minimal linux-2.6.25/fs/nfs/client.c linux-2.6.25-vs2.3.0.34.9/fs/nfs/client.c
6287 --- linux-2.6.25/fs/nfs/client.c 2008-04-17 12:05:40.000000000 -0400
6288 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfs/client.c 2008-04-19 15:14:52.000000000 -0400
6289 @@ -589,6 +589,9 @@ static int nfs_init_server_rpcclient(str
6290 if (server->flags & NFS_MOUNT_SOFT)
6291 server->client->cl_softrtry = 1;
6293 + server->client->cl_tag = 0;
6294 + if (server->flags & NFS_MOUNT_TAGGED)
6295 + server->client->cl_tag = 1;
6299 @@ -742,6 +745,10 @@ static void nfs_server_set_fsinfo(struct
6300 server->acdirmin = server->acdirmax = 0;
6303 + /* FIXME: needs fsinfo
6304 + if (server->flags & NFS_MOUNT_TAGGED)
6305 + sb->s_flags |= MS_TAGGED; */
6307 server->maxfilesize = fsinfo->maxfilesize;
6309 /* We're airborne Set socket buffersize */
6310 diff -NurpP --minimal linux-2.6.25/fs/nfs/dir.c linux-2.6.25-vs2.3.0.34.9/fs/nfs/dir.c
6311 --- linux-2.6.25/fs/nfs/dir.c 2008-04-17 12:05:40.000000000 -0400
6312 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfs/dir.c 2008-04-21 16:52:03.000000000 -0400
6314 #include <linux/namei.h>
6315 #include <linux/mount.h>
6316 #include <linux/sched.h>
6317 +#include <linux/vs_tag.h>
6319 #include "nfs4_fs.h"
6320 #include "delegation.h"
6321 @@ -930,6 +931,7 @@ static struct dentry *nfs_lookup(struct
6323 goto out_unblock_sillyrename;
6325 + dx_propagate_tag(nd, inode);
6327 res = d_materialise_unique(dentry, inode);
6329 @@ -967,7 +969,8 @@ static int is_atomic_open(struct inode *
6330 if (nd->flags & LOOKUP_DIRECTORY)
6332 /* Are we trying to write to a read only partition? */
6333 - if (IS_RDONLY(dir) && (nd->intent.open.flags & (O_CREAT|O_TRUNC|FMODE_WRITE)))
6334 + if ((IS_RDONLY(dir) || MNT_IS_RDONLY(nd->path.mnt)) &&
6335 + (nd->intent.open.flags & (O_CREAT|O_TRUNC|FMODE_WRITE)))
6339 diff -NurpP --minimal linux-2.6.25/fs/nfs/inode.c linux-2.6.25-vs2.3.0.34.9/fs/nfs/inode.c
6340 --- linux-2.6.25/fs/nfs/inode.c 2008-04-17 12:05:40.000000000 -0400
6341 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfs/inode.c 2008-04-19 15:14:52.000000000 -0400
6343 #include <linux/vfs.h>
6344 #include <linux/inet.h>
6345 #include <linux/nfs_xdr.h>
6346 +#include <linux/vs_tag.h>
6348 #include <asm/system.h>
6349 #include <asm/uaccess.h>
6350 @@ -316,8 +317,10 @@ nfs_fhget(struct super_block *sb, struct
6351 nfsi->change_attr = fattr->change_attr;
6352 inode->i_size = nfs_size_to_loff_t(fattr->size);
6353 inode->i_nlink = fattr->nlink;
6354 - inode->i_uid = fattr->uid;
6355 - inode->i_gid = fattr->gid;
6356 + inode->i_uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
6357 + inode->i_gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
6358 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
6359 + /* maybe fattr->xid someday */
6360 if (fattr->valid & (NFS_ATTR_FATTR_V3 | NFS_ATTR_FATTR_V4)) {
6362 * report the blocks in 512byte units
6363 @@ -410,6 +413,8 @@ void nfs_setattr_update_inode(struct ino
6364 inode->i_uid = attr->ia_uid;
6365 if ((attr->ia_valid & ATTR_GID) != 0)
6366 inode->i_gid = attr->ia_gid;
6367 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
6368 + inode->i_tag = attr->ia_tag;
6369 spin_lock(&inode->i_lock);
6370 NFS_I(inode)->cache_validity |= NFS_INO_INVALID_ACCESS|NFS_INO_INVALID_ACL;
6371 spin_unlock(&inode->i_lock);
6372 @@ -841,6 +846,9 @@ static int nfs_check_inode_attributes(st
6373 struct nfs_inode *nfsi = NFS_I(inode);
6374 loff_t cur_size, new_isize;
6375 unsigned long invalid = 0;
6381 /* Has the inode gone and changed behind our back? */
6382 @@ -865,10 +873,15 @@ static int nfs_check_inode_attributes(st
6383 if (cur_size != new_isize && nfsi->npages == 0)
6384 invalid |= NFS_INO_INVALID_ATTR|NFS_INO_REVAL_PAGECACHE;
6386 + uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
6387 + gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
6388 + tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
6390 /* Have any file permissions changed? */
6391 if ((inode->i_mode & S_IALLUGO) != (fattr->mode & S_IALLUGO)
6392 - || inode->i_uid != fattr->uid
6393 - || inode->i_gid != fattr->gid)
6394 + || inode->i_uid != uid
6395 + || inode->i_gid != gid
6396 + || inode->i_tag != tag)
6397 invalid |= NFS_INO_INVALID_ATTR | NFS_INO_INVALID_ACCESS | NFS_INO_INVALID_ACL;
6399 /* Has the link count changed? */
6400 @@ -989,6 +1002,9 @@ static int nfs_update_inode(struct inode
6401 loff_t cur_isize, new_isize;
6402 unsigned long invalid = 0;
6403 unsigned long now = jiffies;
6408 dfprintk(VFS, "NFS: %s(%s/%ld ct=%d info=0x%x)\n",
6409 __FUNCTION__, inode->i_sb->s_id, inode->i_ino,
6410 @@ -1062,15 +1078,21 @@ static int nfs_update_inode(struct inode
6411 memcpy(&inode->i_atime, &fattr->atime, sizeof(inode->i_atime));
6412 nfsi->change_attr = fattr->change_attr;
6414 + uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
6415 + gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
6416 + tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
6418 if ((inode->i_mode & S_IALLUGO) != (fattr->mode & S_IALLUGO) ||
6419 - inode->i_uid != fattr->uid ||
6420 - inode->i_gid != fattr->gid)
6421 + inode->i_uid != uid ||
6422 + inode->i_gid != gid ||
6423 + inode->i_tag != tag)
6424 invalid |= NFS_INO_INVALID_ATTR|NFS_INO_INVALID_ACCESS|NFS_INO_INVALID_ACL;
6426 inode->i_mode = fattr->mode;
6427 inode->i_nlink = fattr->nlink;
6428 - inode->i_uid = fattr->uid;
6429 - inode->i_gid = fattr->gid;
6430 + inode->i_uid = uid;
6431 + inode->i_gid = gid;
6432 + inode->i_tag = tag;
6434 if (fattr->valid & (NFS_ATTR_FATTR_V3 | NFS_ATTR_FATTR_V4)) {
6436 diff -NurpP --minimal linux-2.6.25/fs/nfs/nfs3xdr.c linux-2.6.25-vs2.3.0.34.9/fs/nfs/nfs3xdr.c
6437 --- linux-2.6.25/fs/nfs/nfs3xdr.c 2008-04-17 12:05:40.000000000 -0400
6438 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfs/nfs3xdr.c 2008-04-19 15:14:52.000000000 -0400
6440 #include <linux/nfs3.h>
6441 #include <linux/nfs_fs.h>
6442 #include <linux/nfsacl.h>
6443 +#include <linux/vs_tag.h>
6444 #include "internal.h"
6446 #define NFSDBG_FACILITY NFSDBG_XDR
6447 @@ -180,7 +181,7 @@ xdr_decode_fattr(__be32 *p, struct nfs_f
6450 static inline __be32 *
6451 -xdr_encode_sattr(__be32 *p, struct iattr *attr)
6452 +xdr_encode_sattr(__be32 *p, struct iattr *attr, int tag)
6454 if (attr->ia_valid & ATTR_MODE) {
6456 @@ -188,15 +189,17 @@ xdr_encode_sattr(__be32 *p, struct iattr
6460 - if (attr->ia_valid & ATTR_UID) {
6461 + if (attr->ia_valid & ATTR_UID ||
6462 + (tag && (attr->ia_valid & ATTR_TAG))) {
6464 - *p++ = htonl(attr->ia_uid);
6465 + *p++ = htonl(TAGINO_UID(tag, attr->ia_uid, attr->ia_tag));
6469 - if (attr->ia_valid & ATTR_GID) {
6470 + if (attr->ia_valid & ATTR_GID ||
6471 + (tag && (attr->ia_valid & ATTR_TAG))) {
6473 - *p++ = htonl(attr->ia_gid);
6474 + *p++ = htonl(TAGINO_GID(tag, attr->ia_gid, attr->ia_tag));
6478 @@ -281,7 +284,8 @@ static int
6479 nfs3_xdr_sattrargs(struct rpc_rqst *req, __be32 *p, struct nfs3_sattrargs *args)
6481 p = xdr_encode_fhandle(p, args->fh);
6482 - p = xdr_encode_sattr(p, args->sattr);
6483 + p = xdr_encode_sattr(p, args->sattr,
6484 + req->rq_task->tk_client->cl_tag);
6485 *p++ = htonl(args->guard);
6487 p = xdr_encode_time3(p, &args->guardtime);
6488 @@ -386,7 +390,8 @@ nfs3_xdr_createargs(struct rpc_rqst *req
6489 *p++ = args->verifier[0];
6490 *p++ = args->verifier[1];
6492 - p = xdr_encode_sattr(p, args->sattr);
6493 + p = xdr_encode_sattr(p, args->sattr,
6494 + req->rq_task->tk_client->cl_tag);
6496 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
6498 @@ -400,7 +405,8 @@ nfs3_xdr_mkdirargs(struct rpc_rqst *req,
6500 p = xdr_encode_fhandle(p, args->fh);
6501 p = xdr_encode_array(p, args->name, args->len);
6502 - p = xdr_encode_sattr(p, args->sattr);
6503 + p = xdr_encode_sattr(p, args->sattr,
6504 + req->rq_task->tk_client->cl_tag);
6505 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
6508 @@ -413,7 +419,8 @@ nfs3_xdr_symlinkargs(struct rpc_rqst *re
6510 p = xdr_encode_fhandle(p, args->fromfh);
6511 p = xdr_encode_array(p, args->fromname, args->fromlen);
6512 - p = xdr_encode_sattr(p, args->sattr);
6513 + p = xdr_encode_sattr(p, args->sattr,
6514 + req->rq_task->tk_client->cl_tag);
6515 *p++ = htonl(args->pathlen);
6516 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
6518 @@ -431,7 +438,8 @@ nfs3_xdr_mknodargs(struct rpc_rqst *req,
6519 p = xdr_encode_fhandle(p, args->fh);
6520 p = xdr_encode_array(p, args->name, args->len);
6521 *p++ = htonl(args->type);
6522 - p = xdr_encode_sattr(p, args->sattr);
6523 + p = xdr_encode_sattr(p, args->sattr,
6524 + req->rq_task->tk_client->cl_tag);
6525 if (args->type == NF3CHR || args->type == NF3BLK) {
6526 *p++ = htonl(MAJOR(args->rdev));
6527 *p++ = htonl(MINOR(args->rdev));
6528 diff -NurpP --minimal linux-2.6.25/fs/nfs/nfsroot.c linux-2.6.25-vs2.3.0.34.9/fs/nfs/nfsroot.c
6529 --- linux-2.6.25/fs/nfs/nfsroot.c 2008-04-17 12:05:40.000000000 -0400
6530 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfs/nfsroot.c 2008-04-19 15:14:52.000000000 -0400
6531 @@ -119,12 +119,12 @@ static int mount_port __initdata = 0; /
6533 /* Options that take integer arguments */
6534 Opt_port, Opt_rsize, Opt_wsize, Opt_timeo, Opt_retrans, Opt_acregmin,
6535 - Opt_acregmax, Opt_acdirmin, Opt_acdirmax,
6536 + Opt_acregmax, Opt_acdirmin, Opt_acdirmax, Opt_tagid,
6537 /* Options that take no arguments */
6538 Opt_soft, Opt_hard, Opt_intr,
6539 Opt_nointr, Opt_posix, Opt_noposix, Opt_cto, Opt_nocto, Opt_ac,
6540 Opt_noac, Opt_lock, Opt_nolock, Opt_v2, Opt_v3, Opt_udp, Opt_tcp,
6541 - Opt_acl, Opt_noacl,
6542 + Opt_acl, Opt_noacl, Opt_tag, Opt_notag,
6546 @@ -161,6 +161,9 @@ static match_table_t __initdata tokens =
6549 {Opt_noacl, "noacl"},
6551 + {Opt_notag, "notag"},
6552 + {Opt_tagid, "tagid=%u"},
6556 @@ -272,6 +275,20 @@ static int __init root_nfs_parse(char *n
6558 nfs_data.flags |= NFS_MOUNT_NOACL;
6560 +#ifndef CONFIG_TAGGING_NONE
6562 + nfs_data.flags |= NFS_MOUNT_TAGGED;
6565 + nfs_data.flags &= ~NFS_MOUNT_TAGGED;
6568 +#ifdef CONFIG_PROPAGATE
6571 + nfs_data.flags |= NFS_MOUNT_TAGGED;
6575 printk(KERN_WARNING "Root-NFS: unknown "
6577 diff -NurpP --minimal linux-2.6.25/fs/nfs/super.c linux-2.6.25-vs2.3.0.34.9/fs/nfs/super.c
6578 --- linux-2.6.25/fs/nfs/super.c 2008-04-17 12:05:40.000000000 -0400
6579 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfs/super.c 2008-04-19 15:14:52.000000000 -0400
6581 #include <linux/nfs_xdr.h>
6582 #include <linux/magic.h>
6583 #include <linux/parser.h>
6584 +#include <linux/vs_tag.h>
6586 #include <asm/system.h>
6587 #include <asm/uaccess.h>
6588 @@ -458,6 +459,7 @@ static void nfs_show_mount_options(struc
6589 { NFS_MOUNT_NOACL, ",noacl", "" },
6590 { NFS_MOUNT_NORDIRPLUS, ",nordirplus", "" },
6591 { NFS_MOUNT_UNSHARED, ",nosharecache", ""},
6592 + { NFS_MOUNT_TAGGED, ",tag", "" },
6595 const struct proc_nfs_info *nfs_infop;
6596 diff -NurpP --minimal linux-2.6.25/fs/nfsd/auth.c linux-2.6.25-vs2.3.0.34.9/fs/nfsd/auth.c
6597 --- linux-2.6.25/fs/nfsd/auth.c 2008-04-17 12:05:40.000000000 -0400
6598 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfsd/auth.c 2008-04-19 17:07:41.000000000 -0400
6600 #include <linux/sunrpc/svcauth.h>
6601 #include <linux/nfsd/nfsd.h>
6602 #include <linux/nfsd/export.h>
6603 +#include <linux/vs_tag.h>
6605 int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
6607 @@ -54,19 +55,23 @@ int nfsd_setuser(struct svc_rqst *rqstp,
6608 get_group_info(cred.cr_group_info);
6610 if (cred.cr_uid != (uid_t) -1)
6611 - current->fsuid = cred.cr_uid;
6612 + current->fsuid = INOTAG_UID(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid);
6614 current->fsuid = exp->ex_anon_uid;
6615 if (cred.cr_gid != (gid_t) -1)
6616 - current->fsgid = cred.cr_gid;
6617 + current->fsgid = INOTAG_GID(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid);
6619 current->fsgid = exp->ex_anon_gid;
6621 + /* this desperately needs a tag :) */
6622 + current->xid = (xid_t)INOTAG_TAG(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid, 0);
6624 if (!cred.cr_group_info)
6626 ret = set_current_groups(cred.cr_group_info);
6627 put_group_info(cred.cr_group_info);
6628 - if ((cred.cr_uid)) {
6630 + if (INOTAG_UID(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid)) {
6631 current->cap_effective =
6632 cap_drop_nfsd_set(current->cap_effective);
6634 diff -NurpP --minimal linux-2.6.25/fs/nfsd/nfs3xdr.c linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfs3xdr.c
6635 --- linux-2.6.25/fs/nfsd/nfs3xdr.c 2008-04-17 12:05:40.000000000 -0400
6636 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfs3xdr.c 2008-04-19 17:08:09.000000000 -0400
6638 #include <linux/sunrpc/svc.h>
6639 #include <linux/nfsd/nfsd.h>
6640 #include <linux/nfsd/xdr3.h>
6641 +#include <linux/vs_tag.h>
6644 #define NFSDDBG_FACILITY NFSDDBG_XDR
6645 @@ -108,6 +109,8 @@ static __be32 *
6646 decode_sattr3(__be32 *p, struct iattr *iap)
6654 @@ -117,12 +120,15 @@ decode_sattr3(__be32 *p, struct iattr *i
6657 iap->ia_valid |= ATTR_UID;
6658 - iap->ia_uid = ntohl(*p++);
6659 + uid = ntohl(*p++);
6662 iap->ia_valid |= ATTR_GID;
6663 - iap->ia_gid = ntohl(*p++);
6664 + gid = ntohl(*p++);
6666 + iap->ia_uid = INOTAG_UID(DX_TAG_NFSD, uid, gid);
6667 + iap->ia_gid = INOTAG_GID(DX_TAG_NFSD, uid, gid);
6668 + iap->ia_tag = INOTAG_TAG(DX_TAG_NFSD, uid, gid, 0);
6672 @@ -178,8 +184,12 @@ encode_fattr3(struct svc_rqst *rqstp, __
6673 *p++ = htonl(nfs3_ftypes[(stat->mode & S_IFMT) >> 12]);
6674 *p++ = htonl((u32) stat->mode);
6675 *p++ = htonl((u32) stat->nlink);
6676 - *p++ = htonl((u32) nfsd_ruid(rqstp, stat->uid));
6677 - *p++ = htonl((u32) nfsd_rgid(rqstp, stat->gid));
6678 + *p++ = htonl((u32) nfsd_ruid(rqstp,
6679 + TAGINO_UID(0 /* FIXME: DX_TAG(dentry->d_inode) */,
6680 + stat->uid, stat->tag)));
6681 + *p++ = htonl((u32) nfsd_rgid(rqstp,
6682 + TAGINO_GID(0 /* FIXME: DX_TAG(dentry->d_inode) */,
6683 + stat->gid, stat->tag)));
6684 if (S_ISLNK(stat->mode) && stat->size > NFS3_MAXPATHLEN) {
6685 p = xdr_encode_hyper(p, (u64) NFS3_MAXPATHLEN);
6687 diff -NurpP --minimal linux-2.6.25/fs/nfsd/nfs4recover.c linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfs4recover.c
6688 --- linux-2.6.25/fs/nfsd/nfs4recover.c 2008-04-17 12:05:40.000000000 -0400
6689 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfs4recover.c 2008-04-20 13:24:11.000000000 -0400
6690 @@ -154,7 +154,7 @@ nfsd4_create_clid_dir(struct nfs4_client
6691 dprintk("NFSD: nfsd4_create_clid_dir: DIRECTORY EXISTS\n");
6694 - status = vfs_mkdir(rec_dir.path.dentry->d_inode, dentry, S_IRWXU);
6695 + status = vfs_mkdir(rec_dir.path.dentry->d_inode, dentry, S_IRWXU, NULL);
6699 @@ -258,7 +258,7 @@ nfsd4_remove_clid_file(struct dentry *di
6702 mutex_lock_nested(&dir->d_inode->i_mutex, I_MUTEX_PARENT);
6703 - status = vfs_unlink(dir->d_inode, dentry);
6704 + status = vfs_unlink(dir->d_inode, dentry, NULL);
6705 mutex_unlock(&dir->d_inode->i_mutex);
6708 @@ -273,7 +273,7 @@ nfsd4_clear_clid_dir(struct dentry *dir,
6709 * a kernel from the future.... */
6710 nfsd4_list_rec_dir(dentry, nfsd4_remove_clid_file);
6711 mutex_lock_nested(&dir->d_inode->i_mutex, I_MUTEX_PARENT);
6712 - status = vfs_rmdir(dir->d_inode, dentry);
6713 + status = vfs_rmdir(dir->d_inode, dentry, NULL);
6714 mutex_unlock(&dir->d_inode->i_mutex);
6717 diff -NurpP --minimal linux-2.6.25/fs/nfsd/nfs4xdr.c linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfs4xdr.c
6718 --- linux-2.6.25/fs/nfsd/nfs4xdr.c 2008-04-17 12:05:40.000000000 -0400
6719 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfs4xdr.c 2008-04-19 15:14:52.000000000 -0400
6721 #include <linux/nfs4_acl.h>
6722 #include <linux/sunrpc/gss_api.h>
6723 #include <linux/sunrpc/svcauth_gss.h>
6724 +#include <linux/vs_tag.h>
6726 #define NFSDDBG_FACILITY NFSDDBG_XDR
6728 @@ -1759,14 +1760,18 @@ out_acl:
6729 WRITE32(stat.nlink);
6731 if (bmval1 & FATTR4_WORD1_OWNER) {
6732 - status = nfsd4_encode_user(rqstp, stat.uid, &p, &buflen);
6733 + status = nfsd4_encode_user(rqstp,
6734 + TAGINO_UID(DX_TAG(dentry->d_inode),
6735 + stat.uid, stat.tag), &p, &buflen);
6736 if (status == nfserr_resource)
6741 if (bmval1 & FATTR4_WORD1_OWNER_GROUP) {
6742 - status = nfsd4_encode_group(rqstp, stat.gid, &p, &buflen);
6743 + status = nfsd4_encode_group(rqstp,
6744 + TAGINO_GID(DX_TAG(dentry->d_inode),
6745 + stat.gid, stat.tag), &p, &buflen);
6746 if (status == nfserr_resource)
6749 diff -NurpP --minimal linux-2.6.25/fs/nfsd/nfsxdr.c linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfsxdr.c
6750 --- linux-2.6.25/fs/nfsd/nfsxdr.c 2008-04-17 12:05:40.000000000 -0400
6751 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfsd/nfsxdr.c 2008-04-20 13:23:36.000000000 -0400
6753 #include <linux/nfsd/nfsd.h>
6754 #include <linux/nfsd/xdr.h>
6755 #include <linux/mm.h>
6756 +#include <linux/vs_tag.h>
6759 #define NFSDDBG_FACILITY NFSDDBG_XDR
6760 @@ -98,6 +99,8 @@ static __be32 *
6761 decode_sattr(__be32 *p, struct iattr *iap)
6769 @@ -111,12 +114,15 @@ decode_sattr(__be32 *p, struct iattr *ia
6771 if ((tmp = ntohl(*p++)) != (u32)-1) {
6772 iap->ia_valid |= ATTR_UID;
6773 - iap->ia_uid = tmp;
6776 if ((tmp = ntohl(*p++)) != (u32)-1) {
6777 iap->ia_valid |= ATTR_GID;
6778 - iap->ia_gid = tmp;
6781 + iap->ia_uid = INOTAG_UID(DX_TAG_NFSD, uid, gid);
6782 + iap->ia_gid = INOTAG_GID(DX_TAG_NFSD, uid, gid);
6783 + iap->ia_tag = INOTAG_TAG(DX_TAG_NFSD, uid, gid, 0);
6784 if ((tmp = ntohl(*p++)) != (u32)-1) {
6785 iap->ia_valid |= ATTR_SIZE;
6787 @@ -161,8 +167,10 @@ encode_fattr(struct svc_rqst *rqstp, __b
6788 *p++ = htonl(nfs_ftypes[type >> 12]);
6789 *p++ = htonl((u32) stat->mode);
6790 *p++ = htonl((u32) stat->nlink);
6791 - *p++ = htonl((u32) nfsd_ruid(rqstp, stat->uid));
6792 - *p++ = htonl((u32) nfsd_rgid(rqstp, stat->gid));
6793 + *p++ = htonl((u32) nfsd_ruid(rqstp,
6794 + TAGINO_UID(DX_TAG(dentry->d_inode), stat->uid, stat->tag)));
6795 + *p++ = htonl((u32) nfsd_rgid(rqstp,
6796 + TAGINO_GID(DX_TAG(dentry->d_inode), stat->gid, stat->tag)));
6798 if (S_ISLNK(type) && stat->size > NFS_MAXPATHLEN) {
6799 *p++ = htonl(NFS_MAXPATHLEN);
6800 diff -NurpP --minimal linux-2.6.25/fs/nfsd/vfs.c linux-2.6.25-vs2.3.0.34.9/fs/nfsd/vfs.c
6801 --- linux-2.6.25/fs/nfsd/vfs.c 2008-04-17 12:05:40.000000000 -0400
6802 +++ linux-2.6.25-vs2.3.0.34.9/fs/nfsd/vfs.c 2008-04-21 17:24:34.000000000 -0400
6803 @@ -1258,13 +1258,13 @@ nfsd_create(struct svc_rqst *rqstp, stru
6804 host_err = vfs_create(dirp, dchild, iap->ia_mode, NULL);
6807 - host_err = vfs_mkdir(dirp, dchild, iap->ia_mode);
6808 + host_err = vfs_mkdir(dirp, dchild, iap->ia_mode, NULL);
6814 - host_err = vfs_mknod(dirp, dchild, iap->ia_mode, rdev);
6815 + host_err = vfs_mknod(dirp, dchild, iap->ia_mode, rdev, NULL);
6818 printk("nfsd: bad file type %o in nfsd_create\n", type);
6819 @@ -1529,11 +1529,13 @@ nfsd_symlink(struct svc_rqst *rqstp, str
6821 strncpy(path_alloced, path, plen);
6822 path_alloced[plen] = 0;
6823 - host_err = vfs_symlink(dentry->d_inode, dnew, path_alloced, mode);
6824 + host_err = vfs_symlink(dentry->d_inode, dnew,
6825 + path_alloced, mode, NULL);
6826 kfree(path_alloced);
6829 - host_err = vfs_symlink(dentry->d_inode, dnew, path, mode);
6830 + host_err = vfs_symlink(dentry->d_inode, dnew,
6831 + path, mode, NULL);
6834 if (EX_ISSYNC(fhp->fh_export))
6835 @@ -1592,7 +1594,7 @@ nfsd_link(struct svc_rqst *rqstp, struct
6836 dold = tfhp->fh_dentry;
6837 dest = dold->d_inode;
6839 - host_err = vfs_link(dold, dirp, dnew);
6840 + host_err = vfs_link(dold, dirp, dnew, NULL);
6842 if (EX_ISSYNC(ffhp->fh_export)) {
6843 err = nfserrno(nfsd_sync_dir(ddir));
6844 @@ -1757,9 +1759,9 @@ nfsd_unlink(struct svc_rqst *rqstp, stru
6848 - host_err = vfs_unlink(dirp, rdentry);
6849 + host_err = vfs_unlink(dirp, rdentry, NULL);
6850 } else { /* It's RMDIR */
6851 - host_err = vfs_rmdir(dirp, rdentry);
6852 + host_err = vfs_rmdir(dirp, rdentry, NULL);
6856 @@ -1876,7 +1878,8 @@ nfsd_permission(struct svc_rqst *rqstp,
6858 if (!(acc & MAY_LOCAL_ACCESS))
6859 if (acc & (MAY_WRITE | MAY_SATTR | MAY_TRUNC)) {
6860 - if (exp_rdonly(rqstp, exp) || IS_RDONLY(inode))
6861 + if (exp_rdonly(rqstp, exp) || IS_RDONLY(inode)
6862 + || MNT_IS_RDONLY(exp->ex_path.mnt))
6864 if (/* (acc & MAY_WRITE) && */ IS_IMMUTABLE(inode))
6866 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/dlm/dlmfs.c linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/dlm/dlmfs.c
6867 --- linux-2.6.25/fs/ocfs2/dlm/dlmfs.c 2008-04-17 12:05:40.000000000 -0400
6868 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/dlm/dlmfs.c 2008-04-19 15:14:52.000000000 -0400
6870 #include <linux/init.h>
6871 #include <linux/string.h>
6872 #include <linux/backing-dev.h>
6873 +#include <linux/vs_tag.h>
6875 #include <asm/uaccess.h>
6877 @@ -342,6 +343,7 @@ static struct inode *dlmfs_get_root_inod
6878 inode->i_mode = mode;
6879 inode->i_uid = current->fsuid;
6880 inode->i_gid = current->fsgid;
6881 + inode->i_tag = dx_current_fstag(sb);
6882 inode->i_blocks = 0;
6883 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info;
6884 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
6885 @@ -368,6 +370,7 @@ static struct inode *dlmfs_get_inode(str
6886 inode->i_mode = mode;
6887 inode->i_uid = current->fsuid;
6888 inode->i_gid = current->fsgid;
6889 + inode->i_tag = dx_current_fstag(sb);
6890 inode->i_blocks = 0;
6891 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info;
6892 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
6893 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/dlmglue.c linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/dlmglue.c
6894 --- linux-2.6.25/fs/ocfs2/dlmglue.c 2008-04-17 12:05:40.000000000 -0400
6895 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/dlmglue.c 2008-04-19 15:14:52.000000000 -0400
6896 @@ -1665,6 +1665,7 @@ static void __ocfs2_stuff_meta_lvb(struc
6897 lvb->lvb_iclusters = cpu_to_be32(oi->ip_clusters);
6898 lvb->lvb_iuid = cpu_to_be32(inode->i_uid);
6899 lvb->lvb_igid = cpu_to_be32(inode->i_gid);
6900 + lvb->lvb_itag = cpu_to_be16(inode->i_tag);
6901 lvb->lvb_imode = cpu_to_be16(inode->i_mode);
6902 lvb->lvb_inlink = cpu_to_be16(inode->i_nlink);
6903 lvb->lvb_iatime_packed =
6904 @@ -1719,6 +1720,7 @@ static void ocfs2_refresh_inode_from_lvb
6906 inode->i_uid = be32_to_cpu(lvb->lvb_iuid);
6907 inode->i_gid = be32_to_cpu(lvb->lvb_igid);
6908 + inode->i_tag = be16_to_cpu(lvb->lvb_itag);
6909 inode->i_mode = be16_to_cpu(lvb->lvb_imode);
6910 inode->i_nlink = be16_to_cpu(lvb->lvb_inlink);
6911 ocfs2_unpack_timespec(&inode->i_atime,
6912 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/dlmglue.h linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/dlmglue.h
6913 --- linux-2.6.25/fs/ocfs2/dlmglue.h 2008-04-17 12:05:40.000000000 -0400
6914 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/dlmglue.h 2008-04-19 15:14:52.000000000 -0400
6915 @@ -46,7 +46,8 @@ struct ocfs2_meta_lvb {
6918 __be32 lvb_igeneration;
6919 - __be32 lvb_reserved2;
6921 + __be16 lvb_reserved2;
6924 /* ocfs2_inode_lock_full() 'arg_flags' flags */
6925 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/file.c linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/file.c
6926 --- linux-2.6.25/fs/ocfs2/file.c 2008-04-17 12:05:40.000000000 -0400
6927 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/file.c 2008-04-19 15:14:52.000000000 -0400
6928 @@ -1054,13 +1054,15 @@ int ocfs2_setattr(struct dentry *dentry,
6929 mlog(0, "uid change: %d\n", attr->ia_uid);
6930 if (attr->ia_valid & ATTR_GID)
6931 mlog(0, "gid change: %d\n", attr->ia_gid);
6932 + if (attr->ia_valid & ATTR_TAG)
6933 + mlog(0, "tag change: %d\n", attr->ia_tag);
6934 if (attr->ia_valid & ATTR_SIZE)
6935 mlog(0, "size change...\n");
6936 if (attr->ia_valid & (ATTR_ATIME | ATTR_MTIME | ATTR_CTIME))
6937 mlog(0, "time change...\n");
6939 #define OCFS2_VALID_ATTRS (ATTR_ATIME | ATTR_MTIME | ATTR_CTIME | ATTR_SIZE \
6940 - | ATTR_GID | ATTR_UID | ATTR_MODE)
6941 + | ATTR_GID | ATTR_UID | ATTR_TAG | ATTR_MODE)
6942 if (!(attr->ia_valid & OCFS2_VALID_ATTRS)) {
6943 mlog(0, "can't handle attrs: 0x%x\n", attr->ia_valid);
6945 @@ -2229,6 +2231,7 @@ const struct inode_operations ocfs2_file
6946 const struct inode_operations ocfs2_special_file_iops = {
6947 .setattr = ocfs2_setattr,
6948 .getattr = ocfs2_getattr,
6949 + .sync_flags = ocfs2_sync_flags,
6950 .permission = ocfs2_permission,
6953 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/inode.c linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/inode.c
6954 --- linux-2.6.25/fs/ocfs2/inode.c 2008-04-17 12:05:40.000000000 -0400
6955 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/inode.c 2008-04-21 10:16:08.000000000 -0400
6957 #include <linux/slab.h>
6958 #include <linux/highmem.h>
6959 #include <linux/pagemap.h>
6960 +#include <linux/vs_tag.h>
6962 #include <asm/byteorder.h>
6966 #include "heartbeat.h"
6969 #include "journal.h"
6971 #include "suballoc.h"
6972 @@ -79,6 +81,10 @@ void ocfs2_set_inode_flags(struct inode
6974 if (flags & OCFS2_IMMUTABLE_FL)
6975 inode->i_flags |= S_IMMUTABLE;
6976 + if (flags & OCFS2_IUNLINK_FL)
6977 + inode->i_flags |= S_IUNLINK;
6978 + if (flags & OCFS2_BARRIER_FL)
6979 + inode->i_flags |= S_BARRIER;
6981 if (flags & OCFS2_SYNC_FL)
6982 inode->i_flags |= S_SYNC;
6983 @@ -109,6 +115,27 @@ void ocfs2_get_inode_flags(struct ocfs2_
6984 oi->ip_attr |= OCFS2_DIRSYNC_FL;
6987 +int ocfs2_sync_flags(struct inode *inode)
6989 + unsigned int oldflags, newflags;
6991 + oldflags = OCFS2_I(inode)->ip_flags;
6992 + newflags = oldflags & ~(OCFS2_IMMUTABLE_FL |
6993 + OCFS2_IUNLINK_FL | OCFS2_BARRIER_FL);
6995 + if (IS_IMMUTABLE(inode))
6996 + newflags |= OCFS2_IMMUTABLE_FL;
6997 + if (IS_IUNLINK(inode))
6998 + newflags |= OCFS2_IUNLINK_FL;
6999 + if (IS_BARRIER(inode))
7000 + newflags |= OCFS2_BARRIER_FL;
7002 + if (oldflags ^ newflags)
7003 + return ocfs2_set_inode_attr(inode,
7004 + newflags, OCFS2_FL_MASK);
7008 struct inode *ocfs2_iget(struct ocfs2_super *osb, u64 blkno, unsigned flags,
7011 @@ -219,6 +246,8 @@ int ocfs2_populate_inode(struct inode *i
7012 struct super_block *sb;
7013 struct ocfs2_super *osb;
7014 int status = -EINVAL;
7018 mlog_entry("(0x%p, size:%llu)\n", inode,
7019 (unsigned long long)le64_to_cpu(fe->i_size));
7020 @@ -254,8 +283,12 @@ int ocfs2_populate_inode(struct inode *i
7021 inode->i_generation = le32_to_cpu(fe->i_generation);
7022 inode->i_rdev = huge_decode_dev(le64_to_cpu(fe->id1.dev1.i_rdev));
7023 inode->i_mode = le16_to_cpu(fe->i_mode);
7024 - inode->i_uid = le32_to_cpu(fe->i_uid);
7025 - inode->i_gid = le32_to_cpu(fe->i_gid);
7026 + uid = le32_to_cpu(fe->i_uid);
7027 + gid = le32_to_cpu(fe->i_gid);
7028 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
7029 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
7030 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
7031 + /* le16_to_cpu(raw_inode->i_raw_tag)i */ 0);
7033 /* Fast symlinks will have i_size but no allocated clusters. */
7034 if (S_ISLNK(inode->i_mode) && !fe->i_clusters)
7035 @@ -1230,8 +1263,11 @@ int ocfs2_mark_inode_dirty(handle_t *han
7037 fe->i_size = cpu_to_le64(i_size_read(inode));
7038 fe->i_links_count = cpu_to_le16(inode->i_nlink);
7039 - fe->i_uid = cpu_to_le32(inode->i_uid);
7040 - fe->i_gid = cpu_to_le32(inode->i_gid);
7041 + fe->i_uid = cpu_to_le32(TAGINO_UID(DX_TAG(inode),
7042 + inode->i_uid, inode->i_tag));
7043 + fe->i_gid = cpu_to_le32(TAGINO_GID(DX_TAG(inode),
7044 + inode->i_gid, inode->i_tag));
7045 + /* i_tag = = cpu_to_le16(inode->i_tag); */
7046 fe->i_mode = cpu_to_le16(inode->i_mode);
7047 fe->i_atime = cpu_to_le64(inode->i_atime.tv_sec);
7048 fe->i_atime_nsec = cpu_to_le32(inode->i_atime.tv_nsec);
7049 @@ -1259,16 +1295,25 @@ leave:
7050 void ocfs2_refresh_inode(struct inode *inode,
7051 struct ocfs2_dinode *fe)
7056 spin_lock(&OCFS2_I(inode)->ip_lock);
7058 OCFS2_I(inode)->ip_clusters = le32_to_cpu(fe->i_clusters);
7059 OCFS2_I(inode)->ip_attr = le32_to_cpu(fe->i_attr);
7060 + /* OCFS2_I(inode)->ip_flags &= ~OCFS2_FL_MASK;
7061 + OCFS2_I(inode)->ip_flags |= le32_to_cpu(fe->i_flags) & OCFS2_FL_MASK; */
7062 OCFS2_I(inode)->ip_dyn_features = le16_to_cpu(fe->i_dyn_features);
7063 ocfs2_set_inode_flags(inode);
7064 i_size_write(inode, le64_to_cpu(fe->i_size));
7065 inode->i_nlink = le16_to_cpu(fe->i_links_count);
7066 - inode->i_uid = le32_to_cpu(fe->i_uid);
7067 - inode->i_gid = le32_to_cpu(fe->i_gid);
7068 + uid = le32_to_cpu(fe->i_uid);
7069 + gid = le32_to_cpu(fe->i_gid);
7070 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
7071 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
7072 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
7073 + /* le16_to_cpu(raw_inode->i_raw_tag)i */ 0);
7074 inode->i_mode = le16_to_cpu(fe->i_mode);
7075 if (S_ISLNK(inode->i_mode) && le32_to_cpu(fe->i_clusters) == 0)
7076 inode->i_blocks = 0;
7077 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/inode.h linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/inode.h
7078 --- linux-2.6.25/fs/ocfs2/inode.h 2008-04-17 12:05:40.000000000 -0400
7079 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/inode.h 2008-04-19 15:14:52.000000000 -0400
7080 @@ -143,6 +143,7 @@ int ocfs2_aio_write(struct file *file, s
7082 void ocfs2_set_inode_flags(struct inode *inode);
7083 void ocfs2_get_inode_flags(struct ocfs2_inode_info *oi);
7084 +int ocfs2_sync_flags(struct inode *inode);
7086 static inline blkcnt_t ocfs2_inode_sector_count(struct inode *inode)
7088 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ioctl.c
7089 --- linux-2.6.25/fs/ocfs2/ioctl.c 2008-04-17 12:05:40.000000000 -0400
7090 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ioctl.c 2008-04-19 15:14:52.000000000 -0400
7091 @@ -41,7 +41,7 @@ static int ocfs2_get_inode_attr(struct i
7095 -static int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
7096 +int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
7099 struct ocfs2_inode_info *ocfs2_inode = OCFS2_I(inode);
7100 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/ioctl.h linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ioctl.h
7101 --- linux-2.6.25/fs/ocfs2/ioctl.h 2008-04-17 10:33:02.000000000 -0400
7102 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ioctl.h 2008-04-19 15:14:52.000000000 -0400
7104 #ifndef OCFS2_IOCTL_H
7105 #define OCFS2_IOCTL_H
7107 +int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
7110 int ocfs2_ioctl(struct inode * inode, struct file * filp,
7111 unsigned int cmd, unsigned long arg);
7112 long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg);
7113 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/namei.c linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/namei.c
7114 --- linux-2.6.25/fs/ocfs2/namei.c 2008-04-17 12:05:40.000000000 -0400
7115 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/namei.c 2008-04-19 15:14:52.000000000 -0400
7117 #include <linux/types.h>
7118 #include <linux/slab.h>
7119 #include <linux/highmem.h>
7120 +#include <linux/vs_tag.h>
7122 #define MLOG_MASK_PREFIX ML_NAMEI
7123 #include <cluster/masklog.h>
7124 @@ -366,6 +367,9 @@ static int ocfs2_mknod_locked(struct ocf
7127 struct inode *inode = NULL;
7132 mlog_entry("(0x%p, 0x%p, %d, %lu, '%.*s')\n", dir, dentry, mode,
7133 (unsigned long)dev, dentry->d_name.len,
7134 @@ -425,13 +429,19 @@ static int ocfs2_mknod_locked(struct ocf
7135 fe->i_blkno = cpu_to_le64(fe_blkno);
7136 fe->i_suballoc_bit = cpu_to_le16(suballoc_bit);
7137 fe->i_suballoc_slot = cpu_to_le16(osb->slot_num);
7138 - fe->i_uid = cpu_to_le32(current->fsuid);
7140 + tag = dx_current_fstag(osb->sb);
7141 + uid = current->fsuid;
7142 if (dir->i_mode & S_ISGID) {
7143 - fe->i_gid = cpu_to_le32(dir->i_gid);
7148 - fe->i_gid = cpu_to_le32(current->fsgid);
7149 + gid = current->fsgid;
7151 + fe->i_uid = cpu_to_le32(TAGINO_UID(DX_TAG(inode), uid, tag));
7152 + fe->i_gid = cpu_to_le32(TAGINO_GID(DX_TAG(inode), gid, tag));
7153 + inode->i_tag = tag;
7154 fe->i_mode = cpu_to_le16(mode);
7155 if (S_ISCHR(mode) || S_ISBLK(mode))
7156 fe->id1.dev1.i_rdev = cpu_to_le64(huge_encode_dev(dev));
7157 @@ -1917,5 +1927,6 @@ const struct inode_operations ocfs2_dir_
7158 .rename = ocfs2_rename,
7159 .setattr = ocfs2_setattr,
7160 .getattr = ocfs2_getattr,
7161 + .sync_flags = ocfs2_sync_flags,
7162 .permission = ocfs2_permission,
7164 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/ocfs2_fs.h linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ocfs2_fs.h
7165 --- linux-2.6.25/fs/ocfs2/ocfs2_fs.h 2008-04-17 12:05:40.000000000 -0400
7166 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ocfs2_fs.h 2008-04-19 15:14:52.000000000 -0400
7167 @@ -188,8 +188,12 @@
7168 #define OCFS2_NOATIME_FL (0x00000080) /* do not update atime */
7169 #define OCFS2_DIRSYNC_FL (0x00010000) /* dirsync behaviour (directories only) */
7171 +#define OCFS2_BARRIER_FL (0x04000000) /* Barrier for chroot() */
7172 +#define OCFS2_IUNLINK_FL (0x08000000) /* Immutable unlink */
7174 #define OCFS2_FL_VISIBLE (0x000100FF) /* User visible flags */
7175 #define OCFS2_FL_MODIFIABLE (0x000100FF) /* User modifiable flags */
7176 +#define OCFS2_FL_MASK (0x0F0100FF)
7179 * Extent record flags (e_node.leaf.flags)
7180 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/ocfs2.h linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ocfs2.h
7181 --- linux-2.6.25/fs/ocfs2/ocfs2.h 2008-04-17 12:05:40.000000000 -0400
7182 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/ocfs2.h 2008-04-21 10:15:31.000000000 -0400
7183 @@ -171,6 +171,7 @@ enum ocfs2_mount_options
7184 OCFS2_MOUNT_ERRORS_PANIC = 1 << 3, /* Panic on errors */
7185 OCFS2_MOUNT_DATA_WRITEBACK = 1 << 4, /* No data ordering */
7186 OCFS2_MOUNT_LOCALFLOCKS = 1 << 5, /* No cluster aware user file locks */
7187 + OCFS2_MOUNT_TAGGED = 1 << 8, /* use tagging */
7190 #define OCFS2_OSB_SOFT_RO 0x0001
7191 diff -NurpP --minimal linux-2.6.25/fs/ocfs2/super.c linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/super.c
7192 --- linux-2.6.25/fs/ocfs2/super.c 2008-04-17 12:05:40.000000000 -0400
7193 +++ linux-2.6.25-vs2.3.0.34.9/fs/ocfs2/super.c 2008-04-23 08:31:10.000000000 -0400
7194 @@ -154,6 +154,7 @@ enum {
7198 + Opt_tag, Opt_notag, Opt_tagid,
7202 @@ -172,6 +173,9 @@ static match_table_t tokens = {
7203 {Opt_commit, "commit=%u"},
7204 {Opt_localalloc, "localalloc=%d"},
7205 {Opt_localflocks, "localflocks"},
7207 + {Opt_notag, "notag"},
7208 + {Opt_tagid, "tagid=%u"},
7212 @@ -391,6 +395,13 @@ static int ocfs2_remount(struct super_bl
7216 + if ((parsed_options.mount_opt & OCFS2_MOUNT_TAGGED) &&
7217 + !(sb->s_flags & MS_TAGGED)) {
7219 + mlog(ML_ERROR, "Cannot change tagging on remount\n");
7223 if ((osb->s_mount_opt & OCFS2_MOUNT_HB_LOCAL) !=
7224 (parsed_options.mount_opt & OCFS2_MOUNT_HB_LOCAL)) {
7226 @@ -691,6 +702,9 @@ static int ocfs2_fill_super(struct super
7228 ocfs2_complete_mount_recovery(osb);
7230 + if (osb->s_mount_opt & OCFS2_MOUNT_TAGGED)
7231 + sb->s_flags |= MS_TAGGED;
7233 if (ocfs2_mount_local(osb))
7234 snprintf(nodestr, sizeof(nodestr), "local");
7236 @@ -864,6 +878,20 @@ static int ocfs2_parse_options(struct su
7238 mopt->mount_opt |= OCFS2_MOUNT_LOCALFLOCKS;
7240 +#ifndef CONFIG_TAGGING_NONE
7242 + mopt->mount_opt |= OCFS2_MOUNT_TAGGED;
7245 + mopt->mount_opt &= ~OCFS2_MOUNT_TAGGED;
7248 +#ifdef CONFIG_PROPAGATE
7251 + mopt->mount_opt |= OCFS2_MOUNT_TAGGED;
7256 "Unrecognized mount option \"%s\" "
7257 diff -NurpP --minimal linux-2.6.25/fs/open.c linux-2.6.25-vs2.3.0.34.9/fs/open.c
7258 --- linux-2.6.25/fs/open.c 2008-04-17 12:05:41.000000000 -0400
7259 +++ linux-2.6.25-vs2.3.0.34.9/fs/open.c 2008-04-21 13:51:52.000000000 -0400
7261 #include <linux/rcupdate.h>
7262 #include <linux/audit.h>
7263 #include <linux/falloc.h>
7264 +#include <linux/vs_base.h>
7265 +#include <linux/vs_limit.h>
7266 +#include <linux/vs_dlimit.h>
7267 +#include <linux/vs_tag.h>
7268 +#include <linux/vs_cowbl.h>
7270 int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
7272 int retval = -ENODEV;
7275 + struct super_block *sb = dentry->d_sb;
7278 - if (dentry->d_sb->s_op->statfs) {
7279 + if (sb->s_op->statfs) {
7280 memset(buf, 0, sizeof(*buf));
7281 retval = security_sb_statfs(dentry);
7284 - retval = dentry->d_sb->s_op->statfs(dentry, buf);
7285 + retval = sb->s_op->statfs(dentry, buf);
7286 if (retval == 0 && buf->f_frsize == 0)
7287 buf->f_frsize = buf->f_bsize;
7289 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
7290 + vx_vsi_statfs(sb, buf);
7294 @@ -249,7 +258,7 @@ static long do_sys_truncate(const char _
7298 - if (IS_RDONLY(inode))
7299 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.path.mnt))
7303 @@ -458,7 +467,7 @@ asmlinkage long sys_faccessat(int dfd, c
7304 special_file(nd.path.dentry->d_inode->i_mode))
7305 goto out_path_release;
7307 - if(IS_RDONLY(nd.path.dentry->d_inode))
7308 + if(IS_RDONLY(nd.path.dentry->d_inode) || MNT_IS_RDONLY(nd.path.mnt))
7312 @@ -568,7 +577,7 @@ asmlinkage long sys_fchmod(unsigned int
7313 audit_inode(NULL, dentry);
7316 - if (IS_RDONLY(inode))
7317 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(file->f_vfsmnt))
7320 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
7321 @@ -598,11 +607,11 @@ asmlinkage long sys_fchmodat(int dfd, co
7322 error = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW, &nd);
7325 - inode = nd.path.dentry->d_inode;
7328 - if (IS_RDONLY(inode))
7330 + error = cow_check_and_break(&nd);
7333 + inode = nd.path.dentry->d_inode;
7336 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
7337 @@ -627,7 +636,8 @@ asmlinkage long sys_chmod(const char __u
7338 return sys_fchmodat(AT_FDCWD, filename, mode);
7341 -static int chown_common(struct dentry * dentry, uid_t user, gid_t group)
7342 +static int chown_common(struct dentry *dentry, struct vfsmount *mnt,
7343 + uid_t user, gid_t group)
7345 struct inode * inode;
7347 @@ -639,7 +649,7 @@ static int chown_common(struct dentry *
7351 - if (IS_RDONLY(inode))
7352 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt))
7355 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
7356 @@ -647,11 +657,11 @@ static int chown_common(struct dentry *
7357 newattrs.ia_valid = ATTR_CTIME;
7358 if (user != (uid_t) -1) {
7359 newattrs.ia_valid |= ATTR_UID;
7360 - newattrs.ia_uid = user;
7361 + newattrs.ia_uid = dx_map_uid(user);
7363 if (group != (gid_t) -1) {
7364 newattrs.ia_valid |= ATTR_GID;
7365 - newattrs.ia_gid = group;
7366 + newattrs.ia_gid = dx_map_gid(group);
7368 if (!S_ISDIR(inode->i_mode))
7369 newattrs.ia_valid |=
7370 @@ -671,7 +681,11 @@ asmlinkage long sys_chown(const char __u
7371 error = user_path_walk(filename, &nd);
7374 - error = chown_common(nd.path.dentry, user, group);
7375 +#ifdef CONFIG_VSERVER_COWBL
7376 + error = cow_check_and_break(&nd);
7379 + error = chown_common(nd.path.dentry, nd.path.mnt, user, group);
7383 @@ -691,7 +705,11 @@ asmlinkage long sys_fchownat(int dfd, co
7384 error = __user_walk_fd(dfd, filename, follow, &nd);
7387 - error = chown_common(nd.path.dentry, user, group);
7388 +#ifdef CONFIG_VSERVER_COWBL
7389 + error = cow_check_and_break(&nd);
7392 + error = chown_common(nd.path.dentry, nd.path.mnt, user, group);
7396 @@ -705,7 +723,11 @@ asmlinkage long sys_lchown(const char __
7397 error = user_path_walk_link(filename, &nd);
7400 - error = chown_common(nd.path.dentry, user, group);
7401 +#ifdef CONFIG_VSERVER_COWBL
7402 + error = cow_check_and_break(&nd);
7405 + error = chown_common(nd.path.dentry, nd.path.mnt, user, group);
7409 @@ -724,7 +746,7 @@ asmlinkage long sys_fchown(unsigned int
7411 dentry = file->f_path.dentry;
7412 audit_inode(NULL, dentry);
7413 - error = chown_common(dentry, user, group);
7414 + error = chown_common(dentry, file->f_vfsmnt, user, group);
7418 @@ -971,6 +993,7 @@ repeat:
7420 FD_CLR(fd, fdt->close_on_exec);
7421 files->next_fd = fd + 1;
7422 + vx_openfd_inc(fd);
7425 if (fdt->fd[fd] != NULL) {
7426 @@ -998,6 +1021,7 @@ static void __put_unused_fd(struct files
7427 __FD_CLR(fd, fdt->open_fds);
7428 if (fd < files->next_fd)
7429 files->next_fd = fd;
7430 + vx_openfd_dec(fd);
7433 void put_unused_fd(unsigned int fd)
7434 diff -NurpP --minimal linux-2.6.25/fs/proc/array.c linux-2.6.25-vs2.3.0.34.9/fs/proc/array.c
7435 --- linux-2.6.25/fs/proc/array.c 2008-04-17 12:05:41.000000000 -0400
7436 +++ linux-2.6.25-vs2.3.0.34.9/fs/proc/array.c 2008-04-22 18:22:56.000000000 -0400
7438 #include <linux/delayacct.h>
7439 #include <linux/seq_file.h>
7440 #include <linux/pid_namespace.h>
7441 +#include <linux/vs_context.h>
7442 +#include <linux/vs_network.h>
7444 #include <asm/pgtable.h>
7445 #include <asm/processor.h>
7446 @@ -140,8 +142,9 @@ static const char *task_state_array[] =
7447 "D (disk sleep)", /* 2 */
7448 "T (stopped)", /* 4 */
7449 "T (tracing stop)", /* 8 */
7450 - "Z (zombie)", /* 16 */
7451 - "X (dead)" /* 32 */
7452 + "H (on hold)", /* 16 */
7453 + "Z (zombie)", /* 32 */
7454 + "X (dead)", /* 64 */
7457 static inline const char *get_task_state(struct task_struct *tsk)
7458 @@ -162,6 +165,7 @@ static inline void task_state(struct seq
7459 struct group_info *group_info;
7461 struct fdtable *fdt = NULL;
7462 +/* + pid_t pid, ptgid, tppid, tgid; */
7466 @@ -169,6 +173,12 @@ static inline void task_state(struct seq
7467 task_tgid_nr_ns(rcu_dereference(p->real_parent), ns) : 0;
7468 tpid = pid_alive(p) && p->ptrace ?
7469 task_pid_nr_ns(rcu_dereference(p->parent), ns) : 0;
7470 +/* tgid = vx_map_tgid(p->tgid);
7471 + pid = vx_map_pid(p->pid);
7472 + ptgid = vx_map_pid(pid_alive(p) ?
7473 + rcu_dereference(p->real_parent)->tgid : 0);
7474 + tppid = vx_map_pid(pid_alive(p) && p->ptrace ?
7475 + rcu_dereference(p->parent)->pid : 0); */
7479 @@ -280,23 +290,23 @@ static inline void task_sig(struct seq_f
7482 static void render_cap_t(struct seq_file *m, const char *header,
7484 + struct vx_info *vxi, kernel_cap_t *a)
7488 seq_printf(m, "%s", header);
7489 CAP_FOR_EACH_U32(__capi) {
7490 seq_printf(m, "%08x",
7491 - a->cap[(_LINUX_CAPABILITY_U32S-1) - __capi]);
7492 + a->cap[(_LINUX_CAPABILITY_U32S-1) - __capi]);
7494 seq_printf(m, "\n");
7497 static inline void task_cap(struct seq_file *m, struct task_struct *p)
7499 - render_cap_t(m, "CapInh:\t", &p->cap_inheritable);
7500 - render_cap_t(m, "CapPrm:\t", &p->cap_permitted);
7501 - render_cap_t(m, "CapEff:\t", &p->cap_effective);
7502 + render_cap_t(m, "CapInh:\t", p->vx_info, &p->cap_inheritable);
7503 + render_cap_t(m, "CapPrm:\t", p->vx_info, &p->cap_permitted);
7504 + render_cap_t(m, "CapEff:\t", p->vx_info, &p->cap_effective);
7507 static inline void task_context_switch_counts(struct seq_file *m,
7508 @@ -308,6 +318,45 @@ static inline void task_context_switch_c
7512 +int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
7513 + struct pid *pid, struct task_struct *task)
7515 + seq_printf(m, "Proxy:\t%p(%c)\n"
7524 + (task->nsproxy == init_task.nsproxy ? 'I' : '-'),
7525 + atomic_read(&task->nsproxy->count),
7526 + task->nsproxy->uts_ns,
7527 + (task->nsproxy->uts_ns == init_task.nsproxy->uts_ns ? 'I' : '-'),
7528 + task->nsproxy->ipc_ns,
7529 + (task->nsproxy->ipc_ns == init_task.nsproxy->ipc_ns ? 'I' : '-'),
7530 + task->nsproxy->mnt_ns,
7531 + (task->nsproxy->mnt_ns == init_task.nsproxy->mnt_ns ? 'I' : '-'),
7532 + task->nsproxy->pid_ns,
7533 + (task->nsproxy->pid_ns == init_task.nsproxy->pid_ns ? 'I' : '-'),
7534 + task->nsproxy->user_ns,
7535 + (task->nsproxy->user_ns == init_task.nsproxy->user_ns ? 'I' : '-'),
7536 + task->nsproxy->net_ns,
7537 + (task->nsproxy->net_ns == init_task.nsproxy->net_ns ? 'I' : '-'));
7541 +void task_vs_id(struct seq_file *m, struct task_struct *task)
7543 + if (task_vx_flags(task, VXF_HIDE_VINFO, 0))
7546 + seq_printf(m, "VxID: %d\n", vx_task_xid(task));
7547 + seq_printf(m, "NxID: %d\n", nx_task_nid(task));
7551 int proc_pid_status(struct seq_file *m, struct pid_namespace *ns,
7552 struct pid *pid, struct task_struct *task)
7554 @@ -323,6 +372,7 @@ int proc_pid_status(struct seq_file *m,
7557 cpuset_task_status_allowed(m, task);
7558 + task_vs_id(m, task);
7559 #if defined(CONFIG_S390)
7560 task_show_regs(m, task);
7562 @@ -494,6 +544,17 @@ static int do_task_stat(struct seq_file
7563 /* convert nsec -> ticks */
7564 start_time = nsec_to_clock_t(start_time);
7566 + /* fixup start time for virt uptime */
7567 + if (vx_flags(VXF_VIRT_UPTIME, 0)) {
7568 + unsigned long long bias =
7569 + current->vx_info->cvirt.bias_clock;
7571 + if (start_time > bias)
7572 + start_time -= bias;
7577 seq_printf(m, "%d (%s) %c %d %d %d %d %d %u %lu \
7578 %lu %lu %lu %lu %lu %ld %ld %ld %ld %d 0 %llu %lu %ld %lu %lu %lu %lu %lu \
7579 %lu %lu %lu %lu %lu %lu %lu %lu %d %d %u %u %llu %lu %ld\n",
7580 diff -NurpP --minimal linux-2.6.25/fs/proc/base.c linux-2.6.25-vs2.3.0.34.9/fs/proc/base.c
7581 --- linux-2.6.25/fs/proc/base.c 2008-04-17 12:05:41.000000000 -0400
7582 +++ linux-2.6.25-vs2.3.0.34.9/fs/proc/base.c 2008-04-29 17:56:00.000000000 -0400
7584 #include <linux/oom.h>
7585 #include <linux/elf.h>
7586 #include <linux/pid_namespace.h>
7587 +#include <linux/vs_context.h>
7588 +#include <linux/vs_network.h>
7589 #include "internal.h"
7592 @@ -1290,6 +1292,8 @@ static struct inode *proc_pid_make_inode
7593 inode->i_uid = task->euid;
7594 inode->i_gid = task->egid;
7596 + /* procfs is xid tagged */
7597 + inode->i_tag = (tag_t)vx_task_xid(task);
7598 security_task_to_inode(task, inode);
7601 @@ -1833,6 +1837,13 @@ static struct dentry *proc_pident_lookup
7605 + /* TODO: maybe we can come up with a generic approach? */
7606 + if (task_vx_flags(task, VXF_HIDE_VINFO, 0) &&
7607 + (dentry->d_name.len == 5) &&
7608 + (!memcmp(dentry->d_name.name, "vinfo", 5) ||
7609 + !memcmp(dentry->d_name.name, "ninfo", 5)))
7613 * Yes, it does not scale. And it should not. Don't add
7614 * new entries into /proc/<tgid>/ without very good reasons.
7615 @@ -2220,7 +2231,7 @@ out_iput:
7616 static struct dentry *proc_base_lookup(struct inode *dir, struct dentry *dentry)
7618 struct dentry *error;
7619 - struct task_struct *task = get_proc_task(dir);
7620 + struct task_struct *task = get_proc_task_real(dir);
7621 const struct pid_entry *p, *last;
7623 error = ERR_PTR(-ENOENT);
7624 @@ -2285,6 +2296,9 @@ static int proc_pid_io_accounting(struct
7625 static const struct file_operations proc_task_operations;
7626 static const struct inode_operations proc_task_inode_operations;
7628 +extern int proc_pid_vx_info(struct task_struct *, char *);
7629 +extern int proc_pid_nx_info(struct task_struct *, char *);
7631 static const struct pid_entry tgid_base_stuff[] = {
7632 DIR("task", S_IRUGO|S_IXUGO, task),
7633 DIR("fd", S_IRUSR|S_IXUSR, fd),
7634 @@ -2335,6 +2349,8 @@ static const struct pid_entry tgid_base_
7635 #ifdef CONFIG_CGROUPS
7636 REG("cgroup", S_IRUGO, cgroup),
7638 + INF("vinfo", S_IRUGO, pid_vx_info),
7639 + INF("ninfo", S_IRUGO, pid_nx_info),
7640 INF("oom_score", S_IRUGO, oom_score),
7641 REG("oom_adj", S_IRUGO|S_IWUSR, oom_adjust),
7642 #ifdef CONFIG_AUDITSYSCALL
7643 @@ -2350,6 +2366,7 @@ static const struct pid_entry tgid_base_
7644 #ifdef CONFIG_TASK_IO_ACCOUNTING
7645 INF("io", S_IRUGO, pid_io_accounting),
7647 + ONE("nsproxy", S_IRUGO, pid_nsproxy),
7650 static int proc_tgid_base_readdir(struct file * filp,
7651 @@ -2547,7 +2564,7 @@ retry:
7653 pid = find_ge_pid(iter.tgid, ns);
7655 - iter.tgid = pid_nr_ns(pid, ns);
7656 + iter.tgid = pid_unmapped_nr_ns(pid, ns);
7657 iter.task = pid_task(pid, PIDTYPE_PID);
7658 /* What we to know is if the pid we have find is the
7659 * pid of a thread_group_leader. Testing for task
7660 @@ -2577,7 +2594,7 @@ static int proc_pid_fill_cache(struct fi
7661 struct tgid_iter iter)
7663 char name[PROC_NUMBUF];
7664 - int len = snprintf(name, sizeof(name), "%d", iter.tgid);
7665 + int len = snprintf(name, sizeof(name), "%d", vx_map_tgid(iter.tgid));
7666 return proc_fill_cache(filp, dirent, filldir, name, len,
7667 proc_pid_instantiate, iter.task, NULL);
7669 @@ -2586,7 +2603,7 @@ static int proc_pid_fill_cache(struct fi
7670 int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir)
7672 unsigned int nr = filp->f_pos - FIRST_PROCESS_ENTRY;
7673 - struct task_struct *reaper = get_proc_task(filp->f_path.dentry->d_inode);
7674 + struct task_struct *reaper = get_proc_task_real(filp->f_path.dentry->d_inode);
7675 struct tgid_iter iter;
7676 struct pid_namespace *ns;
7678 @@ -2606,6 +2623,8 @@ int proc_pid_readdir(struct file * filp,
7680 iter.tgid += 1, iter = next_tgid(ns, iter)) {
7681 filp->f_pos = iter.tgid + TGID_OFFSET;
7682 + if (!vx_proc_task_visible(iter.task))
7684 if (proc_pid_fill_cache(filp, dirent, filldir, iter) < 0) {
7685 put_task_struct(iter.task);
7687 @@ -2742,6 +2761,8 @@ static struct dentry *proc_task_lookup(s
7688 tid = name_to_int(dentry);
7691 + if (vx_current_initpid(tid))
7694 ns = dentry->d_sb->s_fs_info;
7696 diff -NurpP --minimal linux-2.6.25/fs/proc/generic.c linux-2.6.25-vs2.3.0.34.9/fs/proc/generic.c
7697 --- linux-2.6.25/fs/proc/generic.c 2008-04-17 12:05:41.000000000 -0400
7698 +++ linux-2.6.25-vs2.3.0.34.9/fs/proc/generic.c 2008-04-20 14:23:26.000000000 -0400
7700 #include <linux/bitops.h>
7701 #include <linux/spinlock.h>
7702 #include <linux/completion.h>
7703 +#include <linux/vserver/inode.h>
7704 #include <asm/uaccess.h>
7706 #include "internal.h"
7707 @@ -389,6 +390,8 @@ struct dentry *proc_lookup_de(struct pro
7708 for (de = de->subdir; de ; de = de->next) {
7709 if (de->namelen != dentry->d_name.len)
7711 + if (!vx_hide_check(0, de->vx_flags))
7713 if (!memcmp(dentry->d_name.name, de->name, de->namelen)) {
7716 @@ -397,6 +400,8 @@ struct dentry *proc_lookup_de(struct pro
7717 spin_unlock(&proc_subdir_lock);
7719 inode = proc_get_inode(dir->i_sb, ino, de);
7720 + /* generic proc entries belong to the host */
7725 @@ -481,6 +486,8 @@ int proc_readdir_de(struct proc_dir_entr
7727 /* filldir passes info to user space */
7729 + if (!vx_hide_check(0, de->vx_flags))
7731 spin_unlock(&proc_subdir_lock);
7732 if (filldir(dirent, de->name, de->namelen, filp->f_pos,
7733 de->low_ino, de->mode >> 12) < 0) {
7734 @@ -488,6 +495,7 @@ int proc_readdir_de(struct proc_dir_entr
7737 spin_lock(&proc_subdir_lock);
7742 @@ -602,6 +610,7 @@ static struct proc_dir_entry *__proc_cre
7744 atomic_set(&ent->count, 1);
7746 + ent->vx_flags = IATTR_PROC_DEFAULT;
7747 spin_lock_init(&ent->pde_unload_lock);
7748 ent->pde_unload_completion = NULL;
7750 @@ -624,7 +633,8 @@ struct proc_dir_entry *proc_symlink(cons
7756 + ent->vx_flags = IATTR_PROC_SYMLINK;
7760 diff -NurpP --minimal linux-2.6.25/fs/proc/inode.c linux-2.6.25-vs2.3.0.34.9/fs/proc/inode.c
7761 --- linux-2.6.25/fs/proc/inode.c 2008-04-17 12:05:41.000000000 -0400
7762 +++ linux-2.6.25-vs2.3.0.34.9/fs/proc/inode.c 2008-04-19 15:14:52.000000000 -0400
7763 @@ -408,6 +408,8 @@ struct inode *proc_get_inode(struct supe
7764 inode->i_uid = de->uid;
7765 inode->i_gid = de->gid;
7768 + PROC_I(inode)->vx_flags = de->vx_flags;
7770 inode->i_size = de->size;
7772 diff -NurpP --minimal linux-2.6.25/fs/proc/internal.h linux-2.6.25-vs2.3.0.34.9/fs/proc/internal.h
7773 --- linux-2.6.25/fs/proc/internal.h 2008-04-17 12:05:41.000000000 -0400
7774 +++ linux-2.6.25-vs2.3.0.34.9/fs/proc/internal.h 2008-04-20 14:21:17.000000000 -0400
7778 #include <linux/proc_fs.h>
7779 +#include <linux/vs_pid.h>
7781 #ifdef CONFIG_PROC_SYSCTL
7782 extern int proc_sys_init(void);
7783 @@ -57,6 +58,9 @@ extern int proc_pid_status(struct seq_fi
7784 struct pid *pid, struct task_struct *task);
7785 extern int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
7786 struct pid *pid, struct task_struct *task);
7787 +extern int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
7788 + struct pid *pid, struct task_struct *task);
7790 extern loff_t mem_lseek(struct file *file, loff_t offset, int orig);
7792 extern const struct file_operations proc_maps_operations;
7793 @@ -76,11 +80,16 @@ static inline struct pid *proc_pid(struc
7794 return PROC_I(inode)->pid;
7797 -static inline struct task_struct *get_proc_task(struct inode *inode)
7798 +static inline struct task_struct *get_proc_task_real(struct inode *inode)
7800 return get_pid_task(proc_pid(inode), PIDTYPE_PID);
7803 +static inline struct task_struct *get_proc_task(struct inode *inode)
7805 + return vx_get_proc_task(inode, proc_pid(inode));
7808 static inline int proc_fd(struct inode *inode)
7810 return PROC_I(inode)->fd;
7811 diff -NurpP --minimal linux-2.6.25/fs/proc/proc_misc.c linux-2.6.25-vs2.3.0.34.9/fs/proc/proc_misc.c
7812 --- linux-2.6.25/fs/proc/proc_misc.c 2008-04-17 12:05:41.000000000 -0400
7813 +++ linux-2.6.25-vs2.3.0.34.9/fs/proc/proc_misc.c 2008-04-23 11:56:24.000000000 -0400
7815 #include <asm/div64.h>
7816 #include "internal.h"
7818 +#include <linux/vs_cvirt.h>
7820 #define LOAD_INT(x) ((x) >> FSHIFT)
7821 #define LOAD_FRAC(x) LOAD_INT(((x) & (FIXED_1-1)) * 100)
7823 @@ -83,22 +85,38 @@ static int proc_calc_metrics(char *page,
7824 static int loadavg_read_proc(char *page, char **start, off_t off,
7825 int count, int *eof, void *data)
7827 + unsigned long running;
7828 + unsigned int threads;
7834 seq = read_seqbegin(&xtime_lock);
7835 - a = avenrun[0] + (FIXED_1/200);
7836 - b = avenrun[1] + (FIXED_1/200);
7837 - c = avenrun[2] + (FIXED_1/200);
7838 + if (vx_flags(VXF_VIRT_LOAD, 0)) {
7839 + struct vx_info *vxi = current->vx_info;
7841 + a = vxi->cvirt.load[0] + (FIXED_1/200);
7842 + b = vxi->cvirt.load[1] + (FIXED_1/200);
7843 + c = vxi->cvirt.load[2] + (FIXED_1/200);
7845 + running = atomic_read(&vxi->cvirt.nr_running);
7846 + threads = atomic_read(&vxi->cvirt.nr_threads);
7848 + a = avenrun[0] + (FIXED_1/200);
7849 + b = avenrun[1] + (FIXED_1/200);
7850 + c = avenrun[2] + (FIXED_1/200);
7852 + running = nr_running();
7853 + threads = nr_threads;
7855 } while (read_seqretry(&xtime_lock, seq));
7857 len = sprintf(page,"%d.%02d %d.%02d %d.%02d %ld/%d %d\n",
7858 LOAD_INT(a), LOAD_FRAC(a),
7859 LOAD_INT(b), LOAD_FRAC(b),
7860 LOAD_INT(c), LOAD_FRAC(c),
7861 - nr_running(), nr_threads,
7863 task_active_pid_ns(current)->last_pid);
7864 return proc_calc_metrics(page, start, off, count, eof, len);
7866 @@ -114,6 +132,9 @@ static int uptime_read_proc(char *page,
7867 do_posix_clock_monotonic_gettime(&uptime);
7868 monotonic_to_bootbased(&uptime);
7869 cputime_to_timespec(idletime, &idle);
7870 + if (vx_flags(VXF_VIRT_UPTIME, 0))
7871 + vx_vsi_uptime(&uptime, &idle);
7873 len = sprintf(page,"%lu.%02lu %lu.%02lu\n",
7874 (unsigned long) uptime.tv_sec,
7875 (uptime.tv_nsec / (NSEC_PER_SEC / 100)),
7876 @@ -145,7 +166,7 @@ static int meminfo_read_proc(char *page,
7878 cached = global_page_state(NR_FILE_PAGES) -
7879 total_swapcache_pages - i.bufferram;
7881 + if (cached < 0 || vx_flags(VXF_VIRT_MEM, 0))
7884 get_vmalloc_info(&vmi);
7885 diff -NurpP --minimal linux-2.6.25/fs/proc/root.c linux-2.6.25-vs2.3.0.34.9/fs/proc/root.c
7886 --- linux-2.6.25/fs/proc/root.c 2008-04-17 12:05:41.000000000 -0400
7887 +++ linux-2.6.25-vs2.3.0.34.9/fs/proc/root.c 2008-04-19 15:14:52.000000000 -0400
7889 #include "internal.h"
7891 struct proc_dir_entry *proc_bus, *proc_root_fs, *proc_root_driver;
7892 +struct proc_dir_entry *proc_virtual;
7894 +extern void proc_vx_init(void);
7896 static int proc_test_super(struct super_block *sb, void *data)
7898 @@ -138,6 +141,7 @@ void __init proc_root_init(void)
7899 proc_device_tree_init();
7901 proc_bus = proc_mkdir("bus", NULL);
7906 diff -NurpP --minimal linux-2.6.25/fs/quota.c linux-2.6.25-vs2.3.0.34.9/fs/quota.c
7907 --- linux-2.6.25/fs/quota.c 2008-04-17 12:05:41.000000000 -0400
7908 +++ linux-2.6.25-vs2.3.0.34.9/fs/quota.c 2008-04-21 09:21:04.000000000 -0400
7910 #include <linux/capability.h>
7911 #include <linux/quotaops.h>
7912 #include <linux/types.h>
7913 +#include <linux/vs_context.h>
7915 /* Check validity of generic quotactl commands */
7916 static int generic_quotactl_valid(struct super_block *sb, int type, int cmd, qid_t id)
7917 @@ -82,11 +83,11 @@ static int generic_quotactl_valid(struct
7918 if (cmd == Q_GETQUOTA) {
7919 if (((type == USRQUOTA && current->euid != id) ||
7920 (type == GRPQUOTA && !in_egroup_p(id))) &&
7921 - !capable(CAP_SYS_ADMIN))
7922 + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
7925 else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO)
7926 - if (!capable(CAP_SYS_ADMIN))
7927 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
7931 @@ -133,10 +134,10 @@ static int xqm_quotactl_valid(struct sup
7932 if (cmd == Q_XGETQUOTA) {
7933 if (((type == XQM_USRQUOTA && current->euid != id) ||
7934 (type == XQM_GRPQUOTA && !in_egroup_p(id))) &&
7935 - !capable(CAP_SYS_ADMIN))
7936 + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
7938 } else if (cmd != Q_XGETQSTAT && cmd != Q_XQUOTASYNC) {
7939 - if (!capable(CAP_SYS_ADMIN))
7940 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
7944 @@ -329,6 +330,46 @@ static int do_quotactl(struct super_bloc
7948 +#if defined(CONFIG_BLK_DEV_VROOT) || defined(CONFIG_BLK_DEV_VROOT_MODULE)
7950 +#include <linux/vroot.h>
7951 +#include <linux/major.h>
7952 +#include <linux/module.h>
7953 +#include <linux/kallsyms.h>
7954 +#include <linux/vserver/debug.h>
7956 +static vroot_grb_func *vroot_get_real_bdev = NULL;
7958 +static spinlock_t vroot_grb_lock = SPIN_LOCK_UNLOCKED;
7960 +int register_vroot_grb(vroot_grb_func *func) {
7963 + spin_lock(&vroot_grb_lock);
7964 + if (!vroot_get_real_bdev) {
7965 + vroot_get_real_bdev = func;
7968 + spin_unlock(&vroot_grb_lock);
7971 +EXPORT_SYMBOL(register_vroot_grb);
7973 +int unregister_vroot_grb(vroot_grb_func *func) {
7974 + int ret = -EINVAL;
7976 + spin_lock(&vroot_grb_lock);
7977 + if (vroot_get_real_bdev) {
7978 + vroot_get_real_bdev = NULL;
7981 + spin_unlock(&vroot_grb_lock);
7984 +EXPORT_SYMBOL(unregister_vroot_grb);
7989 * look up a superblock on which quota ops will be performed
7990 * - use the name of a block device to find the superblock thereon
7991 @@ -346,6 +387,22 @@ static inline struct super_block *quotac
7994 return ERR_CAST(bdev);
7995 +#if defined(CONFIG_BLK_DEV_VROOT) || defined(CONFIG_BLK_DEV_VROOT_MODULE)
7996 + if (bdev && bdev->bd_inode &&
7997 + imajor(bdev->bd_inode) == VROOT_MAJOR) {
7998 + struct block_device *bdnew = (void *)-EINVAL;
8000 + if (vroot_get_real_bdev)
8001 + bdnew = vroot_get_real_bdev(bdev);
8003 + vxdprintk(VXD_CBIT(misc, 0),
8004 + "vroot_get_real_bdev not set");
8006 + if (IS_ERR(bdnew))
8007 + return ERR_PTR(PTR_ERR(bdnew));
8011 sb = get_super(bdev);
8014 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/bitmap.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/bitmap.c
8015 --- linux-2.6.25/fs/reiserfs/bitmap.c 2008-04-17 12:05:41.000000000 -0400
8016 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/bitmap.c 2008-04-19 15:14:52.000000000 -0400
8018 #include <linux/reiserfs_fs_sb.h>
8019 #include <linux/reiserfs_fs_i.h>
8020 #include <linux/quotaops.h>
8021 +#include <linux/vs_dlimit.h>
8023 #define PREALLOCATION_SIZE 9
8025 @@ -429,8 +430,10 @@ static void _reiserfs_free_block(struct
8026 set_sb_free_blocks(rs, sb_free_blocks(rs) + 1);
8028 journal_mark_dirty(th, s, sbh);
8029 - if (for_unformatted)
8030 + if (for_unformatted) {
8031 + DLIMIT_FREE_BLOCK(inode, 1);
8032 DQUOT_FREE_BLOCK_NODIRTY(inode, 1);
8036 void reiserfs_free_block(struct reiserfs_transaction_handle *th,
8037 @@ -1045,6 +1048,7 @@ static inline int blocknrs_and_prealloc_
8038 b_blocknr_t finish = SB_BLOCK_COUNT(s) - 1;
8040 int nr_allocated = 0;
8043 determine_prealloc_size(hint);
8044 if (!hint->formatted_node) {
8045 @@ -1054,19 +1058,30 @@ static inline int blocknrs_and_prealloc_
8046 "reiserquota: allocating %d blocks id=%u",
8047 amount_needed, hint->inode->i_uid);
8050 - DQUOT_ALLOC_BLOCK_NODIRTY(hint->inode, amount_needed);
8051 - if (quota_ret) /* Quota exceeded? */
8052 + quota_ret = DQUOT_ALLOC_BLOCK_NODIRTY(hint->inode,
8055 return QUOTA_EXCEEDED;
8056 + if (DLIMIT_ALLOC_BLOCK(hint->inode, amount_needed)) {
8057 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode,
8059 + return NO_DISK_SPACE;
8062 if (hint->preallocate && hint->prealloc_size) {
8063 #ifdef REISERQUOTA_DEBUG
8064 reiserfs_debug(s, REISERFS_DEBUG_CODE,
8065 "reiserquota: allocating (prealloc) %d blocks id=%u",
8066 hint->prealloc_size, hint->inode->i_uid);
8069 - DQUOT_PREALLOC_BLOCK_NODIRTY(hint->inode,
8070 - hint->prealloc_size);
8071 + quota_ret = DQUOT_PREALLOC_BLOCK_NODIRTY(hint->inode,
8072 + hint->prealloc_size);
8074 + DLIMIT_ALLOC_BLOCK(hint->inode, hint->prealloc_size)) {
8075 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode,
8076 + hint->prealloc_size);
8080 hint->preallocate = hint->prealloc_size = 0;
8082 @@ -1098,7 +1113,10 @@ static inline int blocknrs_and_prealloc_
8084 hint->inode->i_uid);
8086 - DQUOT_FREE_BLOCK_NODIRTY(hint->inode, amount_needed + hint->prealloc_size - nr_allocated); /* Free not allocated blocks */
8087 + /* Free not allocated blocks */
8088 + blocks = amount_needed + hint->prealloc_size - nr_allocated;
8089 + DLIMIT_FREE_BLOCK(hint->inode, blocks);
8090 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode, blocks);
8092 while (nr_allocated--)
8093 reiserfs_free_block(hint->th, hint->inode,
8094 @@ -1129,10 +1147,10 @@ static inline int blocknrs_and_prealloc_
8095 REISERFS_I(hint->inode)->i_prealloc_count,
8096 hint->inode->i_uid);
8098 - DQUOT_FREE_BLOCK_NODIRTY(hint->inode, amount_needed +
8099 - hint->prealloc_size - nr_allocated -
8100 - REISERFS_I(hint->inode)->
8101 - i_prealloc_count);
8102 + blocks = amount_needed + hint->prealloc_size - nr_allocated -
8103 + REISERFS_I(hint->inode)->i_prealloc_count;
8104 + DLIMIT_FREE_BLOCK(hint->inode, blocks);
8105 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode, blocks);
8109 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/file.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/file.c
8110 --- linux-2.6.25/fs/reiserfs/file.c 2008-04-17 11:31:38.000000000 -0400
8111 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/file.c 2008-04-19 15:14:52.000000000 -0400
8112 @@ -306,4 +306,5 @@ const struct inode_operations reiserfs_f
8113 .listxattr = reiserfs_listxattr,
8114 .removexattr = reiserfs_removexattr,
8115 .permission = reiserfs_permission,
8116 + .sync_flags = reiserfs_sync_flags,
8118 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/inode.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/inode.c
8119 --- linux-2.6.25/fs/reiserfs/inode.c 2008-04-17 12:05:41.000000000 -0400
8120 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/inode.c 2008-04-19 15:14:52.000000000 -0400
8122 #include <linux/writeback.h>
8123 #include <linux/quotaops.h>
8124 #include <linux/swap.h>
8125 +#include <linux/vs_dlimit.h>
8126 +#include <linux/vs_tag.h>
8128 int reiserfs_commit_write(struct file *f, struct page *page,
8129 unsigned from, unsigned to);
8130 @@ -52,6 +54,7 @@ void reiserfs_delete_inode(struct inode
8131 * stat data deletion */
8133 DQUOT_FREE_INODE(inode);
8134 + DLIMIT_FREE_INODE(inode);
8136 if (journal_end(&th, inode->i_sb, jbegin_count))
8138 @@ -1114,6 +1117,8 @@ static void init_inode(struct inode *ino
8139 struct buffer_head *bh;
8140 struct item_head *ih;
8144 //int version = ITEM_VERSION_1;
8146 bh = PATH_PLAST_BUFFER(path);
8147 @@ -1137,12 +1142,13 @@ static void init_inode(struct inode *ino
8148 (struct stat_data_v1 *)B_I_PITEM(bh, ih);
8149 unsigned long blocks;
8151 + uid = sd_v1_uid(sd);
8152 + gid = sd_v1_gid(sd);
8154 set_inode_item_key_version(inode, KEY_FORMAT_3_5);
8155 set_inode_sd_version(inode, STAT_DATA_V1);
8156 inode->i_mode = sd_v1_mode(sd);
8157 inode->i_nlink = sd_v1_nlink(sd);
8158 - inode->i_uid = sd_v1_uid(sd);
8159 - inode->i_gid = sd_v1_gid(sd);
8160 inode->i_size = sd_v1_size(sd);
8161 inode->i_atime.tv_sec = sd_v1_atime(sd);
8162 inode->i_mtime.tv_sec = sd_v1_mtime(sd);
8163 @@ -1184,11 +1190,12 @@ static void init_inode(struct inode *ino
8164 // (directories and symlinks)
8165 struct stat_data *sd = (struct stat_data *)B_I_PITEM(bh, ih);
8167 + uid = sd_v2_uid(sd);
8168 + gid = sd_v2_gid(sd);
8170 inode->i_mode = sd_v2_mode(sd);
8171 inode->i_nlink = sd_v2_nlink(sd);
8172 - inode->i_uid = sd_v2_uid(sd);
8173 inode->i_size = sd_v2_size(sd);
8174 - inode->i_gid = sd_v2_gid(sd);
8175 inode->i_mtime.tv_sec = sd_v2_mtime(sd);
8176 inode->i_atime.tv_sec = sd_v2_atime(sd);
8177 inode->i_ctime.tv_sec = sd_v2_ctime(sd);
8178 @@ -1218,6 +1225,10 @@ static void init_inode(struct inode *ino
8179 sd_attrs_to_i_attrs(sd_v2_attrs(sd), inode);
8182 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
8183 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
8184 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid, 0);
8187 if (S_ISREG(inode->i_mode)) {
8188 inode->i_op = &reiserfs_file_inode_operations;
8189 @@ -1240,13 +1251,15 @@ static void init_inode(struct inode *ino
8190 static void inode2sd(void *sd, struct inode *inode, loff_t size)
8192 struct stat_data *sd_v2 = (struct stat_data *)sd;
8193 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
8194 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
8197 + set_sd_v2_uid(sd_v2, uid);
8198 + set_sd_v2_gid(sd_v2, gid);
8199 set_sd_v2_mode(sd_v2, inode->i_mode);
8200 set_sd_v2_nlink(sd_v2, inode->i_nlink);
8201 - set_sd_v2_uid(sd_v2, inode->i_uid);
8202 set_sd_v2_size(sd_v2, size);
8203 - set_sd_v2_gid(sd_v2, inode->i_gid);
8204 set_sd_v2_mtime(sd_v2, inode->i_mtime.tv_sec);
8205 set_sd_v2_atime(sd_v2, inode->i_atime.tv_sec);
8206 set_sd_v2_ctime(sd_v2, inode->i_ctime.tv_sec);
8207 @@ -1769,6 +1782,10 @@ int reiserfs_new_inode(struct reiserfs_t
8209 BUG_ON(!th->t_trans_id);
8211 + if (DLIMIT_ALLOC_INODE(inode)) {
8213 + goto out_bad_dlimit;
8215 if (DQUOT_ALLOC_INODE(inode)) {
8218 @@ -1954,6 +1971,9 @@ int reiserfs_new_inode(struct reiserfs_t
8219 DQUOT_FREE_INODE(inode);
8222 + DLIMIT_FREE_INODE(inode);
8225 journal_end(th, th->t_super, th->t_blocks_allocated);
8226 /* Drop can be outside and it needs more credits so it's better to have it outside */
8228 @@ -2848,6 +2868,14 @@ void sd_attrs_to_i_attrs(__u16 sd_attrs,
8229 inode->i_flags |= S_IMMUTABLE;
8231 inode->i_flags &= ~S_IMMUTABLE;
8232 + if (sd_attrs & REISERFS_IUNLINK_FL)
8233 + inode->i_flags |= S_IUNLINK;
8235 + inode->i_flags &= ~S_IUNLINK;
8236 + if (sd_attrs & REISERFS_BARRIER_FL)
8237 + inode->i_flags |= S_BARRIER;
8239 + inode->i_flags &= ~S_BARRIER;
8240 if (sd_attrs & REISERFS_APPEND_FL)
8241 inode->i_flags |= S_APPEND;
8243 @@ -2870,6 +2898,14 @@ void i_attrs_to_sd_attrs(struct inode *i
8244 *sd_attrs |= REISERFS_IMMUTABLE_FL;
8246 *sd_attrs &= ~REISERFS_IMMUTABLE_FL;
8247 + if (inode->i_flags & S_IUNLINK)
8248 + *sd_attrs |= REISERFS_IUNLINK_FL;
8250 + *sd_attrs &= ~REISERFS_IUNLINK_FL;
8251 + if (inode->i_flags & S_BARRIER)
8252 + *sd_attrs |= REISERFS_BARRIER_FL;
8254 + *sd_attrs &= ~REISERFS_BARRIER_FL;
8255 if (inode->i_flags & S_SYNC)
8256 *sd_attrs |= REISERFS_SYNC_FL;
8258 @@ -3049,6 +3085,22 @@ static ssize_t reiserfs_direct_IO(int rw
8259 reiserfs_get_blocks_direct_io, NULL);
8262 +int reiserfs_sync_flags(struct inode *inode)
8264 + u16 oldflags, newflags;
8266 + oldflags = REISERFS_I(inode)->i_attrs;
8267 + newflags = oldflags;
8268 + i_attrs_to_sd_attrs(inode, &newflags);
8270 + if (oldflags ^ newflags) {
8271 + REISERFS_I(inode)->i_attrs = newflags;
8272 + inode->i_ctime = CURRENT_TIME_SEC;
8273 + mark_inode_dirty(inode);
8278 int reiserfs_setattr(struct dentry *dentry, struct iattr *attr)
8280 struct inode *inode = dentry->d_inode;
8281 @@ -3102,9 +3154,11 @@ int reiserfs_setattr(struct dentry *dent
8284 error = inode_change_ok(inode, attr);
8287 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
8288 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
8289 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
8290 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
8291 error = reiserfs_chown_xattrs(inode, attr);
8294 @@ -3134,6 +3188,9 @@ int reiserfs_setattr(struct dentry *dent
8295 inode->i_uid = attr->ia_uid;
8296 if (attr->ia_valid & ATTR_GID)
8297 inode->i_gid = attr->ia_gid;
8298 + if ((attr->ia_valid & ATTR_TAG) &&
8300 + inode->i_tag = attr->ia_tag;
8301 mark_inode_dirty(inode);
8303 journal_end(&th, inode->i_sb, jbegin_count);
8304 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/ioctl.c
8305 --- linux-2.6.25/fs/reiserfs/ioctl.c 2008-04-17 11:31:38.000000000 -0400
8306 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/ioctl.c 2008-04-19 15:14:52.000000000 -0400
8308 #include <linux/fs.h>
8309 #include <linux/reiserfs_fs.h>
8310 #include <linux/time.h>
8311 +#include <linux/mount.h>
8312 #include <asm/uaccess.h>
8313 #include <linux/pagemap.h>
8314 #include <linux/smp_lock.h>
8315 @@ -24,7 +25,7 @@ static int reiserfs_unpack(struct inode
8316 int reiserfs_ioctl(struct inode *inode, struct file *filp, unsigned int cmd,
8319 - unsigned int flags;
8320 + unsigned int flags, oldflags;
8323 case REISERFS_IOC_UNPACK:
8324 @@ -43,12 +44,14 @@ int reiserfs_ioctl(struct inode *inode,
8326 flags = REISERFS_I(inode)->i_attrs;
8327 i_attrs_to_sd_attrs(inode, (__u16 *) & flags);
8328 + flags &= REISERFS_FL_USER_VISIBLE;
8329 return put_user(flags, (int __user *)arg);
8330 case REISERFS_IOC_SETFLAGS:{
8331 if (!reiserfs_attrs(inode->i_sb))
8334 - if (IS_RDONLY(inode))
8335 + if (IS_RDONLY(inode) ||
8336 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
8339 if (!is_owner_or_cap(inode))
8340 @@ -74,6 +77,10 @@ int reiserfs_ioctl(struct inode *inode,
8345 + oldflags = REISERFS_I(inode)->i_attrs;
8346 + flags = flags & REISERFS_FL_USER_MODIFIABLE;
8347 + flags |= oldflags & ~REISERFS_FL_USER_MODIFIABLE;
8348 sd_attrs_to_i_attrs(flags, inode);
8349 REISERFS_I(inode)->i_attrs = flags;
8350 inode->i_ctime = CURRENT_TIME_SEC;
8351 @@ -85,7 +92,8 @@ int reiserfs_ioctl(struct inode *inode,
8352 case REISERFS_IOC_SETVERSION:
8353 if (!is_owner_or_cap(inode))
8355 - if (IS_RDONLY(inode))
8356 + if (IS_RDONLY(inode) ||
8357 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
8359 if (get_user(inode->i_generation, (int __user *)arg))
8361 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/namei.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/namei.c
8362 --- linux-2.6.25/fs/reiserfs/namei.c 2008-04-17 12:05:41.000000000 -0400
8363 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/namei.c 2008-04-19 15:14:52.000000000 -0400
8365 #include <linux/reiserfs_acl.h>
8366 #include <linux/reiserfs_xattr.h>
8367 #include <linux/quotaops.h>
8368 +#include <linux/vs_tag.h>
8370 #define INC_DIR_INODE_NLINK(i) if (i->i_nlink != 1) { inc_nlink(i); if (i->i_nlink >= REISERFS_LINK_MAX) i->i_nlink=1; }
8371 #define DEC_DIR_INODE_NLINK(i) if (i->i_nlink != 1) drop_nlink(i);
8372 @@ -360,6 +361,7 @@ static struct dentry *reiserfs_lookup(st
8373 reiserfs_write_unlock(dir->i_sb);
8374 return ERR_PTR(-EACCES);
8376 + dx_propagate_tag(nd, inode);
8378 /* Propogate the priv_object flag so we know we're in the priv tree */
8379 if (is_reiserfs_priv_object(dir))
8380 @@ -595,6 +597,7 @@ static int new_inode_init(struct inode *
8382 inode->i_gid = current->fsgid;
8384 + inode->i_tag = dx_current_fstag(inode->i_sb);
8388 @@ -1541,6 +1544,7 @@ const struct inode_operations reiserfs_d
8389 .listxattr = reiserfs_listxattr,
8390 .removexattr = reiserfs_removexattr,
8391 .permission = reiserfs_permission,
8392 + .sync_flags = reiserfs_sync_flags,
8396 @@ -1557,6 +1561,7 @@ const struct inode_operations reiserfs_s
8397 .listxattr = reiserfs_listxattr,
8398 .removexattr = reiserfs_removexattr,
8399 .permission = reiserfs_permission,
8400 + .sync_flags = reiserfs_sync_flags,
8404 @@ -1570,5 +1575,6 @@ const struct inode_operations reiserfs_s
8405 .listxattr = reiserfs_listxattr,
8406 .removexattr = reiserfs_removexattr,
8407 .permission = reiserfs_permission,
8408 + .sync_flags = reiserfs_sync_flags,
8411 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/stree.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/stree.c
8412 --- linux-2.6.25/fs/reiserfs/stree.c 2008-04-17 11:31:38.000000000 -0400
8413 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/stree.c 2008-04-19 15:14:52.000000000 -0400
8415 #include <linux/reiserfs_fs.h>
8416 #include <linux/buffer_head.h>
8417 #include <linux/quotaops.h>
8418 +#include <linux/vs_dlimit.h>
8420 /* Does the buffer contain a disk block which is in the tree. */
8421 inline int B_IS_IN_TREE(const struct buffer_head *p_s_bh)
8422 @@ -1297,6 +1298,7 @@ int reiserfs_delete_item(struct reiserfs
8423 "reiserquota delete_item(): freeing %u, id=%u type=%c",
8424 quota_cut_bytes, p_s_inode->i_uid, head2type(&s_ih));
8426 + DLIMIT_FREE_SPACE(p_s_inode, quota_cut_bytes);
8427 DQUOT_FREE_SPACE_NODIRTY(p_s_inode, quota_cut_bytes);
8429 /* Return deleted body length */
8430 @@ -1385,6 +1387,7 @@ void reiserfs_delete_solid_item(struct r
8432 DQUOT_FREE_SPACE_NODIRTY(inode,
8434 + DLIMIT_FREE_SPACE(inode, quota_cut_bytes);
8438 @@ -1735,6 +1738,7 @@ int reiserfs_cut_from_item(struct reiser
8439 "reiserquota cut_from_item(): freeing %u id=%u type=%c",
8440 quota_cut_bytes, p_s_inode->i_uid, '?');
8442 + DLIMIT_FREE_SPACE(p_s_inode, quota_cut_bytes);
8443 DQUOT_FREE_SPACE_NODIRTY(p_s_inode, quota_cut_bytes);
8446 @@ -1976,6 +1980,11 @@ int reiserfs_paste_into_item(struct reis
8447 pathrelse(p_s_search_path);
8450 + if (DLIMIT_ALLOC_SPACE(inode, n_pasted_size)) {
8451 + DQUOT_FREE_SPACE_NODIRTY(inode, n_pasted_size);
8452 + pathrelse(p_s_search_path);
8455 init_tb_struct(th, &s_paste_balance, th->t_super, p_s_search_path,
8457 #ifdef DISPLACE_NEW_PACKING_LOCALITIES
8458 @@ -2028,6 +2037,7 @@ int reiserfs_paste_into_item(struct reis
8459 n_pasted_size, inode->i_uid,
8460 key2type(&(p_s_key->on_disk_key)));
8462 + DLIMIT_FREE_SPACE(inode, n_pasted_size);
8463 DQUOT_FREE_SPACE_NODIRTY(inode, n_pasted_size);
8466 @@ -2065,6 +2075,11 @@ int reiserfs_insert_item(struct reiserfs
8467 pathrelse(p_s_path);
8470 + if (DLIMIT_ALLOC_SPACE(inode, quota_bytes)) {
8471 + DQUOT_FREE_SPACE_NODIRTY(inode, quota_bytes);
8472 + pathrelse(p_s_path);
8476 init_tb_struct(th, &s_ins_balance, th->t_super, p_s_path,
8477 IH_SIZE + ih_item_len(p_s_ih));
8478 @@ -2112,7 +2127,9 @@ int reiserfs_insert_item(struct reiserfs
8479 "reiserquota insert_item(): freeing %u id=%u type=%c",
8480 quota_bytes, inode->i_uid, head2type(p_s_ih));
8484 + DLIMIT_FREE_SPACE(inode, quota_bytes);
8485 DQUOT_FREE_SPACE_NODIRTY(inode, quota_bytes);
8489 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/super.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/super.c
8490 --- linux-2.6.25/fs/reiserfs/super.c 2008-04-17 12:05:41.000000000 -0400
8491 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/super.c 2008-04-19 15:14:52.000000000 -0400
8492 @@ -896,6 +896,14 @@ static int reiserfs_parse_options(struct
8493 {"user_xattr",.setmask = 1 << REISERFS_UNSUPPORTED_OPT},
8494 {"nouser_xattr",.clrmask = 1 << REISERFS_UNSUPPORTED_OPT},
8496 +#ifndef CONFIG_TAGGING_NONE
8497 + {"tagxid",.setmask = 1 << REISERFS_TAGGED},
8498 + {"tag",.setmask = 1 << REISERFS_TAGGED},
8499 + {"notag",.clrmask = 1 << REISERFS_TAGGED},
8501 +#ifdef CONFIG_PROPAGATE
8502 + {"tag",.arg_required = 'T',.values = NULL},
8504 #ifdef CONFIG_REISERFS_FS_POSIX_ACL
8505 {"acl",.setmask = 1 << REISERFS_POSIXACL},
8506 {"noacl",.clrmask = 1 << REISERFS_POSIXACL},
8507 @@ -1159,6 +1167,12 @@ static int reiserfs_remount(struct super
8511 + if ((mount_options & (1 << REISERFS_TAGGED)) &&
8512 + !(s->s_flags & MS_TAGGED)) {
8513 + reiserfs_warning(s, "reiserfs: tagging not permitted on remount.");
8519 /* Add options that are safe here */
8520 @@ -1618,6 +1632,10 @@ static int reiserfs_fill_super(struct su
8524 + /* map mount option tagxid */
8525 + if (REISERFS_SB(s)->s_mount_opt & (1 << REISERFS_TAGGED))
8526 + s->s_flags |= MS_TAGGED;
8528 rs = SB_DISK_SUPER_BLOCK(s);
8529 /* Let's do basic sanity check to verify that underlying device is not
8530 smaller than the filesystem. If the check fails then abort and scream,
8531 diff -NurpP --minimal linux-2.6.25/fs/reiserfs/xattr.c linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/xattr.c
8532 --- linux-2.6.25/fs/reiserfs/xattr.c 2008-04-17 12:05:41.000000000 -0400
8533 +++ linux-2.6.25-vs2.3.0.34.9/fs/reiserfs/xattr.c 2008-04-19 15:14:52.000000000 -0400
8535 #include <linux/namei.h>
8536 #include <linux/errno.h>
8537 #include <linux/fs.h>
8538 +#include <linux/mount.h>
8539 #include <linux/file.h>
8540 #include <linux/pagemap.h>
8541 #include <linux/xattr.h>
8542 @@ -747,7 +748,7 @@ int reiserfs_delete_xattrs(struct inode
8543 if (dir->d_inode->i_nlink <= 2) {
8544 root = get_xa_root(inode->i_sb, XATTR_REPLACE);
8545 reiserfs_write_lock_xattrs(inode->i_sb);
8546 - err = vfs_rmdir(root->d_inode, dir);
8547 + err = vfs_rmdir(root->d_inode, dir, NULL);
8548 reiserfs_write_unlock_xattrs(inode->i_sb);
8551 diff -NurpP --minimal linux-2.6.25/fs/stat.c linux-2.6.25-vs2.3.0.34.9/fs/stat.c
8552 --- linux-2.6.25/fs/stat.c 2008-04-17 12:05:41.000000000 -0400
8553 +++ linux-2.6.25-vs2.3.0.34.9/fs/stat.c 2008-04-19 15:14:52.000000000 -0400
8554 @@ -26,6 +26,7 @@ void generic_fillattr(struct inode *inod
8555 stat->nlink = inode->i_nlink;
8556 stat->uid = inode->i_uid;
8557 stat->gid = inode->i_gid;
8558 + stat->tag = inode->i_tag;
8559 stat->rdev = inode->i_rdev;
8560 stat->atime = inode->i_atime;
8561 stat->mtime = inode->i_mtime;
8562 diff -NurpP --minimal linux-2.6.25/fs/super.c linux-2.6.25-vs2.3.0.34.9/fs/super.c
8563 --- linux-2.6.25/fs/super.c 2008-04-17 12:05:41.000000000 -0400
8564 +++ linux-2.6.25-vs2.3.0.34.9/fs/super.c 2008-04-19 15:14:52.000000000 -0400
8566 #include <linux/idr.h>
8567 #include <linux/kobject.h>
8568 #include <linux/mutex.h>
8569 +#include <linux/devpts_fs.h>
8570 +#include <linux/proc_fs.h>
8571 +#include <linux/vs_context.h>
8572 #include <asm/uaccess.h>
8575 @@ -859,12 +862,18 @@ struct vfsmount *
8576 vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void *data)
8578 struct vfsmount *mnt;
8579 + struct super_block *sb;
8580 char *secdata = NULL;
8584 return ERR_PTR(-ENODEV);
8587 + if ((type->fs_flags & FS_BINARY_MOUNTDATA) &&
8588 + !vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT))
8592 mnt = alloc_vfsmnt(name);
8594 @@ -885,7 +894,14 @@ vfs_kern_mount(struct file_system_type *
8595 goto out_free_secdata;
8596 BUG_ON(!mnt->mnt_sb);
8598 - error = security_sb_kern_mount(mnt->mnt_sb, secdata);
8601 + if (!vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT) && !sb->s_bdev &&
8602 + (sb->s_magic != PROC_SUPER_MAGIC) &&
8603 + (sb->s_magic != DEVPTS_SUPER_MAGIC))
8606 + error = security_sb_kern_mount(sb, secdata);
8610 diff -NurpP --minimal linux-2.6.25/fs/sysfs/mount.c linux-2.6.25-vs2.3.0.34.9/fs/sysfs/mount.c
8611 --- linux-2.6.25/fs/sysfs/mount.c 2008-04-17 11:31:38.000000000 -0400
8612 +++ linux-2.6.25-vs2.3.0.34.9/fs/sysfs/mount.c 2008-04-19 15:14:52.000000000 -0400
8617 -/* Random magic number */
8618 -#define SYSFS_MAGIC 0x62656572
8620 static struct vfsmount *sysfs_mount;
8621 struct super_block * sysfs_sb = NULL;
8622 @@ -46,7 +44,7 @@ static int sysfs_fill_super(struct super
8624 sb->s_blocksize = PAGE_CACHE_SIZE;
8625 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
8626 - sb->s_magic = SYSFS_MAGIC;
8627 + sb->s_magic = SYSFS_SUPER_MAGIC;
8628 sb->s_op = &sysfs_ops;
8629 sb->s_time_gran = 1;
8631 diff -NurpP --minimal linux-2.6.25/fs/utimes.c linux-2.6.25-vs2.3.0.34.9/fs/utimes.c
8632 --- linux-2.6.25/fs/utimes.c 2008-04-17 12:05:41.000000000 -0400
8633 +++ linux-2.6.25-vs2.3.0.34.9/fs/utimes.c 2008-04-20 13:40:14.000000000 -0400
8635 #include <linux/stat.h>
8636 #include <linux/utime.h>
8637 #include <linux/syscalls.h>
8638 +#include <linux/mount.h>
8639 +#include <linux/vs_cowbl.h>
8640 #include <asm/uaccess.h>
8641 #include <asm/unistd.h>
8643 @@ -84,6 +86,9 @@ long do_utimes(int dfd, char __user *fil
8647 + error = cow_check_and_break(&nd);
8649 + goto dput_and_out;
8650 dentry = nd.path.dentry;
8653 diff -NurpP --minimal linux-2.6.25/fs/xattr.c linux-2.6.25-vs2.3.0.34.9/fs/xattr.c
8654 --- linux-2.6.25/fs/xattr.c 2008-04-17 12:05:41.000000000 -0400
8655 +++ linux-2.6.25-vs2.3.0.34.9/fs/xattr.c 2008-04-21 13:52:50.000000000 -0400
8657 #include <linux/module.h>
8658 #include <linux/fsnotify.h>
8659 #include <linux/audit.h>
8660 +#include <linux/mount.h>
8661 #include <asm/uaccess.h>
8664 @@ -220,7 +221,7 @@ EXPORT_SYMBOL_GPL(vfs_removexattr);
8667 setxattr(struct dentry *d, char __user *name, void __user *value,
8668 - size_t size, int flags)
8669 + size_t size, int flags, struct vfsmount *mnt)
8672 void *kvalue = NULL;
8673 @@ -247,6 +248,9 @@ setxattr(struct dentry *d, char __user *
8677 + if (MNT_IS_RDONLY(mnt))
8680 error = vfs_setxattr(d, kname, kvalue, size, flags);
8683 @@ -262,7 +266,7 @@ sys_setxattr(char __user *path, char __u
8684 error = user_path_walk(path, &nd);
8687 - error = setxattr(nd.path.dentry, name, value, size, flags);
8688 + error = setxattr(nd.path.dentry, name, value, size, flags, nd.path.mnt);
8692 @@ -277,7 +281,7 @@ sys_lsetxattr(char __user *path, char __
8693 error = user_path_walk_link(path, &nd);
8696 - error = setxattr(nd.path.dentry, name, value, size, flags);
8697 + error = setxattr(nd.path.dentry, name, value, size, flags, nd.path.mnt);
8701 @@ -295,7 +299,7 @@ sys_fsetxattr(int fd, char __user *name,
8703 dentry = f->f_path.dentry;
8704 audit_inode(NULL, dentry);
8705 - error = setxattr(dentry, name, value, size, flags);
8706 + error = setxattr(dentry, name, value, size, flags, f->f_vfsmnt);
8710 @@ -459,7 +463,7 @@ sys_flistxattr(int fd, char __user *list
8711 * Extended attribute REMOVE operations
8714 -removexattr(struct dentry *d, char __user *name)
8715 +removexattr(struct dentry *d, char __user *name, struct vfsmount *mnt)
8718 char kname[XATTR_NAME_MAX + 1];
8719 @@ -470,6 +474,9 @@ removexattr(struct dentry *d, char __use
8723 + if (MNT_IS_RDONLY(mnt))
8726 return vfs_removexattr(d, kname);
8729 @@ -482,7 +489,7 @@ sys_removexattr(char __user *path, char
8730 error = user_path_walk(path, &nd);
8733 - error = removexattr(nd.path.dentry, name);
8734 + error = removexattr(nd.path.dentry, name, nd.path.mnt);
8738 @@ -496,7 +503,7 @@ sys_lremovexattr(char __user *path, char
8739 error = user_path_walk_link(path, &nd);
8742 - error = removexattr(nd.path.dentry, name);
8743 + error = removexattr(nd.path.dentry, name, nd.path.mnt);
8747 @@ -513,7 +520,7 @@ sys_fremovexattr(int fd, char __user *na
8749 dentry = f->f_path.dentry;
8750 audit_inode(NULL, dentry);
8751 - error = removexattr(dentry, name);
8752 + error = removexattr(dentry, name, f->f_vfsmnt);
8756 diff -NurpP --minimal linux-2.6.25/fs/xfs/linux-2.6/xfs_ioctl.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_ioctl.c
8757 --- linux-2.6.25/fs/xfs/linux-2.6/xfs_ioctl.c 2008-04-17 12:05:41.000000000 -0400
8758 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_ioctl.c 2008-04-19 15:14:52.000000000 -0400
8759 @@ -1125,7 +1125,8 @@ xfs_merge_ioc_xflags(
8763 - __uint16_t di_flags)
8764 + __uint16_t di_flags,
8765 + __uint16_t di_vflags)
8767 unsigned int flags = 0;
8769 @@ -1139,6 +1140,11 @@ xfs_di2lxflags(
8770 flags |= FS_NOATIME_FL;
8771 if (di_flags & XFS_DIFLAG_NODUMP)
8772 flags |= FS_NODUMP_FL;
8774 + if (di_vflags & XFS_DIVFLAG_IUNLINK)
8775 + flags |= FS_IUNLINK_FL;
8776 + if (di_vflags & XFS_DIVFLAG_BARRIER)
8777 + flags |= FS_BARRIER_FL;
8781 @@ -1219,7 +1225,7 @@ xfs_ioc_xattr(
8784 case XFS_IOC_GETXFLAGS: {
8785 - flags = xfs_di2lxflags(ip->i_d.di_flags);
8786 + flags = xfs_di2lxflags(ip->i_d.di_flags, ip->i_d.di_vflags);
8787 if (copy_to_user(arg, &flags, sizeof(flags)))
8790 diff -NurpP --minimal linux-2.6.25/fs/xfs/linux-2.6/xfs_iops.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_iops.c
8791 --- linux-2.6.25/fs/xfs/linux-2.6/xfs_iops.c 2008-04-17 12:05:41.000000000 -0400
8792 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_iops.c 2008-04-19 17:01:15.000000000 -0400
8794 #include <linux/namei.h>
8795 #include <linux/security.h>
8796 #include <linux/falloc.h>
8797 +#include <linux/vs_tag.h>
8800 * Bring the atime in the XFS inode uptodate.
8801 @@ -391,6 +392,7 @@ xfs_vn_lookup(
8802 d_add(dentry, NULL);
8805 + dx_propagate_tag(nd, vn_to_inode(cvp));
8807 return d_splice_alias(vn_to_inode(cvp), dentry);
8809 @@ -655,6 +657,10 @@ xfs_vn_setattr(
8813 + error = inode_change_ok(inode, attr);
8817 if (ia_valid & ATTR_UID) {
8818 vattr.va_mask |= XFS_AT_UID;
8819 vattr.va_uid = attr->ia_uid;
8820 @@ -663,6 +669,10 @@ xfs_vn_setattr(
8821 vattr.va_mask |= XFS_AT_GID;
8822 vattr.va_gid = attr->ia_gid;
8824 + if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode)) {
8825 + vattr.va_mask |= XFS_AT_TAG;
8826 + vattr.va_tag = attr->ia_tag;
8828 if (ia_valid & ATTR_SIZE) {
8829 vattr.va_mask |= XFS_AT_SIZE;
8830 vattr.va_size = attr->ia_size;
8831 @@ -708,6 +718,42 @@ xfs_vn_truncate(
8835 +xfs_vn_sync_flags(struct inode *inode)
8837 + unsigned int oldflags, newflags;
8840 + bhv_vattr_t vattr;
8841 + bhv_vnode_t *vp = vn_from_inode(inode);
8843 + memset(&vattr, 0, sizeof vattr);
8845 + vattr.va_mask = XFS_AT_XFLAGS;
8846 + error = xfs_getattr(XFS_I(inode), &vattr, 0);
8850 + oldflags = vattr.va_xflags;
8851 + newflags = oldflags & ~(XFS_XFLAG_IMMUTABLE |
8852 + XFS_XFLAG_IUNLINK | XFS_XFLAG_BARRIER);
8854 + if (IS_IMMUTABLE(inode))
8855 + newflags |= XFS_XFLAG_IMMUTABLE;
8856 + if (IS_IUNLINK(inode))
8857 + newflags |= XFS_XFLAG_IUNLINK;
8858 + if (IS_BARRIER(inode))
8859 + newflags |= XFS_XFLAG_BARRIER;
8861 + if (oldflags ^ newflags) {
8862 + vattr.va_xflags = newflags;
8863 + vattr.va_mask |= XFS_AT_XFLAGS;
8864 + error = xfs_setattr(XFS_I(inode), &vattr, flags, NULL);
8866 + vn_revalidate(vp);
8872 struct dentry *dentry,
8874 @@ -881,6 +927,8 @@ const struct inode_operations xfs_dir_in
8875 .getxattr = xfs_vn_getxattr,
8876 .listxattr = xfs_vn_listxattr,
8877 .removexattr = xfs_vn_removexattr,
8878 + .sync_flags = xfs_vn_sync_flags,
8879 + .sync_flags = xfs_vn_sync_flags,
8882 const struct inode_operations xfs_symlink_inode_operations = {
8883 @@ -894,4 +942,5 @@ const struct inode_operations xfs_symlin
8884 .getxattr = xfs_vn_getxattr,
8885 .listxattr = xfs_vn_listxattr,
8886 .removexattr = xfs_vn_removexattr,
8887 + .sync_flags = xfs_vn_sync_flags,
8889 diff -NurpP --minimal linux-2.6.25/fs/xfs/linux-2.6/xfs_linux.h linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_linux.h
8890 --- linux-2.6.25/fs/xfs/linux-2.6/xfs_linux.h 2008-04-17 12:05:41.000000000 -0400
8891 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_linux.h 2008-04-19 15:14:52.000000000 -0400
8893 #define current_pid() (current->pid)
8894 #define current_fsuid(cred) (current->fsuid)
8895 #define current_fsgid(cred) (current->fsgid)
8896 +#define current_fstag(cred,vp) (dx_current_fstag(vn_to_inode(vp)->i_sb))
8897 #define current_test_flags(f) (current->flags & (f))
8898 #define current_set_flags_nested(sp, f) \
8899 (*(sp) = current->flags, current->flags |= (f))
8900 diff -NurpP --minimal linux-2.6.25/fs/xfs/linux-2.6/xfs_super.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_super.c
8901 --- linux-2.6.25/fs/xfs/linux-2.6/xfs_super.c 2008-04-17 12:05:41.000000000 -0400
8902 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_super.c 2008-04-26 09:51:47.000000000 -0400
8903 @@ -137,6 +137,9 @@ xfs_args_allocate(
8904 #define MNTOPT_DMAPI "dmapi" /* DMI enabled (DMAPI / XDSM) */
8905 #define MNTOPT_XDSM "xdsm" /* DMI enabled (DMAPI / XDSM) */
8906 #define MNTOPT_DMI "dmi" /* DMI enabled (DMAPI / XDSM) */
8907 +#define MNTOPT_TAGXID "tagxid" /* context tagging for inodes */
8908 +#define MNTOPT_TAGGED "tag" /* context tagging for inodes */
8909 +#define MNTOPT_NOTAGTAG "notag" /* do not use context tagging */
8911 STATIC unsigned long
8912 suffix_strtoul(char *s, char **endp, unsigned int base)
8913 @@ -355,6 +358,19 @@ xfs_parseargs(
8914 } else if (!strcmp(this_char, "irixsgid")) {
8916 "XFS: irixsgid is now a sysctl(2) variable, option is deprecated.");
8917 +#ifndef CONFIG_TAGGING_NONE
8918 + } else if (!strcmp(this_char, MNTOPT_TAGGED)) {
8919 + args->flags2 |= XFSMNT2_TAGGED;
8920 + } else if (!strcmp(this_char, MNTOPT_NOTAGTAG)) {
8921 + args->flags2 &= ~XFSMNT2_TAGGED;
8922 + } else if (!strcmp(this_char, MNTOPT_TAGXID)) {
8923 + args->flags2 |= XFSMNT2_TAGGED;
8925 +#ifdef CONFIG_PROPAGATE
8926 + } else if (!strcmp(this_char, MNTOPT_TAGGED)) {
8928 + args->flags2 |= XFSMNT2_TAGGED;
8932 "XFS: unknown mount option [%s].", this_char);
8933 @@ -591,6 +607,7 @@ xfs_revalidate_inode(
8934 inode->i_nlink = ip->i_d.di_nlink;
8935 inode->i_uid = ip->i_d.di_uid;
8936 inode->i_gid = ip->i_d.di_gid;
8937 + inode->i_tag = ip->i_d.di_tag;
8939 switch (inode->i_mode & S_IFMT) {
8941 @@ -612,6 +629,7 @@ xfs_revalidate_inode(
8942 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec;
8943 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec;
8944 inode->i_ctime.tv_nsec = ip->i_d.di_ctime.t_nsec;
8946 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE)
8947 inode->i_flags |= S_IMMUTABLE;
8949 @@ -628,6 +646,15 @@ xfs_revalidate_inode(
8950 inode->i_flags |= S_NOATIME;
8952 inode->i_flags &= ~S_NOATIME;
8954 + if (ip->i_d.di_vflags & XFS_DIVFLAG_IUNLINK)
8955 + inode->i_flags |= S_IUNLINK;
8957 + inode->i_flags &= ~S_IUNLINK;
8958 + if (ip->i_d.di_vflags & XFS_DIVFLAG_BARRIER)
8959 + inode->i_flags |= S_BARRIER;
8961 + inode->i_flags &= ~S_BARRIER;
8962 xfs_iflags_clear(ip, XFS_IMODIFIED);
8965 @@ -1220,6 +1247,12 @@ xfs_fs_remount(
8968 error = xfs_parseargs(mp, options, args, 1);
8969 + if ((args->flags2 & XFSMNT2_TAGGED) &&
8970 + !(sb->s_flags & MS_TAGGED)) {
8971 + printk("XFS: %s: tagging not permitted on remount.\n",
8976 error = xfs_mntupdate(mp, flags, args);
8977 kmem_free(args, sizeof(*args));
8978 @@ -1336,6 +1369,9 @@ xfs_fs_fill_super(
8982 + if (mp->m_flags & XFS_MOUNT_TAGGED)
8983 + sb->s_flags |= MS_TAGGED;
8986 sb->s_magic = XFS_SB_MAGIC;
8987 sb->s_blocksize = mp->m_sb.sb_blocksize;
8988 diff -NurpP --minimal linux-2.6.25/fs/xfs/linux-2.6/xfs_vnode.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_vnode.c
8989 --- linux-2.6.25/fs/xfs/linux-2.6/xfs_vnode.c 2008-04-17 12:05:41.000000000 -0400
8990 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_vnode.c 2008-04-19 17:04:58.000000000 -0400
8991 @@ -105,6 +105,7 @@ vn_revalidate(
8992 inode->i_mode = ip->i_d.di_mode;
8993 inode->i_uid = ip->i_d.di_uid;
8994 inode->i_gid = ip->i_d.di_gid;
8995 + inode->i_tag = ip->i_d.di_tag;
8996 inode->i_mtime.tv_sec = ip->i_d.di_mtime.t_sec;
8997 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec;
8998 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec;
8999 @@ -115,6 +116,14 @@ vn_revalidate(
9000 inode->i_flags |= S_IMMUTABLE;
9002 inode->i_flags &= ~S_IMMUTABLE;
9003 + if (xflags & XFS_XFLAG_IUNLINK)
9004 + inode->i_flags |= S_IUNLINK;
9006 + inode->i_flags &= ~S_IUNLINK;
9007 + if (xflags & XFS_XFLAG_BARRIER)
9008 + inode->i_flags |= S_BARRIER;
9010 + inode->i_flags &= ~S_BARRIER;
9011 if (xflags & XFS_XFLAG_APPEND)
9012 inode->i_flags |= S_APPEND;
9014 diff -NurpP --minimal linux-2.6.25/fs/xfs/linux-2.6/xfs_vnode.h linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_vnode.h
9015 --- linux-2.6.25/fs/xfs/linux-2.6/xfs_vnode.h 2008-04-17 12:05:41.000000000 -0400
9016 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/linux-2.6/xfs_vnode.h 2008-04-19 15:14:52.000000000 -0400
9017 @@ -99,6 +99,7 @@ typedef struct bhv_vattr {
9018 xfs_nlink_t va_nlink; /* number of references to file */
9019 uid_t va_uid; /* owner user id */
9020 gid_t va_gid; /* owner group id */
9021 + tag_t va_tag; /* owner group id */
9022 xfs_ino_t va_nodeid; /* file id */
9023 xfs_off_t va_size; /* file size in bytes */
9024 u_long va_blocksize; /* blocksize preferred for i/o */
9025 @@ -147,13 +148,15 @@ typedef struct bhv_vattr {
9026 #define XFS_AT_PROJID 0x04000000
9027 #define XFS_AT_SIZE_NOPERM 0x08000000
9028 #define XFS_AT_GENCOUNT 0x10000000
9029 +#define XFS_AT_TAG 0x20000000
9031 #define XFS_AT_ALL (XFS_AT_TYPE|XFS_AT_MODE|XFS_AT_UID|XFS_AT_GID|\
9032 XFS_AT_FSID|XFS_AT_NODEID|XFS_AT_NLINK|XFS_AT_SIZE|\
9033 XFS_AT_ATIME|XFS_AT_MTIME|XFS_AT_CTIME|XFS_AT_RDEV|\
9034 XFS_AT_BLKSIZE|XFS_AT_NBLOCKS|XFS_AT_VCODE|XFS_AT_MAC|\
9035 XFS_AT_ACL|XFS_AT_CAP|XFS_AT_INF|XFS_AT_XFLAGS|XFS_AT_EXTSIZE|\
9036 - XFS_AT_NEXTENTS|XFS_AT_ANEXTENTS|XFS_AT_PROJID|XFS_AT_GENCOUNT)
9037 + XFS_AT_NEXTENTS|XFS_AT_ANEXTENTS|XFS_AT_PROJID|XFS_AT_GENCOUNT\
9040 #define XFS_AT_STAT (XFS_AT_TYPE|XFS_AT_MODE|XFS_AT_UID|XFS_AT_GID|\
9041 XFS_AT_FSID|XFS_AT_NODEID|XFS_AT_NLINK|XFS_AT_SIZE|\
9042 diff -NurpP --minimal linux-2.6.25/fs/xfs/quota/xfs_qm_syscalls.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/quota/xfs_qm_syscalls.c
9043 --- linux-2.6.25/fs/xfs/quota/xfs_qm_syscalls.c 2008-04-17 12:05:42.000000000 -0400
9044 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/quota/xfs_qm_syscalls.c 2008-04-19 15:14:52.000000000 -0400
9048 #include <linux/capability.h>
9049 +#include <linux/vs_context.h>
9053 @@ -205,7 +206,7 @@ xfs_qm_scall_quotaoff(
9054 xfs_qoff_logitem_t *qoffstart;
9057 - if (!force && !capable(CAP_SYS_ADMIN))
9058 + if (!force && !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9059 return XFS_ERROR(EPERM);
9061 * No file system can have quotas enabled on disk but not in core.
9062 @@ -374,7 +375,7 @@ xfs_qm_scall_trunc_qfiles(
9066 - if (!capable(CAP_SYS_ADMIN))
9067 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9068 return XFS_ERROR(EPERM);
9070 if (!xfs_sb_version_hasquota(&mp->m_sb) || flags == 0) {
9071 @@ -418,7 +419,7 @@ xfs_qm_scall_quotaon(
9075 - if (!capable(CAP_SYS_ADMIN))
9076 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9077 return XFS_ERROR(EPERM);
9079 flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD);
9080 @@ -587,7 +588,7 @@ xfs_qm_scall_setqlim(
9082 xfs_qcnt_t hard, soft;
9084 - if (!capable(CAP_SYS_ADMIN))
9085 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9086 return XFS_ERROR(EPERM);
9088 if ((newlim->d_fieldmask &
9089 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_clnt.h linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_clnt.h
9090 --- linux-2.6.25/fs/xfs/xfs_clnt.h 2008-04-17 12:05:42.000000000 -0400
9091 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_clnt.h 2008-04-19 15:14:52.000000000 -0400
9092 @@ -100,5 +100,6 @@ struct xfs_mount_args {
9093 * I/O size in stat(2) */
9094 #define XFSMNT2_FILESTREAMS 0x00000002 /* enable the filestreams
9096 +#define XFSMNT2_TAGGED 0x80000000 /* context tagging */
9098 #endif /* __XFS_CLNT_H__ */
9099 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_dinode.h linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_dinode.h
9100 --- linux-2.6.25/fs/xfs/xfs_dinode.h 2008-04-17 12:05:42.000000000 -0400
9101 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_dinode.h 2008-04-27 10:33:37.000000000 -0400
9102 @@ -53,7 +53,9 @@ typedef struct xfs_dinode_core {
9103 __be32 di_gid; /* owner's group id */
9104 __be32 di_nlink; /* number of links to file */
9105 __be16 di_projid; /* owner's project id */
9106 - __u8 di_pad[8]; /* unused, zeroed space */
9107 + __be16 di_tag; /* context tagging */
9108 + __be16 di_vflags; /* vserver specific flags */
9109 + __u8 di_pad[4]; /* unused, zeroed space */
9110 __be16 di_flushiter; /* incremented on flush */
9111 xfs_timestamp_t di_atime; /* time last accessed */
9112 xfs_timestamp_t di_mtime; /* time last modified */
9113 @@ -136,7 +138,9 @@ typedef struct xfs_dinode
9114 #define XFS_DI_NEXT_UNLINKED 0x1000000
9115 #define XFS_DI_U 0x2000000
9116 #define XFS_DI_A 0x4000000
9117 -#define XFS_DI_NUM_BITS 27
9118 +#define XFS_DI_VFLAGS 0x8000000
9119 +#define XFS_DI_TAG 0x10000000
9120 +#define XFS_DI_NUM_BITS 29
9121 #define XFS_DI_ALL_BITS ((1 << XFS_DI_NUM_BITS) - 1)
9122 #define XFS_DI_CORE_BITS (XFS_DI_ALL_BITS & ~(XFS_DI_U|XFS_DI_A))
9124 @@ -223,6 +227,7 @@ typedef enum xfs_dinode_fmt
9125 #define XFS_DIFLAG_EXTSZINHERIT_BIT 12 /* inherit inode extent size */
9126 #define XFS_DIFLAG_NODEFRAG_BIT 13 /* do not reorganize/defragment */
9127 #define XFS_DIFLAG_FILESTREAM_BIT 14 /* use filestream allocator */
9129 #define XFS_DIFLAG_REALTIME (1 << XFS_DIFLAG_REALTIME_BIT)
9130 #define XFS_DIFLAG_PREALLOC (1 << XFS_DIFLAG_PREALLOC_BIT)
9131 #define XFS_DIFLAG_NEWRTBM (1 << XFS_DIFLAG_NEWRTBM_BIT)
9132 @@ -252,4 +257,7 @@ typedef enum xfs_dinode_fmt
9133 XFS_DIFLAG_PROJINHERIT | XFS_DIFLAG_NOSYMLINKS | XFS_DIFLAG_EXTSIZE | \
9134 XFS_DIFLAG_EXTSZINHERIT | XFS_DIFLAG_NODEFRAG | XFS_DIFLAG_FILESTREAM)
9136 +#define XFS_DIVFLAG_BARRIER 0x01
9137 +#define XFS_DIVFLAG_IUNLINK 0x02
9139 #endif /* __XFS_DINODE_H__ */
9140 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_fs.h linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_fs.h
9141 --- linux-2.6.25/fs/xfs/xfs_fs.h 2008-04-17 12:05:42.000000000 -0400
9142 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_fs.h 2008-04-19 15:14:52.000000000 -0400
9143 @@ -67,6 +67,8 @@ struct fsxattr {
9144 #define XFS_XFLAG_EXTSZINHERIT 0x00001000 /* inherit inode extent size */
9145 #define XFS_XFLAG_NODEFRAG 0x00002000 /* do not defragment */
9146 #define XFS_XFLAG_FILESTREAM 0x00004000 /* use filestream allocator */
9147 +#define XFS_XFLAG_BARRIER 0x10000000 /* chroot() barrier */
9148 +#define XFS_XFLAG_IUNLINK 0x20000000 /* immutable unlink */
9149 #define XFS_XFLAG_HASATTR 0x80000000 /* no DIFLAG for this */
9152 @@ -296,7 +298,8 @@ typedef struct xfs_bstat {
9153 __s32 bs_extents; /* number of extents */
9154 __u32 bs_gen; /* generation count */
9155 __u16 bs_projid; /* project id */
9156 - unsigned char bs_pad[14]; /* pad space, unused */
9157 + __u16 bs_tag; /* context tagging */
9158 + unsigned char bs_pad[12]; /* pad space, unused */
9159 __u32 bs_dmevmask; /* DMIG event mask */
9160 __u16 bs_dmstate; /* DMIG state info */
9161 __u16 bs_aextents; /* attribute number of extents */
9162 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_ialloc.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_ialloc.c
9163 --- linux-2.6.25/fs/xfs/xfs_ialloc.c 2008-04-17 12:05:42.000000000 -0400
9164 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_ialloc.c 2008-04-27 10:30:39.000000000 -0400
9165 @@ -66,6 +66,8 @@ xfs_ialloc_log_di(
9166 offsetof(xfs_dinode_core_t, di_gid),
9167 offsetof(xfs_dinode_core_t, di_nlink),
9168 offsetof(xfs_dinode_core_t, di_projid),
9169 + offsetof(xfs_dinode_core_t, di_tag),
9170 + offsetof(xfs_dinode_core_t, di_vflags),
9171 offsetof(xfs_dinode_core_t, di_pad),
9172 offsetof(xfs_dinode_core_t, di_atime),
9173 offsetof(xfs_dinode_core_t, di_mtime),
9174 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_inode.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_inode.c
9175 --- linux-2.6.25/fs/xfs/xfs_inode.c 2008-04-17 12:05:42.000000000 -0400
9176 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_inode.c 2008-04-26 11:06:34.000000000 -0400
9177 @@ -219,6 +219,7 @@ xfs_inotobp(
9181 +#include <linux/vs_tag.h>
9184 * This routine is called to map an inode to the buffer containing
9185 @@ -716,13 +717,21 @@ xfs_dinode_from_disk(
9187 xfs_dinode_core_t *from)
9189 + uint32_t uid, gid;
9191 to->di_magic = be16_to_cpu(from->di_magic);
9192 to->di_mode = be16_to_cpu(from->di_mode);
9193 to->di_version = from ->di_version;
9194 to->di_format = from->di_format;
9195 to->di_onlink = be16_to_cpu(from->di_onlink);
9196 - to->di_uid = be32_to_cpu(from->di_uid);
9197 - to->di_gid = be32_to_cpu(from->di_gid);
9199 + uid = be32_to_cpu(from->di_uid);
9200 + gid = be32_to_cpu(from->di_gid);
9202 + to->di_uid = INOTAG_UID(1, uid, gid);
9203 + to->di_gid = INOTAG_GID(1, uid, gid);
9204 + to->di_tag = INOTAG_TAG(1, uid, gid, 0);
9206 to->di_nlink = be32_to_cpu(from->di_nlink);
9207 to->di_projid = be16_to_cpu(from->di_projid);
9208 memcpy(to->di_pad, from->di_pad, sizeof(to->di_pad));
9209 @@ -756,8 +765,10 @@ xfs_dinode_to_disk(
9210 to->di_version = from ->di_version;
9211 to->di_format = from->di_format;
9212 to->di_onlink = cpu_to_be16(from->di_onlink);
9213 - to->di_uid = cpu_to_be32(from->di_uid);
9214 - to->di_gid = cpu_to_be32(from->di_gid);
9216 + to->di_uid = cpu_to_be32(TAGINO_UID(1, from->di_uid, from->di_tag));
9217 + to->di_gid = cpu_to_be32(TAGINO_GID(1, from->di_gid, from->di_tag));
9219 to->di_nlink = cpu_to_be32(from->di_nlink);
9220 to->di_projid = cpu_to_be16(from->di_projid);
9221 memcpy(to->di_pad, from->di_pad, sizeof(to->di_pad));
9222 @@ -783,7 +794,8 @@ xfs_dinode_to_disk(
9226 - __uint16_t di_flags)
9227 + __uint16_t di_flags,
9228 + __uint16_t di_vflags)
9232 @@ -817,7 +829,10 @@ _xfs_dic2xflags(
9233 if (di_flags & XFS_DIFLAG_FILESTREAM)
9234 flags |= XFS_XFLAG_FILESTREAM;
9237 + if (di_vflags & XFS_DIVFLAG_IUNLINK)
9238 + flags |= XFS_XFLAG_IUNLINK;
9239 + if (di_vflags & XFS_DIVFLAG_BARRIER)
9240 + flags |= XFS_XFLAG_BARRIER;
9244 @@ -827,7 +842,7 @@ xfs_ip2xflags(
9246 xfs_icdinode_t *dic = &ip->i_d;
9248 - return _xfs_dic2xflags(dic->di_flags) |
9249 + return _xfs_dic2xflags(dic->di_flags, dic->di_vflags) |
9250 (XFS_IFORK_Q(ip) ? XFS_XFLAG_HASATTR : 0);
9253 @@ -837,7 +852,7 @@ xfs_dic2xflags(
9255 xfs_dinode_core_t *dic = &dip->di_core;
9257 - return _xfs_dic2xflags(be16_to_cpu(dic->di_flags)) |
9258 + return _xfs_dic2xflags(be16_to_cpu(dic->di_flags), be16_to_cpu(dic->di_vflags)) |
9259 (XFS_DFORK_Q(dip) ? XFS_XFLAG_HASATTR : 0);
9262 @@ -1138,6 +1153,7 @@ xfs_ialloc(
9263 ASSERT(ip->i_d.di_nlink == nlink);
9264 ip->i_d.di_uid = current_fsuid(cr);
9265 ip->i_d.di_gid = current_fsgid(cr);
9266 + ip->i_d.di_tag = current_fstag(cr, vp);
9267 ip->i_d.di_projid = prid;
9268 memset(&(ip->i_d.di_pad[0]), 0, sizeof(ip->i_d.di_pad));
9270 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_inode.h linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_inode.h
9271 --- linux-2.6.25/fs/xfs/xfs_inode.h 2008-04-17 12:05:42.000000000 -0400
9272 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_inode.h 2008-04-19 15:14:52.000000000 -0400
9273 @@ -187,7 +187,9 @@ typedef struct xfs_icdinode {
9274 __uint32_t di_gid; /* owner's group id */
9275 __uint32_t di_nlink; /* number of links to file */
9276 __uint16_t di_projid; /* owner's project id */
9277 - __uint8_t di_pad[8]; /* unused, zeroed space */
9278 + __uint16_t di_tag; /* context tagging */
9279 + __uint16_t di_vflags; /* vserver specific flags */
9280 + __uint8_t di_pad[4]; /* unused, zeroed space */
9281 __uint16_t di_flushiter; /* incremented on flush */
9282 xfs_ictimestamp_t di_atime; /* time last accessed */
9283 xfs_ictimestamp_t di_mtime; /* time last modified */
9284 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_itable.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_itable.c
9285 --- linux-2.6.25/fs/xfs/xfs_itable.c 2008-04-17 12:05:42.000000000 -0400
9286 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_itable.c 2008-04-19 15:14:52.000000000 -0400
9287 @@ -89,6 +89,7 @@ xfs_bulkstat_one_iget(
9288 buf->bs_mode = dic->di_mode;
9289 buf->bs_uid = dic->di_uid;
9290 buf->bs_gid = dic->di_gid;
9291 + buf->bs_tag = dic->di_tag;
9292 buf->bs_size = dic->di_size;
9293 vn_atime_to_bstime(vp, &buf->bs_atime);
9294 buf->bs_mtime.tv_sec = dic->di_mtime.t_sec;
9295 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_mount.h linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_mount.h
9296 --- linux-2.6.25/fs/xfs/xfs_mount.h 2008-04-17 12:05:43.000000000 -0400
9297 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_mount.h 2008-04-19 15:14:52.000000000 -0400
9298 @@ -378,6 +378,7 @@ typedef struct xfs_mount {
9299 #define XFS_MOUNT_FILESTREAMS (1ULL << 24) /* enable the filestreams
9302 +#define XFS_MOUNT_TAGGED (1ULL << 31) /* context tagging */
9305 * Default minimum read and write sizes.
9306 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_vfsops.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_vfsops.c
9307 --- linux-2.6.25/fs/xfs/xfs_vfsops.c 2008-04-17 12:05:43.000000000 -0400
9308 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_vfsops.c 2008-04-26 09:52:49.000000000 -0400
9309 @@ -290,6 +290,8 @@ xfs_start_flags(
9311 if (ap->flags2 & XFSMNT2_COMPAT_IOSIZE)
9312 mp->m_flags |= XFS_MOUNT_COMPAT_IOSIZE;
9313 + if (ap->flags2 & XFSMNT2_TAGGED)
9314 + mp->m_flags |= XFS_MOUNT_TAGGED;
9317 * no recovery flag requires a read-only mount
9318 @@ -402,7 +404,6 @@ xfs_finish_flags(
9319 if (ap->flags & XFSMNT_PQUOTAENF)
9320 mp->m_qflags |= XFS_OQUOTA_ENFD;
9326 diff -NurpP --minimal linux-2.6.25/fs/xfs/xfs_vnodeops.c linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_vnodeops.c
9327 --- linux-2.6.25/fs/xfs/xfs_vnodeops.c 2008-04-17 12:05:43.000000000 -0400
9328 +++ linux-2.6.25-vs2.3.0.34.9/fs/xfs/xfs_vnodeops.c 2008-04-19 15:14:52.000000000 -0400
9329 @@ -122,6 +122,7 @@ xfs_getattr(
9330 vap->va_mode = ip->i_d.di_mode;
9331 vap->va_uid = ip->i_d.di_uid;
9332 vap->va_gid = ip->i_d.di_gid;
9333 + vap->va_tag = ip->i_d.di_tag;
9334 vap->va_projid = ip->i_d.di_projid;
9337 @@ -221,6 +222,7 @@ xfs_setattr(
9338 uint commit_flags=0;
9339 uid_t uid=0, iuid=0;
9340 gid_t gid=0, igid=0;
9341 + tag_t tag=0, itag=0;
9343 xfs_prid_t projid=0, iprojid=0;
9344 int mandlock_before, mandlock_after;
9345 @@ -272,6 +274,7 @@ xfs_setattr(
9346 (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID))) {
9349 + /* TODO: handle tagging? */
9350 if ((mask & XFS_AT_UID) && XFS_IS_UQUOTA_ON(mp)) {
9352 qflags |= XFS_QMOPT_UQUOTA;
9353 @@ -351,6 +354,8 @@ xfs_setattr(
9355 (XFS_AT_MODE|XFS_AT_XFLAGS|XFS_AT_EXTSIZE|XFS_AT_UID|
9356 XFS_AT_GID|XFS_AT_PROJID)) {
9357 + /* TODO: handle tagging? */
9360 * CAP_FOWNER overrides the following restrictions:
9362 @@ -399,7 +404,7 @@ xfs_setattr(
9363 * and can change the group id only to a group of which he
9364 * or she is a member.
9366 - if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID)) {
9367 + if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_TAG|XFS_AT_PROJID)) {
9369 * These IDs could have changed since we last looked at them.
9370 * But, we're assured that if the ownership did change
9371 @@ -407,10 +412,12 @@ xfs_setattr(
9372 * would have changed also.
9374 iuid = ip->i_d.di_uid;
9375 - iprojid = ip->i_d.di_projid;
9376 igid = ip->i_d.di_gid;
9377 - gid = (mask & XFS_AT_GID) ? vap->va_gid : igid;
9378 + itag = ip->i_d.di_tag;
9379 + iprojid = ip->i_d.di_projid;
9380 uid = (mask & XFS_AT_UID) ? vap->va_uid : iuid;
9381 + gid = (mask & XFS_AT_GID) ? vap->va_gid : igid;
9382 + tag = (mask & XFS_AT_TAG) ? vap->va_tag : itag;
9383 projid = (mask & XFS_AT_PROJID) ? (xfs_prid_t)vap->va_projid :
9386 @@ -438,6 +445,7 @@ xfs_setattr(
9387 if ((XFS_IS_UQUOTA_ON(mp) && iuid != uid) ||
9388 (XFS_IS_PQUOTA_ON(mp) && iprojid != projid) ||
9389 (XFS_IS_GQUOTA_ON(mp) && igid != gid)) {
9390 + /* TODO: handle tagging? */
9392 code = XFS_QM_DQVOPCHOWNRESV(mp, tp, ip, udqp, gdqp,
9393 capable(CAP_FOWNER) ?
9394 @@ -686,7 +694,7 @@ xfs_setattr(
9395 * and can change the group id only to a group of which he
9396 * or she is a member.
9398 - if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID)) {
9399 + if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_TAG|XFS_AT_PROJID)) {
9401 * CAP_FSETID overrides the following restrictions:
9403 @@ -702,6 +710,9 @@ xfs_setattr(
9404 * Change the ownerships and register quota modifications
9405 * in the transaction.
9407 + if (itag != tag) {
9408 + ip->i_d.di_tag = tag;
9411 if (XFS_IS_UQUOTA_ON(mp)) {
9412 ASSERT(mask & XFS_AT_UID);
9413 @@ -777,6 +788,7 @@ xfs_setattr(
9415 if (mask & XFS_AT_XFLAGS) {
9417 + uint di_vflags = 0;
9419 /* can't set PREALLOC this way, just preserve it */
9420 di_flags = (ip->i_d.di_flags & XFS_DIFLAG_PREALLOC);
9421 @@ -810,6 +822,11 @@ xfs_setattr(
9422 di_flags |= XFS_DIFLAG_EXTSIZE;
9424 ip->i_d.di_flags = di_flags;
9425 + if (vap->va_xflags & XFS_XFLAG_IUNLINK)
9426 + di_vflags |= XFS_DIVFLAG_IUNLINK;
9427 + if (vap->va_xflags & XFS_XFLAG_BARRIER)
9428 + di_vflags |= XFS_DIVFLAG_BARRIER;
9429 + ip->i_d.di_vflags = di_vflags;
9431 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
9432 timeflags |= XFS_ICHGTIME_CHG;
9433 diff -NurpP --minimal linux-2.6.25/include/asm-arm/tlb.h linux-2.6.25-vs2.3.0.34.9/include/asm-arm/tlb.h
9434 --- linux-2.6.25/include/asm-arm/tlb.h 2008-04-17 12:05:43.000000000 -0400
9435 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-arm/tlb.h 2008-04-19 15:14:52.000000000 -0400
9437 #else /* !CONFIG_MMU */
9439 #include <asm/pgalloc.h>
9440 +#include <linux/vs_memory.h>
9443 * TLB handling. This allows us to remove pages from the page
9444 diff -NurpP --minimal linux-2.6.25/include/asm-blackfin/unistd.h linux-2.6.25-vs2.3.0.34.9/include/asm-blackfin/unistd.h
9445 --- linux-2.6.25/include/asm-blackfin/unistd.h 2008-04-17 12:05:43.000000000 -0400
9446 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-blackfin/unistd.h 2008-04-19 15:14:52.000000000 -0400
9448 #define __NR_tgkill 271
9449 #define __NR_utimes 272
9450 #define __NR_fadvise64_64 273
9451 - /* 274 __NR_vserver */
9452 +#define __NR_vserver 274
9453 /* 275 __NR_mbind */
9454 /* 276 __NR_get_mempolicy */
9455 /* 277 __NR_set_mempolicy */
9456 diff -NurpP --minimal linux-2.6.25/include/asm-generic/tlb.h linux-2.6.25-vs2.3.0.34.9/include/asm-generic/tlb.h
9457 --- linux-2.6.25/include/asm-generic/tlb.h 2008-04-17 12:05:43.000000000 -0400
9458 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-generic/tlb.h 2008-04-19 15:50:15.000000000 -0400
9460 #define _ASM_GENERIC__TLB_H
9462 #include <linux/swap.h>
9463 +#include <linux/vs_memory.h>
9464 #include <asm/pgalloc.h>
9465 #include <asm/tlbflush.h>
9467 diff -NurpP --minimal linux-2.6.25/include/asm-ia64/tlb.h linux-2.6.25-vs2.3.0.34.9/include/asm-ia64/tlb.h
9468 --- linux-2.6.25/include/asm-ia64/tlb.h 2007-02-04 13:44:54.000000000 -0500
9469 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-ia64/tlb.h 2008-04-19 15:14:52.000000000 -0400
9471 #include <linux/mm.h>
9472 #include <linux/pagemap.h>
9473 #include <linux/swap.h>
9474 +#include <linux/vs_memory.h>
9476 #include <asm/pgalloc.h>
9477 #include <asm/processor.h>
9478 diff -NurpP --minimal linux-2.6.25/include/asm-powerpc/systbl.h linux-2.6.25-vs2.3.0.34.9/include/asm-powerpc/systbl.h
9479 --- linux-2.6.25/include/asm-powerpc/systbl.h 2008-04-17 12:05:44.000000000 -0400
9480 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-powerpc/systbl.h 2008-04-19 15:14:52.000000000 -0400
9481 @@ -260,7 +260,7 @@ COMPAT_SYS_SPU(fstatfs64)
9482 SYSX(sys_ni_syscall, ppc_fadvise64_64, ppc_fadvise64_64)
9484 OLDSYS(debug_setcontext)
9485 -SYSCALL(ni_syscall)
9486 +SYSX(sys_vserver, sys32_vserver, sys_vserver)
9487 COMPAT_SYS(migrate_pages)
9489 COMPAT_SYS(get_mempolicy)
9490 diff -NurpP --minimal linux-2.6.25/include/asm-powerpc/unistd.h linux-2.6.25-vs2.3.0.34.9/include/asm-powerpc/unistd.h
9491 --- linux-2.6.25/include/asm-powerpc/unistd.h 2008-04-17 12:05:44.000000000 -0400
9492 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-powerpc/unistd.h 2008-04-19 15:14:52.000000000 -0400
9495 #define __NR_rtas 255
9496 #define __NR_sys_debug_setcontext 256
9497 -/* Number 257 is reserved for vserver */
9498 +#define __NR_vserver 257
9499 #define __NR_migrate_pages 258
9500 #define __NR_mbind 259
9501 #define __NR_get_mempolicy 260
9502 diff -NurpP --minimal linux-2.6.25/include/asm-s390/unistd.h linux-2.6.25-vs2.3.0.34.9/include/asm-s390/unistd.h
9503 --- linux-2.6.25/include/asm-s390/unistd.h 2008-04-17 12:05:44.000000000 -0400
9504 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-s390/unistd.h 2008-04-19 15:14:52.000000000 -0400
9506 #define __NR_clock_gettime (__NR_timer_create+6)
9507 #define __NR_clock_getres (__NR_timer_create+7)
9508 #define __NR_clock_nanosleep (__NR_timer_create+8)
9509 -/* Number 263 is reserved for vserver */
9510 +#define __NR_vserver 263
9511 #define __NR_statfs64 265
9512 #define __NR_fstatfs64 266
9513 #define __NR_remap_file_pages 267
9514 diff -NurpP --minimal linux-2.6.25/include/asm-sparc/unistd.h linux-2.6.25-vs2.3.0.34.9/include/asm-sparc/unistd.h
9515 --- linux-2.6.25/include/asm-sparc/unistd.h 2008-04-17 12:05:44.000000000 -0400
9516 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-sparc/unistd.h 2008-04-19 15:14:52.000000000 -0400
9518 #define __NR_timer_getoverrun 264
9519 #define __NR_timer_delete 265
9520 #define __NR_timer_create 266
9521 -/* #define __NR_vserver 267 Reserved for VSERVER */
9522 +#define __NR_vserver 267
9523 #define __NR_io_setup 268
9524 #define __NR_io_destroy 269
9525 #define __NR_io_submit 270
9526 diff -NurpP --minimal linux-2.6.25/include/asm-sparc64/tlb.h linux-2.6.25-vs2.3.0.34.9/include/asm-sparc64/tlb.h
9527 --- linux-2.6.25/include/asm-sparc64/tlb.h 2008-04-17 12:05:44.000000000 -0400
9528 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-sparc64/tlb.h 2008-04-19 15:14:52.000000000 -0400
9531 #include <linux/swap.h>
9532 #include <linux/pagemap.h>
9533 +#include <linux/vs_memory.h>
9534 #include <asm/pgalloc.h>
9535 #include <asm/tlbflush.h>
9536 #include <asm/mmu_context.h>
9537 diff -NurpP --minimal linux-2.6.25/include/asm-sparc64/unistd.h linux-2.6.25-vs2.3.0.34.9/include/asm-sparc64/unistd.h
9538 --- linux-2.6.25/include/asm-sparc64/unistd.h 2008-04-17 12:05:44.000000000 -0400
9539 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-sparc64/unistd.h 2008-04-19 15:14:52.000000000 -0400
9541 #define __NR_timer_getoverrun 264
9542 #define __NR_timer_delete 265
9543 #define __NR_timer_create 266
9544 -/* #define __NR_vserver 267 Reserved for VSERVER */
9545 +#define __NR_vserver 267
9546 #define __NR_io_setup 268
9547 #define __NR_io_destroy 269
9548 #define __NR_io_submit 270
9549 diff -NurpP --minimal linux-2.6.25/include/asm-x86/unistd_64.h linux-2.6.25-vs2.3.0.34.9/include/asm-x86/unistd_64.h
9550 --- linux-2.6.25/include/asm-x86/unistd_64.h 2008-04-17 12:05:44.000000000 -0400
9551 +++ linux-2.6.25-vs2.3.0.34.9/include/asm-x86/unistd_64.h 2008-04-19 15:14:52.000000000 -0400
9552 @@ -535,7 +535,7 @@ __SYSCALL(__NR_tgkill, sys_tgkill)
9553 #define __NR_utimes 235
9554 __SYSCALL(__NR_utimes, sys_utimes)
9555 #define __NR_vserver 236
9556 -__SYSCALL(__NR_vserver, sys_ni_syscall)
9557 +__SYSCALL(__NR_vserver, sys_vserver)
9558 #define __NR_mbind 237
9559 __SYSCALL(__NR_mbind, sys_mbind)
9560 #define __NR_set_mempolicy 238
9561 diff -NurpP --minimal linux-2.6.25/include/linux/capability.h linux-2.6.25-vs2.3.0.34.9/include/linux/capability.h
9562 --- linux-2.6.25/include/linux/capability.h 2008-04-17 12:05:44.000000000 -0400
9563 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/capability.h 2008-04-22 11:01:12.000000000 -0400
9564 @@ -260,6 +260,7 @@ typedef struct kernel_cap_struct {
9565 arbitrary SCSI commands */
9566 /* Allow setting encryption key on loopback filesystem */
9567 /* Allow setting zone reclaim policy */
9568 +/* Allow the selection of a security context */
9570 #define CAP_SYS_ADMIN 21
9572 @@ -332,7 +333,13 @@ typedef struct kernel_cap_struct {
9574 #define CAP_MAC_ADMIN 33
9576 -#define CAP_LAST_CAP CAP_MAC_ADMIN
9577 +/* Allow context manipulations */
9578 +/* Allow changing context info on files */
9580 +#define CAP_CONTEXT 34
9583 +#define CAP_LAST_CAP CAP_CONTEXT
9585 #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
9587 diff -NurpP --minimal linux-2.6.25/include/linux/devpts_fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/devpts_fs.h
9588 --- linux-2.6.25/include/linux/devpts_fs.h 2007-02-04 13:44:54.000000000 -0500
9589 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/devpts_fs.h 2008-04-19 15:14:52.000000000 -0400
9590 @@ -30,5 +30,4 @@ static inline void devpts_pty_kill(int n
9595 #endif /* _LINUX_DEVPTS_FS_H */
9596 diff -NurpP --minimal linux-2.6.25/include/linux/ext2_fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/ext2_fs.h
9597 --- linux-2.6.25/include/linux/ext2_fs.h 2008-04-17 11:31:39.000000000 -0400
9598 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/ext2_fs.h 2008-04-19 15:14:52.000000000 -0400
9599 @@ -189,6 +189,8 @@ struct ext2_group_desc
9600 #define EXT2_NOTAIL_FL FS_NOTAIL_FL /* file tail should not be merged */
9601 #define EXT2_DIRSYNC_FL FS_DIRSYNC_FL /* dirsync behaviour (directories only) */
9602 #define EXT2_TOPDIR_FL FS_TOPDIR_FL /* Top of directory hierarchies*/
9603 +#define EXT2_BARRIER_FL FS_BARRIER_FL /* Barrier for chroot() */
9604 +#define EXT2_IUNLINK_FL FS_IUNLINK_FL /* Immutable unlink */
9605 #define EXT2_RESERVED_FL FS_RESERVED_FL /* reserved for ext2 lib */
9607 #define EXT2_FL_USER_VISIBLE FS_FL_USER_VISIBLE /* User visible flags */
9608 @@ -247,7 +249,7 @@ struct ext2_inode {
9610 __u8 l_i_frag; /* Fragment number */
9611 __u8 l_i_fsize; /* Fragment size */
9613 + __u16 l_i_tag; /* Context Tag */
9614 __le16 l_i_uid_high; /* these 2 fields */
9615 __le16 l_i_gid_high; /* were reserved2[0] */
9616 __u32 l_i_reserved2;
9617 @@ -279,6 +281,7 @@ struct ext2_inode {
9618 #define i_gid_low i_gid
9619 #define i_uid_high osd2.linux2.l_i_uid_high
9620 #define i_gid_high osd2.linux2.l_i_gid_high
9621 +#define i_raw_tag osd2.linux2.l_i_tag
9622 #define i_reserved2 osd2.linux2.l_i_reserved2
9625 @@ -323,6 +326,7 @@ struct ext2_inode {
9626 #define EXT2_MOUNT_USRQUOTA 0x020000 /* user quota */
9627 #define EXT2_MOUNT_GRPQUOTA 0x040000 /* group quota */
9628 #define EXT2_MOUNT_RESERVATION 0x080000 /* Preallocation */
9629 +#define EXT2_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
9632 #define clear_opt(o, opt) o &= ~EXT2_MOUNT_##opt
9633 diff -NurpP --minimal linux-2.6.25/include/linux/ext3_fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/ext3_fs.h
9634 --- linux-2.6.25/include/linux/ext3_fs.h 2008-04-17 12:05:44.000000000 -0400
9635 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/ext3_fs.h 2008-04-19 15:14:52.000000000 -0400
9636 @@ -173,6 +173,8 @@ struct ext3_group_desc
9637 #define EXT3_NOTAIL_FL 0x00008000 /* file tail should not be merged */
9638 #define EXT3_DIRSYNC_FL 0x00010000 /* dirsync behaviour (directories only) */
9639 #define EXT3_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
9640 +#define EXT3_BARRIER_FL 0x04000000 /* Barrier for chroot() */
9641 +#define EXT3_IUNLINK_FL 0x08000000 /* Immutable unlink */
9642 #define EXT3_RESERVED_FL 0x80000000 /* reserved for ext3 lib */
9644 #define EXT3_FL_USER_VISIBLE 0x0003DFFF /* User visible flags */
9645 @@ -292,7 +294,7 @@ struct ext3_inode {
9647 __u8 l_i_frag; /* Fragment number */
9648 __u8 l_i_fsize; /* Fragment size */
9650 + __u16 l_i_tag; /* Context Tag */
9651 __le16 l_i_uid_high; /* these 2 fields */
9652 __le16 l_i_gid_high; /* were reserved2[0] */
9653 __u32 l_i_reserved2;
9654 @@ -326,6 +328,7 @@ struct ext3_inode {
9655 #define i_gid_low i_gid
9656 #define i_uid_high osd2.linux2.l_i_uid_high
9657 #define i_gid_high osd2.linux2.l_i_gid_high
9658 +#define i_raw_tag osd2.linux2.l_i_tag
9659 #define i_reserved2 osd2.linux2.l_i_reserved2
9661 #elif defined(__GNU__)
9662 @@ -380,6 +383,7 @@ struct ext3_inode {
9663 #define EXT3_MOUNT_QUOTA 0x80000 /* Some quota option set */
9664 #define EXT3_MOUNT_USRQUOTA 0x100000 /* "old" user quota */
9665 #define EXT3_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */
9666 +#define EXT3_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
9668 /* Compatibility, for having both ext2_fs.h and ext3_fs.h included at once */
9669 #ifndef _LINUX_EXT2_FS_H
9670 @@ -822,6 +826,7 @@ struct buffer_head * ext3_bread (handle_
9671 int ext3_get_blocks_handle(handle_t *handle, struct inode *inode,
9672 sector_t iblock, unsigned long maxblocks, struct buffer_head *bh_result,
9673 int create, int extend_disksize);
9674 +extern int ext3_sync_flags(struct inode *inode);
9676 extern struct inode *ext3_iget(struct super_block *, unsigned long);
9677 extern int ext3_write_inode (struct inode *, int);
9678 diff -NurpP --minimal linux-2.6.25/include/linux/ext4_fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/ext4_fs.h
9679 --- linux-2.6.25/include/linux/ext4_fs.h 2008-04-17 12:05:44.000000000 -0400
9680 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/ext4_fs.h 2008-04-19 15:43:04.000000000 -0400
9681 @@ -231,6 +231,8 @@ struct ext4_group_desc
9682 #define EXT4_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
9683 #define EXT4_HUGE_FILE_FL 0x00040000 /* Set to each huge file */
9684 #define EXT4_EXTENTS_FL 0x00080000 /* Inode uses extents */
9685 +#define EXT4_BARRIER_FL 0x04000000 /* Barrier for chroot() */
9686 +#define EXT4_IUNLINK_FL 0x08000000 /* Immutable unlink */
9687 #define EXT4_RESERVED_FL 0x80000000 /* reserved for ext4 lib */
9689 #define EXT4_FL_USER_VISIBLE 0x000BDFFF /* User visible flags */
9690 @@ -359,7 +361,8 @@ struct ext4_inode {
9691 __le16 l_i_file_acl_high;
9692 __le16 l_i_uid_high; /* these 2 fields */
9693 __le16 l_i_gid_high; /* were reserved2[0] */
9694 - __u32 l_i_reserved2;
9695 + __u16 l_i_tag; /* Context Tag */
9696 + __u16 l_i_reserved2;
9699 __le16 h_i_reserved1; /* Obsoleted fragment number/size which are removed in ext4 */
9700 @@ -465,6 +468,7 @@ do { \
9701 #define i_gid_low i_gid
9702 #define i_uid_high osd2.linux2.l_i_uid_high
9703 #define i_gid_high osd2.linux2.l_i_gid_high
9704 +#define i_raw_tag osd2.linux2.l_i_tag
9705 #define i_reserved2 osd2.linux2.l_i_reserved2
9707 #elif defined(__GNU__)
9708 @@ -528,6 +532,7 @@ do { \
9709 #define EXT4_MOUNT_JOURNAL_ASYNC_COMMIT 0x1000000 /* Journal Async Commit */
9710 #define EXT4_MOUNT_I_VERSION 0x2000000 /* i_version support */
9711 #define EXT4_MOUNT_MBALLOC 0x4000000 /* Buddy allocation support */
9712 +#define EXT4_MOUNT_TAGGED 0x8000000 /* Enable Context Tags */
9713 /* Compatibility, for having both ext2_fs.h and ext4_fs.h included at once */
9714 #ifndef _LINUX_EXT2_FS_H
9715 #define clear_opt(o, opt) o &= ~EXT4_MOUNT_##opt
9716 @@ -1030,6 +1035,7 @@ int ext4_get_blocks_handle(handle_t *han
9717 ext4_lblk_t iblock, unsigned long maxblocks,
9718 struct buffer_head *bh_result,
9719 int create, int extend_disksize);
9720 +extern int ext4_sync_flags(struct inode *inode);
9722 extern struct inode *ext4_iget(struct super_block *, unsigned long);
9723 extern int ext4_write_inode (struct inode *, int);
9724 diff -NurpP --minimal linux-2.6.25/include/linux/fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/fs.h
9725 --- linux-2.6.25/include/linux/fs.h 2008-04-17 12:05:44.000000000 -0400
9726 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/fs.h 2008-04-19 15:37:28.000000000 -0400
9727 @@ -125,6 +125,8 @@ extern int dir_notify_enable;
9728 #define MS_RELATIME (1<<21) /* Update atime relative to mtime/ctime. */
9729 #define MS_KERNMOUNT (1<<22) /* this is a kern_mount call */
9730 #define MS_I_VERSION (1<<23) /* Update inode I_version field */
9731 +#define MS_TAGGED (1<<24) /* use generic inode tagging */
9732 +#define MS_TAGID (1<<25) /* use specific tag for this mount */
9733 #define MS_ACTIVE (1<<30)
9734 #define MS_NOUSER (1<<31)
9736 @@ -151,6 +153,8 @@ extern int dir_notify_enable;
9737 #define S_NOCMTIME 128 /* Do not update file c/mtime */
9738 #define S_SWAPFILE 256 /* Do not truncate: swapon got its bmaps */
9739 #define S_PRIVATE 512 /* Inode is fs-internal */
9740 +#define S_BARRIER 1024 /* Barrier for chroot() */
9741 +#define S_IUNLINK 2048 /* Immutable unlink */
9744 * Note that nosuid etc flags are inode-specific: setting some file-system
9745 @@ -167,25 +171,37 @@ extern int dir_notify_enable;
9747 #define __IS_FLG(inode,flg) ((inode)->i_sb->s_flags & (flg))
9749 -#define IS_RDONLY(inode) ((inode)->i_sb->s_flags & MS_RDONLY)
9750 +#define IS_RDONLY(inode) __IS_FLG(inode, MS_RDONLY)
9751 #define IS_SYNC(inode) (__IS_FLG(inode, MS_SYNCHRONOUS) || \
9752 ((inode)->i_flags & S_SYNC))
9753 #define IS_DIRSYNC(inode) (__IS_FLG(inode, MS_SYNCHRONOUS|MS_DIRSYNC) || \
9754 ((inode)->i_flags & (S_SYNC|S_DIRSYNC)))
9755 #define IS_MANDLOCK(inode) __IS_FLG(inode, MS_MANDLOCK)
9756 -#define IS_NOATIME(inode) __IS_FLG(inode, MS_RDONLY|MS_NOATIME)
9757 -#define IS_I_VERSION(inode) __IS_FLG(inode, MS_I_VERSION)
9758 +#define IS_NOATIME(inode) __IS_FLG(inode, MS_RDONLY|MS_NOATIME)
9759 +#define IS_I_VERSION(inode) __IS_FLG(inode, MS_I_VERSION)
9760 +#define IS_TAGGED(inode) __IS_FLG(inode, MS_TAGGED)
9762 #define IS_NOQUOTA(inode) ((inode)->i_flags & S_NOQUOTA)
9763 #define IS_APPEND(inode) ((inode)->i_flags & S_APPEND)
9764 #define IS_IMMUTABLE(inode) ((inode)->i_flags & S_IMMUTABLE)
9765 +#define IS_IUNLINK(inode) ((inode)->i_flags & S_IUNLINK)
9766 +#define IS_IXORUNLINK(inode) ((IS_IUNLINK(inode) ? S_IMMUTABLE : 0) ^ IS_IMMUTABLE(inode))
9767 #define IS_POSIXACL(inode) __IS_FLG(inode, MS_POSIXACL)
9769 +#define IS_BARRIER(inode) (S_ISDIR((inode)->i_mode) && ((inode)->i_flags & S_BARRIER))
9770 #define IS_DEADDIR(inode) ((inode)->i_flags & S_DEAD)
9771 #define IS_NOCMTIME(inode) ((inode)->i_flags & S_NOCMTIME)
9772 #define IS_SWAPFILE(inode) ((inode)->i_flags & S_SWAPFILE)
9773 #define IS_PRIVATE(inode) ((inode)->i_flags & S_PRIVATE)
9775 +#ifdef CONFIG_VSERVER_COWBL
9776 +# define IS_COW(inode) (IS_IUNLINK(inode) && IS_IMMUTABLE(inode))
9777 +# define IS_COW_LINK(inode) (S_ISREG((inode)->i_mode) && ((inode)->i_nlink > 1))
9779 +# define IS_COW(inode) (0)
9780 +# define IS_COW_LINK(inode) (0)
9783 /* the read-only stuff doesn't really belong here, but any other place is
9784 probably as bad and I don't want to create yet another include file. */
9786 @@ -259,12 +275,13 @@ extern int dir_notify_enable;
9787 #define FS_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
9788 #define FS_EXTENT_FL 0x00080000 /* Extents */
9789 #define FS_DIRECTIO_FL 0x00100000 /* Use direct i/o */
9790 +#define FS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
9791 +#define FS_IUNLINK_FL 0x08000000 /* Immutable unlink */
9792 #define FS_RESERVED_FL 0x80000000 /* reserved for ext2 lib */
9794 #define FS_FL_USER_VISIBLE 0x0003DFFF /* User visible flags */
9795 #define FS_FL_USER_MODIFIABLE 0x000380FF /* User modifiable flags */
9798 #define SYNC_FILE_RANGE_WAIT_BEFORE 1
9799 #define SYNC_FILE_RANGE_WRITE 2
9800 #define SYNC_FILE_RANGE_WAIT_AFTER 4
9801 @@ -334,6 +351,7 @@ typedef void (dio_iodone_t)(struct kiocb
9802 #define ATTR_FILE 8192
9803 #define ATTR_KILL_PRIV 16384
9804 #define ATTR_OPEN 32768 /* Truncating from open(O_TRUNC) */
9805 +#define ATTR_TAG 65536
9808 * This is the Inode Attributes structure, used for notify_change(). It
9809 @@ -349,6 +367,7 @@ struct iattr {
9815 struct timespec ia_atime;
9816 struct timespec ia_mtime;
9817 @@ -362,6 +381,9 @@ struct iattr {
9818 struct file *ia_file;
9821 +#define ATTR_FLAG_BARRIER 512 /* Barrier for chroot() */
9822 +#define ATTR_FLAG_IUNLINK 1024 /* Immutable unlink */
9825 * Includes for diskquotas.
9827 @@ -600,7 +622,9 @@ struct inode {
9828 unsigned int i_nlink;
9836 #ifdef __NEED_I_SIZE_ORDERED
9837 @@ -735,12 +759,12 @@ static inline void i_size_write(struct i
9839 static inline unsigned iminor(const struct inode *inode)
9841 - return MINOR(inode->i_rdev);
9842 + return MINOR(inode->i_mdev);
9845 static inline unsigned imajor(const struct inode *inode)
9847 - return MAJOR(inode->i_rdev);
9848 + return MAJOR(inode->i_mdev);
9851 extern struct block_device *I_BDEV(struct inode *inode);
9852 @@ -795,6 +819,7 @@ struct file {
9854 struct fown_struct f_owner;
9855 unsigned int f_uid, f_gid;
9857 struct file_ra_state f_ra;
9860 @@ -879,6 +904,7 @@ struct file_lock {
9861 unsigned char fl_type;
9866 struct fasync_struct * fl_fasync; /* for lease break notifications */
9867 unsigned long fl_break_time; /* for nonblocking lease breaks */
9868 @@ -1076,12 +1102,12 @@ extern void unlock_super(struct super_bl
9870 extern int vfs_permission(struct nameidata *, int);
9871 extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
9872 -extern int vfs_mkdir(struct inode *, struct dentry *, int);
9873 -extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t);
9874 -extern int vfs_symlink(struct inode *, struct dentry *, const char *, int);
9875 -extern int vfs_link(struct dentry *, struct inode *, struct dentry *);
9876 -extern int vfs_rmdir(struct inode *, struct dentry *);
9877 -extern int vfs_unlink(struct inode *, struct dentry *);
9878 +extern int vfs_mkdir(struct inode *, struct dentry *, int, struct nameidata *);
9879 +extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t, struct nameidata *);
9880 +extern int vfs_symlink(struct inode *, struct dentry *, const char *, int, struct nameidata *);
9881 +extern int vfs_link(struct dentry *, struct inode *, struct dentry *, struct nameidata *);
9882 +extern int vfs_rmdir(struct inode *, struct dentry *, struct nameidata *);
9883 +extern int vfs_unlink(struct inode *, struct dentry *, struct nameidata *);
9884 extern int vfs_rename(struct inode *, struct dentry *, struct inode *, struct dentry *);
9887 @@ -1223,6 +1249,7 @@ struct inode_operations {
9888 void (*truncate_range)(struct inode *, loff_t, loff_t);
9889 long (*fallocate)(struct inode *inode, int mode, loff_t offset,
9891 + int (*sync_flags) (struct inode *);
9895 @@ -1238,6 +1265,7 @@ extern ssize_t vfs_readv(struct file *,
9896 unsigned long, loff_t *);
9897 extern ssize_t vfs_writev(struct file *, const struct iovec __user *,
9898 unsigned long, loff_t *);
9899 +ssize_t vfs_sendfile(struct file *, struct file *, loff_t *, size_t, loff_t);
9902 * NOTE: write_inode, delete_inode, clear_inode, put_inode can be called
9903 @@ -1934,6 +1962,7 @@ extern int dcache_dir_open(struct inode
9904 extern int dcache_dir_close(struct inode *, struct file *);
9905 extern loff_t dcache_dir_lseek(struct file *, loff_t, int);
9906 extern int dcache_readdir(struct file *, void *, filldir_t);
9907 +extern int dcache_readdir_filter(struct file *, void *, filldir_t, int (*)(struct dentry *));
9908 extern int simple_getattr(struct vfsmount *, struct dentry *, struct kstat *);
9909 extern int simple_statfs(struct dentry *, struct kstatfs *);
9910 extern int simple_link(struct dentry *, struct inode *, struct dentry *);
9911 diff -NurpP --minimal linux-2.6.25/include/linux/if_tun.h linux-2.6.25-vs2.3.0.34.9/include/linux/if_tun.h
9912 --- linux-2.6.25/include/linux/if_tun.h 2008-04-17 12:05:44.000000000 -0400
9913 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/if_tun.h 2008-04-19 15:14:52.000000000 -0400
9915 #define TUNSETOWNER _IOW('T', 204, int)
9916 #define TUNSETLINK _IOW('T', 205, int)
9917 #define TUNSETGROUP _IOW('T', 206, int)
9918 +#define TUNSETNID _IOW('T', 215, int)
9920 /* TUNSETIFF ifr flags */
9921 #define IFF_TUN 0x0001
9922 diff -NurpP --minimal linux-2.6.25/include/linux/init_task.h linux-2.6.25-vs2.3.0.34.9/include/linux/init_task.h
9923 --- linux-2.6.25/include/linux/init_task.h 2008-04-17 12:05:44.000000000 -0400
9924 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/init_task.h 2008-04-19 15:14:52.000000000 -0400
9925 @@ -196,6 +196,10 @@ extern struct group_info init_groups;
9927 INIT_TRACE_IRQFLAGS \
9930 + .vx_info = NULL, \
9932 + .nx_info = NULL, \
9936 diff -NurpP --minimal linux-2.6.25/include/linux/interrupt.h linux-2.6.25-vs2.3.0.34.9/include/linux/interrupt.h
9937 --- linux-2.6.25/include/linux/interrupt.h 2008-04-17 12:05:44.000000000 -0400
9938 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/interrupt.h 2008-04-19 15:14:52.000000000 -0400
9940 #include <linux/preempt.h>
9941 #include <linux/cpumask.h>
9942 #include <linux/irqreturn.h>
9943 -#include <linux/hardirq.h>
9944 #include <linux/sched.h>
9945 +#include <linux/hardirq.h>
9946 #include <linux/irqflags.h>
9947 #include <asm/atomic.h>
9948 #include <asm/ptrace.h>
9949 diff -NurpP --minimal linux-2.6.25/include/linux/ipc.h linux-2.6.25-vs2.3.0.34.9/include/linux/ipc.h
9950 --- linux-2.6.25/include/linux/ipc.h 2008-04-17 12:05:44.000000000 -0400
9951 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/ipc.h 2008-04-19 15:14:52.000000000 -0400
9952 @@ -93,6 +93,7 @@ struct kern_ipc_perm
9960 diff -NurpP --minimal linux-2.6.25/include/linux/Kbuild linux-2.6.25-vs2.3.0.34.9/include/linux/Kbuild
9961 --- linux-2.6.25/include/linux/Kbuild 2008-04-17 12:05:44.000000000 -0400
9962 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/Kbuild 2008-04-19 15:14:52.000000000 -0400
9963 @@ -354,3 +354,6 @@ unifdef-y += xattr.h
9966 objhdr-y += version.h
9968 +header-y += vserver/
9970 diff -NurpP --minimal linux-2.6.25/include/linux/loop.h linux-2.6.25-vs2.3.0.34.9/include/linux/loop.h
9971 --- linux-2.6.25/include/linux/loop.h 2008-04-17 12:05:44.000000000 -0400
9972 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/loop.h 2008-04-19 15:14:52.000000000 -0400
9973 @@ -45,6 +45,7 @@ struct loop_device {
9974 struct loop_func_table *lo_encryption;
9976 uid_t lo_key_owner; /* Who set the key */
9978 int (*ioctl)(struct loop_device *, int cmd,
9981 diff -NurpP --minimal linux-2.6.25/include/linux/magic.h linux-2.6.25-vs2.3.0.34.9/include/linux/magic.h
9982 --- linux-2.6.25/include/linux/magic.h 2008-04-17 11:31:39.000000000 -0400
9983 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/magic.h 2008-04-19 15:14:52.000000000 -0400
9986 #define ADFS_SUPER_MAGIC 0xadf5
9987 #define AFFS_SUPER_MAGIC 0xadff
9988 -#define AFS_SUPER_MAGIC 0x5346414F
9989 +#define AFS_SUPER_MAGIC 0x5346414F
9990 #define AUTOFS_SUPER_MAGIC 0x0187
9991 #define CODA_SUPER_MAGIC 0x73757245
9992 #define EFS_SUPER_MAGIC 0x414A53
9994 #define NFS_SUPER_MAGIC 0x6969
9995 #define OPENPROM_SUPER_MAGIC 0x9fa1
9996 #define PROC_SUPER_MAGIC 0x9fa0
9997 +#define DEVPTS_SUPER_MAGIC 0x1cd1
9998 #define QNX4_SUPER_MAGIC 0x002f /* qnx4 fs detection */
10000 #define REISERFS_SUPER_MAGIC 0x52654973 /* used by gcc */
10001 diff -NurpP --minimal linux-2.6.25/include/linux/major.h linux-2.6.25-vs2.3.0.34.9/include/linux/major.h
10002 --- linux-2.6.25/include/linux/major.h 2008-04-17 10:37:24.000000000 -0400
10003 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/major.h 2008-04-19 15:14:52.000000000 -0400
10005 #define HD_MAJOR IDE0_MAJOR
10006 #define PTY_SLAVE_MAJOR 3
10007 #define TTY_MAJOR 4
10008 +#define VROOT_MAJOR 4
10009 #define TTYAUX_MAJOR 5
10011 #define VCS_MAJOR 7
10012 diff -NurpP --minimal linux-2.6.25/include/linux/mm_types.h linux-2.6.25-vs2.3.0.34.9/include/linux/mm_types.h
10013 --- linux-2.6.25/include/linux/mm_types.h 2008-04-17 12:05:44.000000000 -0400
10014 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/mm_types.h 2008-04-19 15:14:52.000000000 -0400
10015 @@ -201,6 +201,7 @@ struct mm_struct {
10017 /* Architecture-specific MM context */
10018 mm_context_t context;
10019 + struct vx_info *mm_vx_info;
10021 /* Swap token stuff */
10023 diff -NurpP --minimal linux-2.6.25/include/linux/mount.h linux-2.6.25-vs2.3.0.34.9/include/linux/mount.h
10024 --- linux-2.6.25/include/linux/mount.h 2008-04-17 12:05:44.000000000 -0400
10025 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/mount.h 2008-04-19 15:45:19.000000000 -0400
10026 @@ -28,6 +28,9 @@ struct mnt_namespace;
10027 #define MNT_NOATIME 0x08
10028 #define MNT_NODIRATIME 0x10
10029 #define MNT_RELATIME 0x20
10030 +#define MNT_RDONLY 0x40
10032 +#define MNT_IS_RDONLY(m) ((m) && ((m)->mnt_flags & MNT_RDONLY))
10034 #define MNT_SHRINKABLE 0x100
10036 @@ -35,6 +38,10 @@ struct mnt_namespace;
10037 #define MNT_UNBINDABLE 0x2000 /* if the vfsmount is a unbindable mount */
10038 #define MNT_PNODE_MASK 0x3000 /* propagation flag mask */
10040 +#define MNT_TAGID 0x10000
10041 +#define MNT_NOTAG 0x20000
10042 +#define MNT_NOTAGCHECK 0x40000
10045 struct list_head mnt_hash;
10046 struct vfsmount *mnt_parent; /* fs we are mounted on */
10047 @@ -62,6 +69,7 @@ struct vfsmount {
10048 int mnt_expiry_mark; /* true if marked for expiry */
10051 + tag_t mnt_tag; /* tagging used for vfsmount */
10054 static inline struct vfsmount *mntget(struct vfsmount *mnt)
10055 diff -NurpP --minimal linux-2.6.25/include/linux/net.h linux-2.6.25-vs2.3.0.34.9/include/linux/net.h
10056 --- linux-2.6.25/include/linux/net.h 2008-04-17 12:05:44.000000000 -0400
10057 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/net.h 2008-04-19 15:14:52.000000000 -0400
10058 @@ -65,6 +65,7 @@ typedef enum {
10059 #define SOCK_NOSPACE 2
10060 #define SOCK_PASSCRED 3
10061 #define SOCK_PASSSEC 4
10062 +#define SOCK_USER_SOCKET 5
10064 #ifndef ARCH_HAS_SOCKET_TYPES
10066 diff -NurpP --minimal linux-2.6.25/include/linux/nfs_mount.h linux-2.6.25-vs2.3.0.34.9/include/linux/nfs_mount.h
10067 --- linux-2.6.25/include/linux/nfs_mount.h 2008-04-17 12:05:44.000000000 -0400
10068 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/nfs_mount.h 2008-04-19 15:14:52.000000000 -0400
10069 @@ -63,6 +63,7 @@ struct nfs_mount_data {
10070 #define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 */
10071 #define NFS_MOUNT_NORDIRPLUS 0x4000 /* 5 */
10072 #define NFS_MOUNT_UNSHARED 0x8000 /* 5 */
10073 -#define NFS_MOUNT_FLAGMASK 0xFFFF
10074 +#define NFS_MOUNT_TAGGED 0x10000 /* context tagging */
10075 +#define NFS_MOUNT_FLAGMASK 0x1FFFF
10078 diff -NurpP --minimal linux-2.6.25/include/linux/nsproxy.h linux-2.6.25-vs2.3.0.34.9/include/linux/nsproxy.h
10079 --- linux-2.6.25/include/linux/nsproxy.h 2008-04-17 11:31:39.000000000 -0400
10080 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/nsproxy.h 2008-04-19 15:14:52.000000000 -0400
10083 #include <linux/spinlock.h>
10084 #include <linux/sched.h>
10085 +#include <linux/vserver/debug.h>
10087 struct mnt_namespace;
10088 struct uts_namespace;
10089 @@ -63,22 +64,33 @@ static inline struct nsproxy *task_nspro
10092 int copy_namespaces(unsigned long flags, struct task_struct *tsk);
10093 +struct nsproxy *copy_nsproxy(struct nsproxy *orig);
10094 void exit_task_namespaces(struct task_struct *tsk);
10095 void switch_task_namespaces(struct task_struct *tsk, struct nsproxy *new);
10096 void free_nsproxy(struct nsproxy *ns);
10097 int unshare_nsproxy_namespaces(unsigned long, struct nsproxy **,
10098 struct fs_struct *);
10100 -static inline void put_nsproxy(struct nsproxy *ns)
10101 +#define get_nsproxy(n) __get_nsproxy(n, __FILE__, __LINE__)
10103 +static inline void __get_nsproxy(struct nsproxy *ns,
10104 + const char *_file, int _line)
10106 - if (atomic_dec_and_test(&ns->count)) {
10107 - free_nsproxy(ns);
10109 + vxlprintk(VXD_CBIT(space, 0), "get_nsproxy(%p[%u])",
10110 + ns, atomic_read(&ns->count), _file, _line);
10111 + atomic_inc(&ns->count);
10114 -static inline void get_nsproxy(struct nsproxy *ns)
10115 +#define put_nsproxy(n) __put_nsproxy(n, __FILE__, __LINE__)
10117 +static inline void __put_nsproxy(struct nsproxy *ns,
10118 + const char *_file, int _line)
10120 - atomic_inc(&ns->count);
10121 + vxlprintk(VXD_CBIT(space, 0), "put_nsproxy(%p[%u])",
10122 + ns, atomic_read(&ns->count), _file, _line);
10123 + if (atomic_dec_and_test(&ns->count)) {
10124 + free_nsproxy(ns);
10128 #ifdef CONFIG_CGROUP_NS
10129 diff -NurpP --minimal linux-2.6.25/include/linux/pid.h linux-2.6.25-vs2.3.0.34.9/include/linux/pid.h
10130 --- linux-2.6.25/include/linux/pid.h 2008-04-17 12:05:44.000000000 -0400
10131 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/pid.h 2008-04-29 17:56:00.000000000 -0400
10132 @@ -8,7 +8,8 @@ enum pid_type
10142 @@ -142,6 +143,7 @@ static inline pid_t pid_nr(struct pid *p
10145 pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns);
10146 +pid_t pid_unmapped_nr_ns(struct pid *pid, struct pid_namespace *ns);
10147 pid_t pid_vnr(struct pid *pid);
10149 #define do_each_pid_task(pid, type, task) \
10150 diff -NurpP --minimal linux-2.6.25/include/linux/proc_fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/proc_fs.h
10151 --- linux-2.6.25/include/linux/proc_fs.h 2008-04-17 12:05:44.000000000 -0400
10152 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/proc_fs.h 2008-04-19 15:44:54.000000000 -0400
10153 @@ -59,6 +59,7 @@ struct proc_dir_entry {
10159 const struct inode_operations *proc_iops;
10161 @@ -265,16 +266,23 @@ static inline void kclist_add(struct kco
10162 extern void kclist_add(struct kcore_list *, void *, size_t);
10169 int (*proc_get_link)(struct inode *, struct path *);
10170 int (*proc_read)(struct task_struct *task, char *page);
10171 int (*proc_show)(struct seq_file *m,
10172 struct pid_namespace *ns, struct pid *pid,
10173 struct task_struct *task);
10174 + int (*proc_vs_read)(char *page);
10175 + int (*proc_vxi_read)(struct vx_info *vxi, char *page);
10176 + int (*proc_nxi_read)(struct nx_info *nxi, char *page);
10179 struct proc_inode {
10184 struct proc_dir_entry *pde;
10185 diff -NurpP --minimal linux-2.6.25/include/linux/reiserfs_fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/reiserfs_fs.h
10186 --- linux-2.6.25/include/linux/reiserfs_fs.h 2008-04-17 12:05:44.000000000 -0400
10187 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/reiserfs_fs.h 2008-04-19 15:14:52.000000000 -0400
10188 @@ -837,6 +837,10 @@ struct stat_data_v1 {
10189 #define REISERFS_COMPR_FL FS_COMPR_FL
10190 #define REISERFS_NOTAIL_FL FS_NOTAIL_FL
10192 +/* unfortunately reiserfs sdattr is only 16 bit */
10193 +#define REISERFS_BARRIER_FL (FS_BARRIER_FL >> 16)
10194 +#define REISERFS_IUNLINK_FL (FS_IUNLINK_FL >> 16)
10196 /* persistent flags that file inherits from the parent directory */
10197 #define REISERFS_INHERIT_MASK ( REISERFS_IMMUTABLE_FL | \
10198 REISERFS_SYNC_FL | \
10199 @@ -846,6 +850,9 @@ struct stat_data_v1 {
10200 REISERFS_COMPR_FL | \
10201 REISERFS_NOTAIL_FL )
10203 +#define REISERFS_FL_USER_VISIBLE 0x80FF
10204 +#define REISERFS_FL_USER_MODIFIABLE 0x80FF
10206 /* Stat Data on disk (reiserfs version of UFS disk inode minus the
10209 @@ -1911,6 +1918,7 @@ static inline void reiserfs_update_sd(st
10210 void sd_attrs_to_i_attrs(__u16 sd_attrs, struct inode *inode);
10211 void i_attrs_to_sd_attrs(struct inode *inode, __u16 * sd_attrs);
10212 int reiserfs_setattr(struct dentry *dentry, struct iattr *attr);
10213 +int reiserfs_sync_flags(struct inode *inode);
10216 void set_de_name_and_namelen(struct reiserfs_dir_entry *de);
10217 diff -NurpP --minimal linux-2.6.25/include/linux/reiserfs_fs_sb.h linux-2.6.25-vs2.3.0.34.9/include/linux/reiserfs_fs_sb.h
10218 --- linux-2.6.25/include/linux/reiserfs_fs_sb.h 2008-04-17 12:05:44.000000000 -0400
10219 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/reiserfs_fs_sb.h 2008-04-19 15:14:52.000000000 -0400
10220 @@ -456,6 +456,7 @@ enum reiserfs_mount_options {
10222 REISERFS_BARRIER_NONE,
10223 REISERFS_BARRIER_FLUSH,
10226 /* Actions on error */
10227 REISERFS_ERROR_PANIC,
10228 diff -NurpP --minimal linux-2.6.25/include/linux/sched.h linux-2.6.25-vs2.3.0.34.9/include/linux/sched.h
10229 --- linux-2.6.25/include/linux/sched.h 2008-04-17 12:05:44.000000000 -0400
10230 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/sched.h 2008-04-21 11:09:01.000000000 -0400
10231 @@ -73,7 +73,6 @@ struct sched_param {
10232 #include <linux/fs_struct.h>
10233 #include <linux/compiler.h>
10234 #include <linux/completion.h>
10235 -#include <linux/pid.h>
10236 #include <linux/percpu.h>
10237 #include <linux/topology.h>
10238 #include <linux/proportions.h>
10239 @@ -89,6 +88,7 @@ struct sched_param {
10240 #include <linux/task_io_accounting.h>
10241 #include <linux/kobject.h>
10242 #include <linux/latencytop.h>
10243 +#include <linux/pid.h>
10245 #include <asm/processor.h>
10247 @@ -355,25 +355,27 @@ extern void arch_unmap_area_topdown(stru
10248 * The mm counters are not protected by its page_table_lock,
10249 * so must be incremented atomically.
10251 -#define set_mm_counter(mm, member, value) atomic_long_set(&(mm)->_##member, value)
10252 -#define get_mm_counter(mm, member) ((unsigned long)atomic_long_read(&(mm)->_##member))
10253 -#define add_mm_counter(mm, member, value) atomic_long_add(value, &(mm)->_##member)
10254 -#define inc_mm_counter(mm, member) atomic_long_inc(&(mm)->_##member)
10255 -#define dec_mm_counter(mm, member) atomic_long_dec(&(mm)->_##member)
10257 +#define __set_mm_counter(mm, member, value) \
10258 + atomic_long_set(&(mm)->_##member, value)
10259 +#define get_mm_counter(mm, member) \
10260 + ((unsigned long)atomic_long_read(&(mm)->_##member))
10261 #else /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
10263 * The mm counters are protected by its page_table_lock,
10264 * so can be incremented directly.
10266 -#define set_mm_counter(mm, member, value) (mm)->_##member = (value)
10267 +#define __set_mm_counter(mm, member, value) (mm)->_##member = (value)
10268 #define get_mm_counter(mm, member) ((mm)->_##member)
10269 -#define add_mm_counter(mm, member, value) (mm)->_##member += (value)
10270 -#define inc_mm_counter(mm, member) (mm)->_##member++
10271 -#define dec_mm_counter(mm, member) (mm)->_##member--
10273 #endif /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
10275 +#define set_mm_counter(mm, member, value) \
10276 + vx_ ## member ## pages_sub((mm), (get_mm_counter(mm, member) - value))
10277 +#define add_mm_counter(mm, member, value) \
10278 + vx_ ## member ## pages_add((mm), (value))
10279 +#define inc_mm_counter(mm, member) vx_ ## member ## pages_inc((mm))
10280 +#define dec_mm_counter(mm, member) vx_ ## member ## pages_dec((mm))
10282 #define get_mm_rss(mm) \
10283 (get_mm_counter(mm, file_rss) + get_mm_counter(mm, anon_rss))
10284 #define update_hiwater_rss(mm) do { \
10285 @@ -1162,6 +1164,14 @@ struct task_struct {
10289 +/* vserver context data */
10290 + struct vx_info *vx_info;
10291 + struct nx_info *nx_info;
10297 /* Thread group tracking */
10298 u32 parent_exec_id;
10300 @@ -1350,6 +1360,11 @@ struct pid_namespace;
10301 * see also pid_nr() etc in include/linux/pid.h
10304 +#include <linux/vserver/base.h>
10305 +#include <linux/vserver/context.h>
10306 +#include <linux/vserver/debug.h>
10307 +#include <linux/vserver/pid.h>
10309 static inline pid_t task_pid_nr(struct task_struct *tsk)
10312 @@ -1359,7 +1374,7 @@ pid_t task_pid_nr_ns(struct task_struct
10314 static inline pid_t task_pid_vnr(struct task_struct *tsk)
10316 - return pid_vnr(task_pid(tsk));
10317 + return vx_map_pid(pid_vnr(task_pid(tsk)));
10321 @@ -1372,7 +1387,7 @@ pid_t task_tgid_nr_ns(struct task_struct
10323 static inline pid_t task_tgid_vnr(struct task_struct *tsk)
10325 - return pid_vnr(task_tgid(tsk));
10326 + return vx_map_tgid(pid_vnr(task_tgid(tsk)));
10330 diff -NurpP --minimal linux-2.6.25/include/linux/shmem_fs.h linux-2.6.25-vs2.3.0.34.9/include/linux/shmem_fs.h
10331 --- linux-2.6.25/include/linux/shmem_fs.h 2008-04-17 12:05:44.000000000 -0400
10332 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/shmem_fs.h 2008-04-19 15:14:52.000000000 -0400
10335 #define SHMEM_NR_DIRECT 16
10337 +#define TMPFS_SUPER_MAGIC 0x01021994
10340 struct shmem_inode_info {
10342 unsigned long flags;
10343 diff -NurpP --minimal linux-2.6.25/include/linux/stat.h linux-2.6.25-vs2.3.0.34.9/include/linux/stat.h
10344 --- linux-2.6.25/include/linux/stat.h 2008-04-17 10:33:07.000000000 -0400
10345 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/stat.h 2008-04-19 15:14:52.000000000 -0400
10346 @@ -66,6 +66,7 @@ struct kstat {
10347 unsigned int nlink;
10353 struct timespec atime;
10354 diff -NurpP --minimal linux-2.6.25/include/linux/sunrpc/auth.h linux-2.6.25-vs2.3.0.34.9/include/linux/sunrpc/auth.h
10355 --- linux-2.6.25/include/linux/sunrpc/auth.h 2008-04-17 10:37:24.000000000 -0400
10356 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/sunrpc/auth.h 2008-04-19 15:14:52.000000000 -0400
10362 struct group_info *group_info;
10365 diff -NurpP --minimal linux-2.6.25/include/linux/sunrpc/clnt.h linux-2.6.25-vs2.3.0.34.9/include/linux/sunrpc/clnt.h
10366 --- linux-2.6.25/include/linux/sunrpc/clnt.h 2008-04-17 12:05:44.000000000 -0400
10367 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/sunrpc/clnt.h 2008-04-19 15:14:52.000000000 -0400
10368 @@ -42,7 +42,8 @@ struct rpc_clnt {
10370 unsigned int cl_softrtry : 1,/* soft timeouts */
10371 cl_discrtry : 1,/* disconnect before retry */
10372 - cl_autobind : 1;/* use getport() */
10373 + cl_autobind : 1,/* use getport() */
10374 + cl_tag : 1;/* context tagging */
10376 struct rpc_rtt * cl_rtt; /* RTO estimator data */
10377 const struct rpc_timeout *cl_timeout; /* Timeout strategy */
10378 diff -NurpP --minimal linux-2.6.25/include/linux/syscalls.h linux-2.6.25-vs2.3.0.34.9/include/linux/syscalls.h
10379 --- linux-2.6.25/include/linux/syscalls.h 2008-04-17 12:05:44.000000000 -0400
10380 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/syscalls.h 2008-04-19 15:14:52.000000000 -0400
10381 @@ -294,6 +294,8 @@ asmlinkage long sys_symlink(const char _
10382 asmlinkage long sys_unlink(const char __user *pathname);
10383 asmlinkage long sys_rename(const char __user *oldname,
10384 const char __user *newname);
10385 +asmlinkage long sys_copyfile(const char __user *from, const char __user *to,
10387 asmlinkage long sys_chmod(const char __user *filename, mode_t mode);
10388 asmlinkage long sys_fchmod(unsigned int fd, mode_t mode);
10390 diff -NurpP --minimal linux-2.6.25/include/linux/sysctl.h linux-2.6.25-vs2.3.0.34.9/include/linux/sysctl.h
10391 --- linux-2.6.25/include/linux/sysctl.h 2008-04-17 12:05:44.000000000 -0400
10392 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/sysctl.h 2008-04-19 15:14:52.000000000 -0400
10393 @@ -70,6 +70,7 @@ enum
10394 CTL_ABI=9, /* Binary emulation */
10395 CTL_CPU=10, /* CPU stuff (speed scaling, etc) */
10396 CTL_ARLAN=254, /* arlan wireless driver */
10397 + CTL_VSERVER=4242, /* Linux-VServer debug */
10398 CTL_S390DBF=5677, /* s390 debug */
10399 CTL_SUNRPC=7249, /* sunrpc debug */
10400 CTL_PM=9899, /* frv power management */
10401 @@ -104,6 +105,7 @@ enum
10403 KERN_PANIC=15, /* int: panic timeout */
10404 KERN_REALROOTDEV=16, /* real root device to mount after initrd */
10405 + KERN_VSHELPER=17, /* string: path to vshelper policy agent */
10407 KERN_SPARC_REBOOT=21, /* reboot command on Sparc */
10408 KERN_CTLALTDEL=22, /* int: allow ctl-alt-del to reboot */
10409 diff -NurpP --minimal linux-2.6.25/include/linux/sysfs.h linux-2.6.25-vs2.3.0.34.9/include/linux/sysfs.h
10410 --- linux-2.6.25/include/linux/sysfs.h 2008-04-17 12:05:44.000000000 -0400
10411 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/sysfs.h 2008-04-19 15:14:52.000000000 -0400
10413 #include <linux/list.h>
10414 #include <asm/atomic.h>
10416 +#define SYSFS_SUPER_MAGIC 0x62656572
10421 diff -NurpP --minimal linux-2.6.25/include/linux/time.h linux-2.6.25-vs2.3.0.34.9/include/linux/time.h
10422 --- linux-2.6.25/include/linux/time.h 2008-04-17 12:05:44.000000000 -0400
10423 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/time.h 2008-04-19 15:14:52.000000000 -0400
10424 @@ -183,6 +183,9 @@ static inline void timespec_add_ns(struc
10429 +#include <linux/vs_time.h>
10431 #endif /* __KERNEL__ */
10433 #define NFDBITS __NFDBITS
10434 diff -NurpP --minimal linux-2.6.25/include/linux/types.h linux-2.6.25-vs2.3.0.34.9/include/linux/types.h
10435 --- linux-2.6.25/include/linux/types.h 2008-04-17 12:05:44.000000000 -0400
10436 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/types.h 2008-04-19 15:14:52.000000000 -0400
10437 @@ -36,6 +36,9 @@ typedef __kernel_uid32_t uid_t;
10438 typedef __kernel_gid32_t gid_t;
10439 typedef __kernel_uid16_t uid16_t;
10440 typedef __kernel_gid16_t gid16_t;
10441 +typedef unsigned int xid_t;
10442 +typedef unsigned int nid_t;
10443 +typedef unsigned int tag_t;
10445 typedef unsigned long uintptr_t;
10447 diff -NurpP --minimal linux-2.6.25/include/linux/vroot.h linux-2.6.25-vs2.3.0.34.9/include/linux/vroot.h
10448 --- linux-2.6.25/include/linux/vroot.h 1969-12-31 19:00:00.000000000 -0500
10449 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vroot.h 2008-04-19 15:14:52.000000000 -0400
10453 + * include/linux/vroot.h
10455 + * written by Herbert Pötzl, 9/11/2002
10456 + * ported to 2.6 by Herbert Pötzl, 30/12/2004
10458 + * Copyright (C) 2002-2007 by Herbert Pötzl.
10459 + * Redistribution of this file is permitted under the
10460 + * GNU General Public License.
10463 +#ifndef _LINUX_VROOT_H
10464 +#define _LINUX_VROOT_H
10469 +/* Possible states of device */
10475 +struct vroot_device {
10479 + struct semaphore vr_ctl_mutex;
10480 + struct block_device *vr_device;
10485 +typedef struct block_device *(vroot_grb_func)(struct block_device *);
10487 +extern int register_vroot_grb(vroot_grb_func *);
10488 +extern int unregister_vroot_grb(vroot_grb_func *);
10490 +#endif /* __KERNEL__ */
10492 +#define MAX_VROOT_DEFAULT 8
10495 + * IOCTL commands --- we will commandeer 0x56 ('V')
10498 +#define VROOT_SET_DEV 0x5600
10499 +#define VROOT_CLR_DEV 0x5601
10501 +#endif /* _LINUX_VROOT_H */
10502 diff -NurpP --minimal linux-2.6.25/include/linux/vs_base.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_base.h
10503 --- linux-2.6.25/include/linux/vs_base.h 1969-12-31 19:00:00.000000000 -0500
10504 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_base.h 2008-04-19 15:14:52.000000000 -0400
10506 +#ifndef _VS_BASE_H
10507 +#define _VS_BASE_H
10509 +#include "vserver/base.h"
10510 +#include "vserver/check.h"
10511 +#include "vserver/debug.h"
10514 +#warning duplicate inclusion
10516 diff -NurpP --minimal linux-2.6.25/include/linux/vs_context.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_context.h
10517 --- linux-2.6.25/include/linux/vs_context.h 1969-12-31 19:00:00.000000000 -0500
10518 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_context.h 2008-04-29 18:42:09.000000000 -0400
10520 +#ifndef _VS_CONTEXT_H
10521 +#define _VS_CONTEXT_H
10523 +#include "vserver/base.h"
10524 +#include "vserver/check.h"
10525 +#include "vserver/context.h"
10526 +#include "vserver/history.h"
10527 +#include "vserver/debug.h"
10529 +#include <linux/sched.h>
10532 +#define get_vx_info(i) __get_vx_info(i, __FILE__, __LINE__, __HERE__)
10534 +static inline struct vx_info *__get_vx_info(struct vx_info *vxi,
10535 + const char *_file, int _line, void *_here)
10540 + vxlprintk(VXD_CBIT(xid, 2), "get_vx_info(%p[#%d.%d])",
10541 + vxi, vxi ? vxi->vx_id : 0,
10542 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
10544 + __vxh_get_vx_info(vxi, _here);
10546 + atomic_inc(&vxi->vx_usecnt);
10551 +extern void free_vx_info(struct vx_info *);
10553 +#define put_vx_info(i) __put_vx_info(i, __FILE__, __LINE__, __HERE__)
10555 +static inline void __put_vx_info(struct vx_info *vxi,
10556 + const char *_file, int _line, void *_here)
10561 + vxlprintk(VXD_CBIT(xid, 2), "put_vx_info(%p[#%d.%d])",
10562 + vxi, vxi ? vxi->vx_id : 0,
10563 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
10565 + __vxh_put_vx_info(vxi, _here);
10567 + if (atomic_dec_and_test(&vxi->vx_usecnt))
10568 + free_vx_info(vxi);
10572 +#define init_vx_info(p, i) \
10573 + __init_vx_info(p, i, __FILE__, __LINE__, __HERE__)
10575 +static inline void __init_vx_info(struct vx_info **vxp, struct vx_info *vxi,
10576 + const char *_file, int _line, void *_here)
10579 + vxlprintk(VXD_CBIT(xid, 3),
10580 + "init_vx_info(%p[#%d.%d])",
10581 + vxi, vxi ? vxi->vx_id : 0,
10582 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
10584 + __vxh_init_vx_info(vxi, vxp, _here);
10586 + atomic_inc(&vxi->vx_usecnt);
10592 +#define set_vx_info(p, i) \
10593 + __set_vx_info(p, i, __FILE__, __LINE__, __HERE__)
10595 +static inline void __set_vx_info(struct vx_info **vxp, struct vx_info *vxi,
10596 + const char *_file, int _line, void *_here)
10598 + struct vx_info *vxo;
10603 + vxlprintk(VXD_CBIT(xid, 3), "set_vx_info(%p[#%d.%d])",
10604 + vxi, vxi ? vxi->vx_id : 0,
10605 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
10607 + __vxh_set_vx_info(vxi, vxp, _here);
10609 + atomic_inc(&vxi->vx_usecnt);
10610 + vxo = xchg(vxp, vxi);
10615 +#define clr_vx_info(p) __clr_vx_info(p, __FILE__, __LINE__, __HERE__)
10617 +static inline void __clr_vx_info(struct vx_info **vxp,
10618 + const char *_file, int _line, void *_here)
10620 + struct vx_info *vxo;
10622 + vxo = xchg(vxp, NULL);
10626 + vxlprintk(VXD_CBIT(xid, 3), "clr_vx_info(%p[#%d.%d])",
10627 + vxo, vxo ? vxo->vx_id : 0,
10628 + vxo ? atomic_read(&vxo->vx_usecnt) : 0,
10630 + __vxh_clr_vx_info(vxo, vxp, _here);
10632 + if (atomic_dec_and_test(&vxo->vx_usecnt))
10633 + free_vx_info(vxo);
10637 +#define claim_vx_info(v, p) \
10638 + __claim_vx_info(v, p, __FILE__, __LINE__, __HERE__)
10640 +static inline void __claim_vx_info(struct vx_info *vxi,
10641 + struct task_struct *task,
10642 + const char *_file, int _line, void *_here)
10644 + vxlprintk(VXD_CBIT(xid, 3), "claim_vx_info(%p[#%d.%d.%d]) %p",
10645 + vxi, vxi ? vxi->vx_id : 0,
10646 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
10647 + vxi ? atomic_read(&vxi->vx_tasks) : 0,
10648 + task, _file, _line);
10649 + __vxh_claim_vx_info(vxi, task, _here);
10651 + atomic_inc(&vxi->vx_tasks);
10655 +extern void unhash_vx_info(struct vx_info *);
10657 +#define release_vx_info(v, p) \
10658 + __release_vx_info(v, p, __FILE__, __LINE__, __HERE__)
10660 +static inline void __release_vx_info(struct vx_info *vxi,
10661 + struct task_struct *task,
10662 + const char *_file, int _line, void *_here)
10664 + vxlprintk(VXD_CBIT(xid, 3), "release_vx_info(%p[#%d.%d.%d]) %p",
10665 + vxi, vxi ? vxi->vx_id : 0,
10666 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
10667 + vxi ? atomic_read(&vxi->vx_tasks) : 0,
10668 + task, _file, _line);
10669 + __vxh_release_vx_info(vxi, task, _here);
10673 + if (atomic_dec_and_test(&vxi->vx_tasks))
10674 + unhash_vx_info(vxi);
10678 +#define task_get_vx_info(p) \
10679 + __task_get_vx_info(p, __FILE__, __LINE__, __HERE__)
10681 +static inline struct vx_info *__task_get_vx_info(struct task_struct *p,
10682 + const char *_file, int _line, void *_here)
10684 + struct vx_info *vxi;
10687 + vxlprintk(VXD_CBIT(xid, 5), "task_get_vx_info(%p)",
10688 + p, _file, _line);
10689 + vxi = __get_vx_info(p->vx_info, _file, _line, _here);
10695 +static inline void __wakeup_vx_info(struct vx_info *vxi)
10697 + if (waitqueue_active(&vxi->vx_wait))
10698 + wake_up_interruptible(&vxi->vx_wait);
10702 +#define enter_vx_info(v, s) __enter_vx_info(v, s, __FILE__, __LINE__)
10704 +static inline void __enter_vx_info(struct vx_info *vxi,
10705 + struct vx_info_save *vxis, const char *_file, int _line)
10707 + vxlprintk(VXD_CBIT(xid, 5), "enter_vx_info(%p[#%d],%p) %p[#%d,%p]",
10708 + vxi, vxi ? vxi->vx_id : 0, vxis, current,
10709 + current->xid, current->vx_info, _file, _line);
10710 + vxis->vxi = xchg(¤t->vx_info, vxi);
10711 + vxis->xid = current->xid;
10712 + current->xid = vxi ? vxi->vx_id : 0;
10715 +#define leave_vx_info(s) __leave_vx_info(s, __FILE__, __LINE__)
10717 +static inline void __leave_vx_info(struct vx_info_save *vxis,
10718 + const char *_file, int _line)
10720 + vxlprintk(VXD_CBIT(xid, 5), "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]",
10721 + vxis, vxis->xid, vxis->vxi, current,
10722 + current->xid, current->vx_info, _file, _line);
10723 + (void)xchg(¤t->vx_info, vxis->vxi);
10724 + current->xid = vxis->xid;
10728 +static inline void __enter_vx_admin(struct vx_info_save *vxis)
10730 + vxis->vxi = xchg(¤t->vx_info, NULL);
10731 + vxis->xid = xchg(¤t->xid, (xid_t)0);
10734 +static inline void __leave_vx_admin(struct vx_info_save *vxis)
10736 + (void)xchg(¤t->xid, vxis->xid);
10737 + (void)xchg(¤t->vx_info, vxis->vxi);
10740 +extern void exit_vx_info(struct task_struct *, int);
10741 +extern void exit_vx_info_early(struct task_struct *, int);
10745 +#warning duplicate inclusion
10747 diff -NurpP --minimal linux-2.6.25/include/linux/vs_cowbl.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_cowbl.h
10748 --- linux-2.6.25/include/linux/vs_cowbl.h 1969-12-31 19:00:00.000000000 -0500
10749 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_cowbl.h 2008-04-21 13:49:51.000000000 -0400
10751 +#ifndef _VS_COWBL_H
10752 +#define _VS_COWBL_H
10754 +#include <linux/fs.h>
10755 +#include <linux/dcache.h>
10756 +#include <linux/namei.h>
10758 +extern struct dentry *cow_break_link(const char *pathname);
10760 +static inline int cow_check_and_break(struct nameidata *nd)
10762 + struct inode *inode = nd->path.dentry->d_inode;
10764 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd->path.mnt))
10766 + if (IS_COW(inode)) {
10767 + if (IS_COW_LINK(inode)) {
10768 + struct dentry *new_dentry, *old_dentry = nd->path.dentry;
10769 + char *path, *buf;
10771 + buf = kmalloc(PATH_MAX, GFP_KERNEL);
10775 + path = d_path(&nd->path, buf, PATH_MAX);
10776 + new_dentry = cow_break_link(path);
10778 + if (!IS_ERR(new_dentry)) {
10779 + nd->path.dentry = new_dentry;
10780 + dput(old_dentry);
10782 + error = PTR_ERR(new_dentry);
10784 + inode->i_flags &= ~(S_IUNLINK | S_IMMUTABLE);
10785 + inode->i_ctime = CURRENT_TIME;
10786 + mark_inode_dirty(inode);
10793 +#warning duplicate inclusion
10795 diff -NurpP --minimal linux-2.6.25/include/linux/vs_cvirt.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_cvirt.h
10796 --- linux-2.6.25/include/linux/vs_cvirt.h 1969-12-31 19:00:00.000000000 -0500
10797 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_cvirt.h 2008-04-19 15:14:52.000000000 -0400
10799 +#ifndef _VS_CVIRT_H
10800 +#define _VS_CVIRT_H
10802 +#include "vserver/cvirt.h"
10803 +#include "vserver/context.h"
10804 +#include "vserver/base.h"
10805 +#include "vserver/check.h"
10806 +#include "vserver/debug.h"
10809 +static inline void vx_activate_task(struct task_struct *p)
10811 + struct vx_info *vxi;
10813 + if ((vxi = p->vx_info)) {
10814 + vx_update_load(vxi);
10815 + atomic_inc(&vxi->cvirt.nr_running);
10819 +static inline void vx_deactivate_task(struct task_struct *p)
10821 + struct vx_info *vxi;
10823 + if ((vxi = p->vx_info)) {
10824 + vx_update_load(vxi);
10825 + atomic_dec(&vxi->cvirt.nr_running);
10829 +static inline void vx_uninterruptible_inc(struct task_struct *p)
10831 + struct vx_info *vxi;
10833 + if ((vxi = p->vx_info))
10834 + atomic_inc(&vxi->cvirt.nr_uninterruptible);
10837 +static inline void vx_uninterruptible_dec(struct task_struct *p)
10839 + struct vx_info *vxi;
10841 + if ((vxi = p->vx_info))
10842 + atomic_dec(&vxi->cvirt.nr_uninterruptible);
10847 +#warning duplicate inclusion
10849 diff -NurpP --minimal linux-2.6.25/include/linux/vs_device.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_device.h
10850 --- linux-2.6.25/include/linux/vs_device.h 1969-12-31 19:00:00.000000000 -0500
10851 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_device.h 2008-04-19 15:14:52.000000000 -0400
10853 +#ifndef _VS_DEVICE_H
10854 +#define _VS_DEVICE_H
10856 +#include "vserver/base.h"
10857 +#include "vserver/device.h"
10858 +#include "vserver/debug.h"
10861 +#ifdef CONFIG_VSERVER_DEVICE
10863 +int vs_map_device(struct vx_info *, dev_t, dev_t *, umode_t);
10865 +#define vs_device_perm(v, d, m, p) \
10866 + ((vs_map_device(current_vx_info(), d, NULL, m) & (p)) == (p))
10871 +int vs_map_device(struct vx_info *vxi,
10872 + dev_t device, dev_t *target, umode_t mode)
10875 + *target = device;
10879 +#define vs_device_perm(v, d, m, p) ((p) == (p))
10884 +#define vs_map_chrdev(d, t, p) \
10885 + ((vs_map_device(current_vx_info(), d, t, S_IFCHR) & (p)) == (p))
10886 +#define vs_map_blkdev(d, t, p) \
10887 + ((vs_map_device(current_vx_info(), d, t, S_IFBLK) & (p)) == (p))
10889 +#define vs_chrdev_perm(d, p) \
10890 + vs_device_perm(current_vx_info(), d, S_IFCHR, p)
10891 +#define vs_blkdev_perm(d, p) \
10892 + vs_device_perm(current_vx_info(), d, S_IFBLK, p)
10896 +#warning duplicate inclusion
10898 diff -NurpP --minimal linux-2.6.25/include/linux/vs_dlimit.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_dlimit.h
10899 --- linux-2.6.25/include/linux/vs_dlimit.h 1969-12-31 19:00:00.000000000 -0500
10900 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_dlimit.h 2008-04-19 15:14:52.000000000 -0400
10902 +#ifndef _VS_DLIMIT_H
10903 +#define _VS_DLIMIT_H
10905 +#include <linux/fs.h>
10907 +#include "vserver/dlimit.h"
10908 +#include "vserver/base.h"
10909 +#include "vserver/debug.h"
10912 +#define get_dl_info(i) __get_dl_info(i, __FILE__, __LINE__)
10914 +static inline struct dl_info *__get_dl_info(struct dl_info *dli,
10915 + const char *_file, int _line)
10919 + vxlprintk(VXD_CBIT(dlim, 4), "get_dl_info(%p[#%d.%d])",
10920 + dli, dli ? dli->dl_tag : 0,
10921 + dli ? atomic_read(&dli->dl_usecnt) : 0,
10923 + atomic_inc(&dli->dl_usecnt);
10928 +#define free_dl_info(i) \
10929 + call_rcu(&(i)->dl_rcu, rcu_free_dl_info)
10931 +#define put_dl_info(i) __put_dl_info(i, __FILE__, __LINE__)
10933 +static inline void __put_dl_info(struct dl_info *dli,
10934 + const char *_file, int _line)
10938 + vxlprintk(VXD_CBIT(dlim, 4), "put_dl_info(%p[#%d.%d])",
10939 + dli, dli ? dli->dl_tag : 0,
10940 + dli ? atomic_read(&dli->dl_usecnt) : 0,
10942 + if (atomic_dec_and_test(&dli->dl_usecnt))
10943 + free_dl_info(dli);
10947 +#define __dlimit_char(d) ((d) ? '*' : ' ')
10949 +static inline int __dl_alloc_space(struct super_block *sb,
10950 + tag_t tag, dlsize_t nr, const char *file, int line)
10952 + struct dl_info *dli = NULL;
10957 + dli = locate_dl_info(sb, tag);
10961 + spin_lock(&dli->dl_lock);
10962 + ret = (dli->dl_space_used + nr > dli->dl_space_total);
10964 + dli->dl_space_used += nr;
10965 + spin_unlock(&dli->dl_lock);
10966 + put_dl_info(dli);
10968 + vxlprintk(VXD_CBIT(dlim, 1),
10969 + "ALLOC (%p,#%d)%c %lld bytes (%d)",
10970 + sb, tag, __dlimit_char(dli), (long long)nr,
10971 + ret, file, line);
10975 +static inline void __dl_free_space(struct super_block *sb,
10976 + tag_t tag, dlsize_t nr, const char *_file, int _line)
10978 + struct dl_info *dli = NULL;
10982 + dli = locate_dl_info(sb, tag);
10986 + spin_lock(&dli->dl_lock);
10987 + if (dli->dl_space_used > nr)
10988 + dli->dl_space_used -= nr;
10990 + dli->dl_space_used = 0;
10991 + spin_unlock(&dli->dl_lock);
10992 + put_dl_info(dli);
10994 + vxlprintk(VXD_CBIT(dlim, 1),
10995 + "FREE (%p,#%d)%c %lld bytes",
10996 + sb, tag, __dlimit_char(dli), (long long)nr,
11000 +static inline int __dl_alloc_inode(struct super_block *sb,
11001 + tag_t tag, const char *_file, int _line)
11003 + struct dl_info *dli;
11006 + dli = locate_dl_info(sb, tag);
11010 + spin_lock(&dli->dl_lock);
11011 + ret = (dli->dl_inodes_used >= dli->dl_inodes_total);
11013 + dli->dl_inodes_used++;
11014 + spin_unlock(&dli->dl_lock);
11015 + put_dl_info(dli);
11017 + vxlprintk(VXD_CBIT(dlim, 0),
11018 + "ALLOC (%p,#%d)%c inode (%d)",
11019 + sb, tag, __dlimit_char(dli), ret, _file, _line);
11023 +static inline void __dl_free_inode(struct super_block *sb,
11024 + tag_t tag, const char *_file, int _line)
11026 + struct dl_info *dli;
11028 + dli = locate_dl_info(sb, tag);
11032 + spin_lock(&dli->dl_lock);
11033 + if (dli->dl_inodes_used > 1)
11034 + dli->dl_inodes_used--;
11036 + dli->dl_inodes_used = 0;
11037 + spin_unlock(&dli->dl_lock);
11038 + put_dl_info(dli);
11040 + vxlprintk(VXD_CBIT(dlim, 0),
11041 + "FREE (%p,#%d)%c inode",
11042 + sb, tag, __dlimit_char(dli), _file, _line);
11045 +static inline void __dl_adjust_block(struct super_block *sb, tag_t tag,
11046 + unsigned long long *free_blocks, unsigned long long *root_blocks,
11047 + const char *_file, int _line)
11049 + struct dl_info *dli;
11050 + uint64_t broot, bfree;
11052 + dli = locate_dl_info(sb, tag);
11056 + spin_lock(&dli->dl_lock);
11057 + broot = (dli->dl_space_total -
11058 + (dli->dl_space_total >> 10) * dli->dl_nrlmult)
11059 + >> sb->s_blocksize_bits;
11060 + bfree = (dli->dl_space_total - dli->dl_space_used)
11061 + >> sb->s_blocksize_bits;
11062 + spin_unlock(&dli->dl_lock);
11064 + vxlprintk(VXD_CBIT(dlim, 2),
11065 + "ADJUST: %lld,%lld on %lld,%lld [mult=%d]",
11066 + (long long)bfree, (long long)broot,
11067 + *free_blocks, *root_blocks, dli->dl_nrlmult,
11069 + if (free_blocks) {
11070 + if (*free_blocks > bfree)
11071 + *free_blocks = bfree;
11073 + if (root_blocks) {
11074 + if (*root_blocks > broot)
11075 + *root_blocks = broot;
11077 + put_dl_info(dli);
11080 +#define DLIMIT_ALLOC_SPACE(in, bytes) \
11081 + __dl_alloc_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
11082 + __FILE__, __LINE__ )
11084 +#define DLIMIT_FREE_SPACE(in, bytes) \
11085 + __dl_free_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
11086 + __FILE__, __LINE__ )
11088 +#define DLIMIT_ALLOC_BLOCK(in, nr) \
11089 + __dl_alloc_space((in)->i_sb, (in)->i_tag, \
11090 + ((dlsize_t)(nr)) << (in)->i_sb->s_blocksize_bits, \
11091 + __FILE__, __LINE__ )
11093 +#define DLIMIT_FREE_BLOCK(in, nr) \
11094 + __dl_free_space((in)->i_sb, (in)->i_tag, \
11095 + ((dlsize_t)(nr)) << (in)->i_sb->s_blocksize_bits, \
11096 + __FILE__, __LINE__ )
11099 +#define DLIMIT_ALLOC_INODE(in) \
11100 + __dl_alloc_inode((in)->i_sb, (in)->i_tag, __FILE__, __LINE__ )
11102 +#define DLIMIT_FREE_INODE(in) \
11103 + __dl_free_inode((in)->i_sb, (in)->i_tag, __FILE__, __LINE__ )
11106 +#define DLIMIT_ADJUST_BLOCK(sb, tag, fb, rb) \
11107 + __dl_adjust_block(sb, tag, fb, rb, __FILE__, __LINE__ )
11111 +#warning duplicate inclusion
11113 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/base.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/base.h
11114 --- linux-2.6.25/include/linux/vserver/base.h 1969-12-31 19:00:00.000000000 -0500
11115 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/base.h 2008-04-23 20:52:31.000000000 -0400
11117 +#ifndef _VX_BASE_H
11118 +#define _VX_BASE_H
11121 +/* context state changes */
11133 +#define vx_task_xid(t) ((t)->xid)
11135 +#define vx_current_xid() vx_task_xid(current)
11137 +#define current_vx_info() (current->vx_info)
11140 +#define nx_task_nid(t) ((t)->nid)
11142 +#define nx_current_nid() nx_task_nid(current)
11144 +#define current_nx_info() (current->nx_info)
11147 +/* generic flag merging */
11149 +#define vs_check_flags(v, m, f) (((v) & (m)) ^ (f))
11151 +#define vs_mask_flags(v, f, m) (((v) & ~(m)) | ((f) & (m)))
11153 +#define vs_mask_mask(v, f, m) (((v) & ~(m)) | ((v) & (f) & (m)))
11155 +#define vs_check_bit(v, n) ((v) & (1LL << (n)))
11158 +/* context flags */
11160 +#define __vx_flags(v) ((v) ? (v)->vx_flags : 0)
11162 +#define vx_current_flags() __vx_flags(current->vx_info)
11164 +#define vx_info_flags(v, m, f) \
11165 + vs_check_flags(__vx_flags(v), m, f)
11167 +#define task_vx_flags(t, m, f) \
11168 + ((t) && vx_info_flags((t)->vx_info, m, f))
11170 +#define vx_flags(m, f) vx_info_flags(current->vx_info, m, f)
11173 +/* context caps */
11175 +#define __vx_ccaps(v) ((v) ? (v)->vx_ccaps : 0)
11177 +#define vx_current_ccaps() __vx_ccaps(current->vx_info)
11179 +#define vx_info_ccaps(v, c) (__vx_ccaps(v) & (c))
11181 +#define vx_ccaps(c) vx_info_ccaps(current->vx_info, (c))
11185 +/* network flags */
11187 +#define __nx_flags(n) ((n) ? (n)->nx_flags : 0)
11189 +#define nx_current_flags() __nx_flags(current->nx_info)
11191 +#define nx_info_flags(n, m, f) \
11192 + vs_check_flags(__nx_flags(n), m, f)
11194 +#define task_nx_flags(t, m, f) \
11195 + ((t) && nx_info_flags((t)->nx_info, m, f))
11197 +#define nx_flags(m, f) nx_info_flags(current->nx_info, m, f)
11200 +/* network caps */
11202 +#define __nx_ncaps(n) ((n) ? (n)->nx_ncaps : 0)
11204 +#define nx_current_ncaps() __nx_ncaps(current->nx_info)
11206 +#define nx_info_ncaps(n, c) (__nx_ncaps(n) & (c))
11208 +#define nx_ncaps(c) nx_info_ncaps(current->nx_info, c)
11211 +/* context mask capabilities */
11213 +#define __vx_mcaps(v) ((v) ? (v)->vx_ccaps >> 32UL : ~0 )
11215 +#define vx_info_mcaps(v, c) (__vx_mcaps(v) & (c))
11217 +#define vx_mcaps(c) vx_info_mcaps(current->vx_info, c)
11220 +/* context bcap mask */
11222 +#define __vx_bcaps(v) ((v)->vx_bcaps)
11224 +#define vx_current_bcaps() __vx_bcaps(current->vx_info)
11227 +/* mask given bcaps */
11229 +#define vx_info_mbcaps(v, c) ((v) ? cap_intersect(__vx_bcaps(v), c) : c)
11231 +#define vx_mbcaps(c) vx_info_mbcaps(current->vx_info, c)
11234 +/* masked cap_bset */
11236 +#define vx_info_cap_bset(v) vx_info_mbcaps(v, current->cap_bset)
11238 +#define vx_current_cap_bset() vx_info_cap_bset(current->vx_info)
11241 +#define vx_info_mbcap(v, b) \
11242 + (!vx_info_flags(v, VXF_STATE_SETUP, 0) ? \
11243 + vx_info_bcaps(v, b) : (b))
11245 +#define task_vx_mbcap(t, b) \
11246 + vx_info_mbcap((t)->vx_info, (t)->b)
11248 +#define vx_mbcap(b) task_vx_mbcap(current, b)
11251 +#define vx_cap_raised(v, c, f) cap_raised(vx_info_mbcaps(v, c), f)
11253 +#define vx_capable(b, c) (capable(b) || \
11254 + (cap_raised(current->cap_effective, b) && vx_ccaps(c)))
11256 +#define nx_capable(b, c) (capable(b) || \
11257 + (cap_raised(current->cap_effective, b) && nx_ncaps(c)))
11259 +#define vx_current_initpid(n) \
11260 + (current->vx_info && \
11261 + (current->vx_info->vx_initpid == (n)))
11264 +#define __vx_state(v) ((v) ? ((v)->vx_state) : 0)
11266 +#define vx_info_state(v, m) (__vx_state(v) & (m))
11269 +#define __nx_state(n) ((n) ? ((n)->nx_state) : 0)
11271 +#define nx_info_state(n, m) (__nx_state(n) & (m))
11274 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/cacct_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct_cmd.h
11275 --- linux-2.6.25/include/linux/vserver/cacct_cmd.h 1969-12-31 19:00:00.000000000 -0500
11276 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct_cmd.h 2008-04-19 15:14:52.000000000 -0400
11278 +#ifndef _VX_CACCT_CMD_H
11279 +#define _VX_CACCT_CMD_H
11282 +/* virtual host info name commands */
11284 +#define VCMD_sock_stat VC_CMD(VSTAT, 5, 0)
11286 +struct vcmd_sock_stat_v0 {
11288 + uint32_t count[3];
11289 + uint64_t total[3];
11295 +#include <linux/compiler.h>
11297 +extern int vc_sock_stat(struct vx_info *, void __user *);
11299 +#endif /* __KERNEL__ */
11300 +#endif /* _VX_CACCT_CMD_H */
11301 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/cacct_def.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct_def.h
11302 --- linux-2.6.25/include/linux/vserver/cacct_def.h 1969-12-31 19:00:00.000000000 -0500
11303 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct_def.h 2008-04-19 15:14:52.000000000 -0400
11305 +#ifndef _VX_CACCT_DEF_H
11306 +#define _VX_CACCT_DEF_H
11308 +#include <asm/atomic.h>
11309 +#include <linux/vserver/cacct.h>
11312 +struct _vx_sock_acc {
11313 + atomic_long_t count;
11314 + atomic_long_t total;
11317 +/* context sub struct */
11319 +struct _vx_cacct {
11320 + struct _vx_sock_acc sock[VXA_SOCK_SIZE][3];
11321 + atomic_t slab[8];
11322 + atomic_t page[6][8];
11325 +#ifdef CONFIG_VSERVER_DEBUG
11327 +static inline void __dump_vx_cacct(struct _vx_cacct *cacct)
11331 + printk("\t_vx_cacct:");
11332 + for (i = 0; i < 6; i++) {
11333 + struct _vx_sock_acc *ptr = cacct->sock[i];
11335 + printk("\t [%d] =", i);
11336 + for (j = 0; j < 3; j++) {
11337 + printk(" [%d] = %8lu, %8lu", j,
11338 + atomic_long_read(&ptr[j].count),
11339 + atomic_long_read(&ptr[j].total));
11347 +#endif /* _VX_CACCT_DEF_H */
11348 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/cacct.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct.h
11349 --- linux-2.6.25/include/linux/vserver/cacct.h 1969-12-31 19:00:00.000000000 -0500
11350 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct.h 2008-04-19 15:14:52.000000000 -0400
11352 +#ifndef _VX_CACCT_H
11353 +#define _VX_CACCT_H
11356 +enum sock_acc_field {
11357 + VXA_SOCK_UNSPEC = 0,
11363 + VXA_SOCK_SIZE /* array size */
11366 +#endif /* _VX_CACCT_H */
11367 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/cacct_int.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct_int.h
11368 --- linux-2.6.25/include/linux/vserver/cacct_int.h 1969-12-31 19:00:00.000000000 -0500
11369 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cacct_int.h 2008-04-19 15:14:52.000000000 -0400
11371 +#ifndef _VX_CACCT_INT_H
11372 +#define _VX_CACCT_INT_H
11378 +unsigned long vx_sock_count(struct _vx_cacct *cacct, int type, int pos)
11380 + return atomic_long_read(&cacct->sock[type][pos].count);
11385 +unsigned long vx_sock_total(struct _vx_cacct *cacct, int type, int pos)
11387 + return atomic_long_read(&cacct->sock[type][pos].total);
11390 +#endif /* __KERNEL__ */
11391 +#endif /* _VX_CACCT_INT_H */
11392 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/check.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/check.h
11393 --- linux-2.6.25/include/linux/vserver/check.h 1969-12-31 19:00:00.000000000 -0500
11394 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/check.h 2008-04-19 15:14:52.000000000 -0400
11396 +#ifndef _VS_CHECK_H
11397 +#define _VS_CHECK_H
11400 +#define MAX_S_CONTEXT 65535 /* Arbitrary limit */
11402 +#ifdef CONFIG_VSERVER_DYNAMIC_IDS
11403 +#define MIN_D_CONTEXT 49152 /* dynamic contexts start here */
11405 +#define MIN_D_CONTEXT 65536
11408 +/* check conditions */
11410 +#define VS_ADMIN 0x0001
11411 +#define VS_WATCH 0x0002
11412 +#define VS_HIDE 0x0004
11413 +#define VS_HOSTID 0x0008
11415 +#define VS_IDENT 0x0010
11416 +#define VS_EQUIV 0x0020
11417 +#define VS_PARENT 0x0040
11418 +#define VS_CHILD 0x0080
11420 +#define VS_ARG_MASK 0x00F0
11422 +#define VS_DYNAMIC 0x0100
11423 +#define VS_STATIC 0x0200
11425 +#define VS_ATR_MASK 0x0F00
11427 +#ifdef CONFIG_VSERVER_PRIVACY
11428 +#define VS_ADMIN_P (0)
11429 +#define VS_WATCH_P (0)
11431 +#define VS_ADMIN_P VS_ADMIN
11432 +#define VS_WATCH_P VS_WATCH
11435 +#define VS_HARDIRQ 0x1000
11436 +#define VS_SOFTIRQ 0x2000
11437 +#define VS_IRQ 0x4000
11439 +#define VS_IRQ_MASK 0xF000
11441 +#include <linux/hardirq.h>
11444 + * check current context for ADMIN/WATCH and
11445 + * optionally against supplied argument
11447 +static inline int __vs_check(int cid, int id, unsigned int mode)
11449 + if (mode & VS_ARG_MASK) {
11450 + if ((mode & VS_IDENT) && (id == cid))
11453 + if (mode & VS_ATR_MASK) {
11454 + if ((mode & VS_DYNAMIC) &&
11455 + (id >= MIN_D_CONTEXT) &&
11456 + (id <= MAX_S_CONTEXT))
11458 + if ((mode & VS_STATIC) &&
11459 + (id > 1) && (id < MIN_D_CONTEXT))
11462 + if (mode & VS_IRQ_MASK) {
11463 + if ((mode & VS_IRQ) && unlikely(in_interrupt()))
11465 + if ((mode & VS_HARDIRQ) && unlikely(in_irq()))
11467 + if ((mode & VS_SOFTIRQ) && unlikely(in_softirq()))
11470 + return (((mode & VS_ADMIN) && (cid == 0)) ||
11471 + ((mode & VS_WATCH) && (cid == 1)) ||
11472 + ((mode & VS_HOSTID) && (id == 0)));
11475 +#define vx_check(c, m) __vs_check(vx_current_xid(), c, (m) | VS_IRQ)
11477 +#define vx_weak_check(c, m) ((m) ? vx_check(c, m) : 1)
11480 +#define nx_check(c, m) __vs_check(nx_current_nid(), c, m)
11482 +#define nx_weak_check(c, m) ((m) ? nx_check(c, m) : 1)
11485 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/context_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/context_cmd.h
11486 --- linux-2.6.25/include/linux/vserver/context_cmd.h 1969-12-31 19:00:00.000000000 -0500
11487 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/context_cmd.h 2008-04-19 15:14:52.000000000 -0400
11489 +#ifndef _VX_CONTEXT_CMD_H
11490 +#define _VX_CONTEXT_CMD_H
11493 +/* vinfo commands */
11495 +#define VCMD_task_xid VC_CMD(VINFO, 1, 0)
11498 +extern int vc_task_xid(uint32_t);
11500 +#endif /* __KERNEL__ */
11502 +#define VCMD_vx_info VC_CMD(VINFO, 5, 0)
11504 +struct vcmd_vx_info_v0 {
11506 + uint32_t initpid;
11507 + /* more to come */
11511 +extern int vc_vx_info(struct vx_info *, void __user *);
11513 +#endif /* __KERNEL__ */
11515 +#define VCMD_ctx_stat VC_CMD(VSTAT, 0, 0)
11517 +struct vcmd_ctx_stat_v0 {
11520 + /* more to come */
11524 +extern int vc_ctx_stat(struct vx_info *, void __user *);
11526 +#endif /* __KERNEL__ */
11528 +/* context commands */
11530 +#define VCMD_ctx_create_v0 VC_CMD(VPROC, 1, 0)
11531 +#define VCMD_ctx_create VC_CMD(VPROC, 1, 1)
11533 +struct vcmd_ctx_create {
11534 + uint64_t flagword;
11537 +#define VCMD_ctx_migrate_v0 VC_CMD(PROCMIG, 1, 0)
11538 +#define VCMD_ctx_migrate VC_CMD(PROCMIG, 1, 1)
11540 +struct vcmd_ctx_migrate {
11541 + uint64_t flagword;
11545 +extern int vc_ctx_create(uint32_t, void __user *);
11546 +extern int vc_ctx_migrate(struct vx_info *, void __user *);
11548 +#endif /* __KERNEL__ */
11551 +/* flag commands */
11553 +#define VCMD_get_cflags VC_CMD(FLAGS, 1, 0)
11554 +#define VCMD_set_cflags VC_CMD(FLAGS, 2, 0)
11556 +struct vcmd_ctx_flags_v0 {
11557 + uint64_t flagword;
11562 +extern int vc_get_cflags(struct vx_info *, void __user *);
11563 +extern int vc_set_cflags(struct vx_info *, void __user *);
11565 +#endif /* __KERNEL__ */
11568 +/* context caps commands */
11570 +#define VCMD_get_ccaps VC_CMD(FLAGS, 3, 1)
11571 +#define VCMD_set_ccaps VC_CMD(FLAGS, 4, 1)
11573 +struct vcmd_ctx_caps_v1 {
11579 +extern int vc_get_ccaps(struct vx_info *, void __user *);
11580 +extern int vc_set_ccaps(struct vx_info *, void __user *);
11582 +#endif /* __KERNEL__ */
11585 +/* bcaps commands */
11587 +#define VCMD_get_bcaps VC_CMD(FLAGS, 9, 0)
11588 +#define VCMD_set_bcaps VC_CMD(FLAGS, 10, 0)
11590 +struct vcmd_bcaps {
11596 +extern int vc_get_bcaps(struct vx_info *, void __user *);
11597 +extern int vc_set_bcaps(struct vx_info *, void __user *);
11599 +#endif /* __KERNEL__ */
11604 +#define VCMD_get_badness VC_CMD(MEMCTRL, 5, 0)
11605 +#define VCMD_set_badness VC_CMD(MEMCTRL, 6, 0)
11607 +struct vcmd_badness_v0 {
11612 +extern int vc_get_badness(struct vx_info *, void __user *);
11613 +extern int vc_set_badness(struct vx_info *, void __user *);
11615 +#endif /* __KERNEL__ */
11616 +#endif /* _VX_CONTEXT_CMD_H */
11617 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/context.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/context.h
11618 --- linux-2.6.25/include/linux/vserver/context.h 1969-12-31 19:00:00.000000000 -0500
11619 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/context.h 2008-04-22 15:14:28.000000000 -0400
11621 +#ifndef _VX_CONTEXT_H
11622 +#define _VX_CONTEXT_H
11624 +#include <linux/types.h>
11625 +#include <linux/capability.h>
11628 +/* context flags */
11630 +#define VXF_INFO_SCHED 0x00000002
11631 +#define VXF_INFO_NPROC 0x00000004
11632 +#define VXF_INFO_PRIVATE 0x00000008
11634 +#define VXF_INFO_INIT 0x00000010
11635 +#define VXF_INFO_HIDE 0x00000020
11636 +#define VXF_INFO_ULIMIT 0x00000040
11637 +#define VXF_INFO_NSPACE 0x00000080
11639 +#define VXF_SCHED_HARD 0x00000100
11640 +#define VXF_SCHED_PRIO 0x00000200
11641 +#define VXF_SCHED_PAUSE 0x00000400
11643 +#define VXF_VIRT_MEM 0x00010000
11644 +#define VXF_VIRT_UPTIME 0x00020000
11645 +#define VXF_VIRT_CPU 0x00040000
11646 +#define VXF_VIRT_LOAD 0x00080000
11647 +#define VXF_VIRT_TIME 0x00100000
11649 +#define VXF_HIDE_MOUNT 0x01000000
11650 +/* was VXF_HIDE_NETIF 0x02000000 */
11651 +#define VXF_HIDE_VINFO 0x04000000
11653 +#define VXF_STATE_SETUP (1ULL << 32)
11654 +#define VXF_STATE_INIT (1ULL << 33)
11655 +#define VXF_STATE_ADMIN (1ULL << 34)
11657 +#define VXF_SC_HELPER (1ULL << 36)
11658 +#define VXF_REBOOT_KILL (1ULL << 37)
11659 +#define VXF_PERSISTENT (1ULL << 38)
11661 +#define VXF_FORK_RSS (1ULL << 48)
11662 +#define VXF_PROLIFIC (1ULL << 49)
11664 +#define VXF_IGNEG_NICE (1ULL << 52)
11666 +#define VXF_ONE_TIME (0x0007ULL << 32)
11668 +#define VXF_INIT_SET (VXF_STATE_SETUP | VXF_STATE_INIT | VXF_STATE_ADMIN)
11671 +/* context migration */
11673 +#define VXM_SET_INIT 0x00000001
11674 +#define VXM_SET_REAPER 0x00000002
11676 +/* context caps */
11678 +#define VXC_CAP_MASK 0x00000000
11680 +#define VXC_SET_UTSNAME 0x00000001
11681 +#define VXC_SET_RLIMIT 0x00000002
11683 +/* was VXC_RAW_ICMP 0x00000100 */
11684 +#define VXC_SYSLOG 0x00001000
11686 +#define VXC_SECURE_MOUNT 0x00010000
11687 +#define VXC_SECURE_REMOUNT 0x00020000
11688 +#define VXC_BINARY_MOUNT 0x00040000
11690 +#define VXC_QUOTA_CTL 0x00100000
11691 +#define VXC_ADMIN_MAPPER 0x00200000
11692 +#define VXC_ADMIN_CLOOP 0x00400000
11694 +#define VXC_KTHREAD 0x01000000
11699 +#include <linux/list.h>
11700 +#include <linux/spinlock.h>
11701 +#include <linux/rcupdate.h>
11703 +#include "limit_def.h"
11704 +#include "sched_def.h"
11705 +#include "cvirt_def.h"
11706 +#include "cacct_def.h"
11707 +#include "device_def.h"
11709 +struct _vx_info_pc {
11710 + struct _vx_sched_pc sched_pc;
11711 + struct _vx_cvirt_pc cvirt_pc;
11715 + struct hlist_node vx_hlist; /* linked list of contexts */
11716 + xid_t vx_id; /* context id */
11717 + atomic_t vx_usecnt; /* usage count */
11718 + atomic_t vx_tasks; /* tasks count */
11719 + struct vx_info *vx_parent; /* parent context */
11720 + int vx_state; /* context state */
11722 + unsigned long vx_nsmask; /* assignment mask */
11723 + struct nsproxy *vx_nsproxy; /* private namespace */
11724 + struct fs_struct *vx_fs; /* private namespace fs */
11726 + uint64_t vx_flags; /* context flags */
11727 + uint64_t vx_ccaps; /* context caps (vserver) */
11728 + kernel_cap_t vx_bcaps; /* bounding caps (system) */
11729 + // kernel_cap_t vx_cap_bset; /* the guest's bset */
11731 + struct task_struct *vx_reaper; /* guest reaper process */
11732 + pid_t vx_initpid; /* PID of guest init */
11733 + int64_t vx_badness_bias; /* OOM points bias */
11735 + struct _vx_limit limit; /* vserver limits */
11736 + struct _vx_sched sched; /* vserver scheduler */
11737 + struct _vx_cvirt cvirt; /* virtual/bias stuff */
11738 + struct _vx_cacct cacct; /* context accounting */
11740 + struct _vx_device dmap; /* default device map targets */
11742 +#ifndef CONFIG_SMP
11743 + struct _vx_info_pc info_pc; /* per cpu data */
11745 + struct _vx_info_pc *ptr_pc; /* per cpu array */
11748 + wait_queue_head_t vx_wait; /* context exit waitqueue */
11749 + int reboot_cmd; /* last sys_reboot() cmd */
11750 + int exit_code; /* last process exit code */
11752 + char vx_name[65]; /* vserver name */
11755 +#ifndef CONFIG_SMP
11756 +#define vx_ptr_pc(vxi) (&(vxi)->info_pc)
11757 +#define vx_per_cpu(vxi, v, id) vx_ptr_pc(vxi)->v
11759 +#define vx_ptr_pc(vxi) ((vxi)->ptr_pc)
11760 +#define vx_per_cpu(vxi, v, id) per_cpu_ptr(vx_ptr_pc(vxi), id)->v
11763 +#define vx_cpu(vxi, v) vx_per_cpu(vxi, v, smp_processor_id())
11766 +struct vx_info_save {
11767 + struct vx_info *vxi;
11772 +/* status flags */
11774 +#define VXS_HASHED 0x0001
11775 +#define VXS_PAUSED 0x0010
11776 +#define VXS_SHUTDOWN 0x0100
11777 +#define VXS_HELPER 0x1000
11778 +#define VXS_RELEASED 0x8000
11781 +extern void claim_vx_info(struct vx_info *, struct task_struct *);
11782 +extern void release_vx_info(struct vx_info *, struct task_struct *);
11784 +extern struct vx_info *lookup_vx_info(int);
11785 +extern struct vx_info *lookup_or_create_vx_info(int);
11787 +extern int get_xid_list(int, unsigned int *, int);
11788 +extern int xid_is_hashed(xid_t);
11790 +extern int vx_migrate_task(struct task_struct *, struct vx_info *, int);
11792 +extern long vs_state_change(struct vx_info *, unsigned int);
11795 +#endif /* __KERNEL__ */
11796 +#endif /* _VX_CONTEXT_H */
11797 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/cvirt_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cvirt_cmd.h
11798 --- linux-2.6.25/include/linux/vserver/cvirt_cmd.h 1969-12-31 19:00:00.000000000 -0500
11799 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cvirt_cmd.h 2008-04-19 15:14:52.000000000 -0400
11801 +#ifndef _VX_CVIRT_CMD_H
11802 +#define _VX_CVIRT_CMD_H
11805 +/* virtual host info name commands */
11807 +#define VCMD_set_vhi_name VC_CMD(VHOST, 1, 0)
11808 +#define VCMD_get_vhi_name VC_CMD(VHOST, 2, 0)
11810 +struct vcmd_vhi_name_v0 {
11816 +enum vhi_name_field {
11817 + VHIN_CONTEXT = 0,
11829 +#include <linux/compiler.h>
11831 +extern int vc_set_vhi_name(struct vx_info *, void __user *);
11832 +extern int vc_get_vhi_name(struct vx_info *, void __user *);
11834 +#endif /* __KERNEL__ */
11836 +#define VCMD_virt_stat VC_CMD(VSTAT, 3, 0)
11838 +struct vcmd_virt_stat_v0 {
11841 + uint32_t nr_threads;
11842 + uint32_t nr_running;
11843 + uint32_t nr_uninterruptible;
11844 + uint32_t nr_onhold;
11845 + uint32_t nr_forks;
11846 + uint32_t load[3];
11850 +extern int vc_virt_stat(struct vx_info *, void __user *);
11852 +#endif /* __KERNEL__ */
11853 +#endif /* _VX_CVIRT_CMD_H */
11854 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/cvirt_def.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cvirt_def.h
11855 --- linux-2.6.25/include/linux/vserver/cvirt_def.h 1969-12-31 19:00:00.000000000 -0500
11856 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cvirt_def.h 2008-04-19 15:14:52.000000000 -0400
11858 +#ifndef _VX_CVIRT_DEF_H
11859 +#define _VX_CVIRT_DEF_H
11861 +#include <linux/jiffies.h>
11862 +#include <linux/spinlock.h>
11863 +#include <linux/wait.h>
11864 +#include <linux/time.h>
11865 +#include <asm/atomic.h>
11868 +struct _vx_usage_stat {
11872 + uint64_t softirq;
11878 +struct _vx_syslog {
11879 + wait_queue_head_t log_wait;
11880 + spinlock_t logbuf_lock; /* lock for the log buffer */
11882 + unsigned long log_start; /* next char to be read by syslog() */
11883 + unsigned long con_start; /* next char to be sent to consoles */
11884 + unsigned long log_end; /* most-recently-written-char + 1 */
11885 + unsigned long logged_chars; /* #chars since last read+clear operation */
11887 + char log_buf[1024];
11891 +/* context sub struct */
11893 +struct _vx_cvirt {
11894 + atomic_t nr_threads; /* number of current threads */
11895 + atomic_t nr_running; /* number of running threads */
11896 + atomic_t nr_uninterruptible; /* number of uninterruptible threads */
11898 + atomic_t nr_onhold; /* processes on hold */
11899 + uint32_t onhold_last; /* jiffies when put on hold */
11901 + struct timeval bias_tv; /* time offset to the host */
11902 + struct timespec bias_idle;
11903 + struct timespec bias_uptime; /* context creation point */
11904 + uint64_t bias_clock; /* offset in clock_t */
11906 + spinlock_t load_lock; /* lock for the load averages */
11907 + atomic_t load_updates; /* nr of load updates done so far */
11908 + uint32_t load_last; /* last time load was calculated */
11909 + uint32_t load[3]; /* load averages 1,5,15 */
11911 + atomic_t total_forks; /* number of forks so far */
11913 + struct _vx_syslog syslog;
11916 +struct _vx_cvirt_pc {
11917 + struct _vx_usage_stat cpustat;
11921 +#ifdef CONFIG_VSERVER_DEBUG
11923 +static inline void __dump_vx_cvirt(struct _vx_cvirt *cvirt)
11925 + printk("\t_vx_cvirt:\n");
11926 + printk("\t threads: %4d, %4d, %4d, %4d\n",
11927 + atomic_read(&cvirt->nr_threads),
11928 + atomic_read(&cvirt->nr_running),
11929 + atomic_read(&cvirt->nr_uninterruptible),
11930 + atomic_read(&cvirt->nr_onhold));
11931 + /* add rest here */
11932 + printk("\t total_forks = %d\n", atomic_read(&cvirt->total_forks));
11937 +#endif /* _VX_CVIRT_DEF_H */
11938 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/cvirt.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cvirt.h
11939 --- linux-2.6.25/include/linux/vserver/cvirt.h 1969-12-31 19:00:00.000000000 -0500
11940 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/cvirt.h 2008-04-19 15:14:52.000000000 -0400
11942 +#ifndef _VX_CVIRT_H
11943 +#define _VX_CVIRT_H
11950 +void vx_vsi_uptime(struct timespec *, struct timespec *);
11955 +void vx_update_load(struct vx_info *);
11958 +int vx_do_syslog(int, char __user *, int);
11960 +#endif /* __KERNEL__ */
11961 +#endif /* _VX_CVIRT_H */
11962 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/debug_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/debug_cmd.h
11963 --- linux-2.6.25/include/linux/vserver/debug_cmd.h 1969-12-31 19:00:00.000000000 -0500
11964 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/debug_cmd.h 2008-04-19 15:14:52.000000000 -0400
11966 +#ifndef _VX_DEBUG_CMD_H
11967 +#define _VX_DEBUG_CMD_H
11970 +/* debug commands */
11972 +#define VCMD_dump_history VC_CMD(DEBUG, 1, 0)
11974 +#define VCMD_read_history VC_CMD(DEBUG, 5, 0)
11975 +#define VCMD_read_monitor VC_CMD(DEBUG, 6, 0)
11977 +struct vcmd_read_history_v0 {
11980 + char __user *data;
11983 +struct vcmd_read_monitor_v0 {
11986 + char __user *data;
11992 +#ifdef CONFIG_COMPAT
11994 +#include <asm/compat.h>
11996 +struct vcmd_read_history_v0_x32 {
11999 + compat_uptr_t data_ptr;
12002 +struct vcmd_read_monitor_v0_x32 {
12005 + compat_uptr_t data_ptr;
12008 +#endif /* CONFIG_COMPAT */
12010 +extern int vc_dump_history(uint32_t);
12012 +extern int vc_read_history(uint32_t, void __user *);
12013 +extern int vc_read_monitor(uint32_t, void __user *);
12015 +#ifdef CONFIG_COMPAT
12017 +extern int vc_read_history_x32(uint32_t, void __user *);
12018 +extern int vc_read_monitor_x32(uint32_t, void __user *);
12020 +#endif /* CONFIG_COMPAT */
12022 +#endif /* __KERNEL__ */
12023 +#endif /* _VX_DEBUG_CMD_H */
12024 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/debug.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/debug.h
12025 --- linux-2.6.25/include/linux/vserver/debug.h 1969-12-31 19:00:00.000000000 -0500
12026 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/debug.h 2008-04-21 13:55:14.000000000 -0400
12028 +#ifndef _VX_DEBUG_H
12029 +#define _VX_DEBUG_H
12032 +#define VXD_CBIT(n, m) (vx_debug_ ## n & (1 << (m)))
12033 +#define VXD_CMIN(n, m) (vx_debug_ ## n > (m))
12034 +#define VXD_MASK(n, m) (vx_debug_ ## n & (m))
12036 +#define VXD_DEV(d) (d), (d)->bd_inode->i_ino, \
12037 + imajor((d)->bd_inode), iminor((d)->bd_inode)
12038 +#define VXF_DEV "%p[%lu,%d:%d]"
12041 +#define __FUNC__ __func__
12044 +#define vxd_path(p) \
12045 + ({ static char _buffer[PATH_MAX]; \
12046 + d_path(p, _buffer, sizeof(_buffer)); })
12048 +#define vxd_cond_path(n) \
12049 + ((n) ? vxd_path(&(n)->path) : "<null>" )
12052 +#ifdef CONFIG_VSERVER_DEBUG
12054 +extern unsigned int vx_debug_switch;
12055 +extern unsigned int vx_debug_xid;
12056 +extern unsigned int vx_debug_nid;
12057 +extern unsigned int vx_debug_tag;
12058 +extern unsigned int vx_debug_net;
12059 +extern unsigned int vx_debug_limit;
12060 +extern unsigned int vx_debug_cres;
12061 +extern unsigned int vx_debug_dlim;
12062 +extern unsigned int vx_debug_quota;
12063 +extern unsigned int vx_debug_cvirt;
12064 +extern unsigned int vx_debug_space;
12065 +extern unsigned int vx_debug_misc;
12068 +#define VX_LOGLEVEL "vxD: "
12069 +#define VX_PROC_FMT "%p: "
12070 +#define VX_PROCESS current
12072 +#define vxdprintk(c, f, x...) \
12075 + printk(VX_LOGLEVEL VX_PROC_FMT f "\n", \
12076 + VX_PROCESS , ##x); \
12079 +#define vxlprintk(c, f, x...) \
12082 + printk(VX_LOGLEVEL f " @%s:%d\n", x); \
12085 +#define vxfprintk(c, f, x...) \
12088 + printk(VX_LOGLEVEL f " %s@%s:%d\n", x); \
12094 +void dump_vx_info(struct vx_info *, int);
12095 +void dump_vx_info_inactive(int);
12097 +#else /* CONFIG_VSERVER_DEBUG */
12099 +#define vx_debug_switch 0
12100 +#define vx_debug_xid 0
12101 +#define vx_debug_nid 0
12102 +#define vx_debug_tag 0
12103 +#define vx_debug_net 0
12104 +#define vx_debug_limit 0
12105 +#define vx_debug_cres 0
12106 +#define vx_debug_dlim 0
12107 +#define vx_debug_cvirt 0
12109 +#define vxdprintk(x...) do { } while (0)
12110 +#define vxlprintk(x...) do { } while (0)
12111 +#define vxfprintk(x...) do { } while (0)
12113 +#endif /* CONFIG_VSERVER_DEBUG */
12116 +#ifdef CONFIG_VSERVER_WARN
12118 +#define VX_WARNLEVEL KERN_WARNING "vxW: "
12119 +#define VX_WARN_TASK "[»%s«,%u:#%u|%u|%u] "
12120 +#define VX_WARN_XID "[xid #%u] "
12121 +#define VX_WARN_NID "[nid #%u] "
12122 +#define VX_WARN_TAG "[tag #%u] "
12124 +#define vxwprintk(c, f, x...) \
12127 + printk(VX_WARNLEVEL f "\n", ##x); \
12130 +#else /* CONFIG_VSERVER_WARN */
12132 +#define vxwprintk(x...) do { } while (0)
12134 +#endif /* CONFIG_VSERVER_WARN */
12136 +#define vxwprintk_task(c, f, x...) \
12137 + vxwprintk(c, VX_WARN_TASK f, \
12138 + current->comm, current->pid, \
12139 + current->xid, current->nid, current->tag, ##x)
12140 +#define vxwprintk_xid(c, f, x...) \
12141 + vxwprintk(c, VX_WARN_XID f, current->xid, x)
12142 +#define vxwprintk_nid(c, f, x...) \
12143 + vxwprintk(c, VX_WARN_NID f, current->nid, x)
12144 +#define vxwprintk_tag(c, f, x...) \
12145 + vxwprintk(c, VX_WARN_TAG f, current->tag, x)
12147 +#ifdef CONFIG_VSERVER_DEBUG
12148 +#define vxd_assert_lock(l) assert_spin_locked(l)
12149 +#define vxd_assert(c, f, x...) vxlprintk(!(c), \
12150 + "assertion [" f "] failed.", ##x, __FILE__, __LINE__)
12152 +#define vxd_assert_lock(l) do { } while (0)
12153 +#define vxd_assert(c, f, x...) do { } while (0)
12157 +#endif /* _VX_DEBUG_H */
12158 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/device_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/device_cmd.h
12159 --- linux-2.6.25/include/linux/vserver/device_cmd.h 1969-12-31 19:00:00.000000000 -0500
12160 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/device_cmd.h 2008-04-19 15:14:52.000000000 -0400
12162 +#ifndef _VX_DEVICE_CMD_H
12163 +#define _VX_DEVICE_CMD_H
12166 +/* device vserver commands */
12168 +#define VCMD_set_mapping VC_CMD(DEVICE, 1, 0)
12169 +#define VCMD_unset_mapping VC_CMD(DEVICE, 2, 0)
12171 +struct vcmd_set_mapping_v0 {
12172 + const char __user *device;
12173 + const char __user *target;
12180 +#ifdef CONFIG_COMPAT
12182 +#include <asm/compat.h>
12184 +struct vcmd_set_mapping_v0_x32 {
12185 + compat_uptr_t device_ptr;
12186 + compat_uptr_t target_ptr;
12190 +#endif /* CONFIG_COMPAT */
12192 +#include <linux/compiler.h>
12194 +extern int vc_set_mapping(struct vx_info *, void __user *);
12195 +extern int vc_unset_mapping(struct vx_info *, void __user *);
12197 +#ifdef CONFIG_COMPAT
12199 +extern int vc_set_mapping_x32(struct vx_info *, void __user *);
12200 +extern int vc_unset_mapping_x32(struct vx_info *, void __user *);
12202 +#endif /* CONFIG_COMPAT */
12204 +#endif /* __KERNEL__ */
12205 +#endif /* _VX_DEVICE_CMD_H */
12206 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/device_def.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/device_def.h
12207 --- linux-2.6.25/include/linux/vserver/device_def.h 1969-12-31 19:00:00.000000000 -0500
12208 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/device_def.h 2008-04-19 15:14:52.000000000 -0400
12210 +#ifndef _VX_DEVICE_DEF_H
12211 +#define _VX_DEVICE_DEF_H
12213 +#include <linux/types.h>
12215 +struct vx_dmap_target {
12220 +struct _vx_device {
12221 +#ifdef CONFIG_VSERVER_DEVICE
12222 + struct vx_dmap_target targets[2];
12226 +#endif /* _VX_DEVICE_DEF_H */
12227 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/device.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/device.h
12228 --- linux-2.6.25/include/linux/vserver/device.h 1969-12-31 19:00:00.000000000 -0500
12229 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/device.h 2008-04-19 15:14:52.000000000 -0400
12231 +#ifndef _VX_DEVICE_H
12232 +#define _VX_DEVICE_H
12235 +#define DATTR_CREATE 0x00000001
12236 +#define DATTR_OPEN 0x00000002
12238 +#define DATTR_REMAP 0x00000010
12240 +#define DATTR_MASK 0x00000013
12243 +#else /* _VX_DEVICE_H */
12244 +#warning duplicate inclusion
12245 +#endif /* _VX_DEVICE_H */
12246 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/dlimit_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/dlimit_cmd.h
12247 --- linux-2.6.25/include/linux/vserver/dlimit_cmd.h 1969-12-31 19:00:00.000000000 -0500
12248 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/dlimit_cmd.h 2008-04-19 15:14:52.000000000 -0400
12250 +#ifndef _VX_DLIMIT_CMD_H
12251 +#define _VX_DLIMIT_CMD_H
12254 +/* dlimit vserver commands */
12256 +#define VCMD_add_dlimit VC_CMD(DLIMIT, 1, 0)
12257 +#define VCMD_rem_dlimit VC_CMD(DLIMIT, 2, 0)
12259 +#define VCMD_set_dlimit VC_CMD(DLIMIT, 5, 0)
12260 +#define VCMD_get_dlimit VC_CMD(DLIMIT, 6, 0)
12262 +struct vcmd_ctx_dlimit_base_v0 {
12263 + const char __user *name;
12267 +struct vcmd_ctx_dlimit_v0 {
12268 + const char __user *name;
12269 + uint32_t space_used; /* used space in kbytes */
12270 + uint32_t space_total; /* maximum space in kbytes */
12271 + uint32_t inodes_used; /* used inodes */
12272 + uint32_t inodes_total; /* maximum inodes */
12273 + uint32_t reserved; /* reserved for root in % */
12277 +#define CDLIM_UNSET ((uint32_t)0UL)
12278 +#define CDLIM_INFINITY ((uint32_t)~0UL)
12279 +#define CDLIM_KEEP ((uint32_t)~1UL)
12283 +#ifdef CONFIG_COMPAT
12285 +#include <asm/compat.h>
12287 +struct vcmd_ctx_dlimit_base_v0_x32 {
12288 + compat_uptr_t name_ptr;
12292 +struct vcmd_ctx_dlimit_v0_x32 {
12293 + compat_uptr_t name_ptr;
12294 + uint32_t space_used; /* used space in kbytes */
12295 + uint32_t space_total; /* maximum space in kbytes */
12296 + uint32_t inodes_used; /* used inodes */
12297 + uint32_t inodes_total; /* maximum inodes */
12298 + uint32_t reserved; /* reserved for root in % */
12302 +#endif /* CONFIG_COMPAT */
12304 +#include <linux/compiler.h>
12306 +extern int vc_add_dlimit(uint32_t, void __user *);
12307 +extern int vc_rem_dlimit(uint32_t, void __user *);
12309 +extern int vc_set_dlimit(uint32_t, void __user *);
12310 +extern int vc_get_dlimit(uint32_t, void __user *);
12312 +#ifdef CONFIG_COMPAT
12314 +extern int vc_add_dlimit_x32(uint32_t, void __user *);
12315 +extern int vc_rem_dlimit_x32(uint32_t, void __user *);
12317 +extern int vc_set_dlimit_x32(uint32_t, void __user *);
12318 +extern int vc_get_dlimit_x32(uint32_t, void __user *);
12320 +#endif /* CONFIG_COMPAT */
12322 +#endif /* __KERNEL__ */
12323 +#endif /* _VX_DLIMIT_CMD_H */
12324 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/dlimit.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/dlimit.h
12325 --- linux-2.6.25/include/linux/vserver/dlimit.h 1969-12-31 19:00:00.000000000 -0500
12326 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/dlimit.h 2008-04-19 15:14:52.000000000 -0400
12328 +#ifndef _VX_DLIMIT_H
12329 +#define _VX_DLIMIT_H
12331 +#include "switch.h"
12336 +/* keep in sync with CDLIM_INFINITY */
12338 +#define DLIM_INFINITY (~0ULL)
12340 +#include <linux/spinlock.h>
12341 +#include <linux/rcupdate.h>
12343 +struct super_block;
12346 + struct hlist_node dl_hlist; /* linked list of contexts */
12347 + struct rcu_head dl_rcu; /* the rcu head */
12348 + tag_t dl_tag; /* context tag */
12349 + atomic_t dl_usecnt; /* usage count */
12350 + atomic_t dl_refcnt; /* reference count */
12352 + struct super_block *dl_sb; /* associated superblock */
12354 + spinlock_t dl_lock; /* protect the values */
12356 + unsigned long long dl_space_used; /* used space in bytes */
12357 + unsigned long long dl_space_total; /* maximum space in bytes */
12358 + unsigned long dl_inodes_used; /* used inodes */
12359 + unsigned long dl_inodes_total; /* maximum inodes */
12361 + unsigned int dl_nrlmult; /* non root limit mult */
12366 +extern void rcu_free_dl_info(struct rcu_head *);
12367 +extern void unhash_dl_info(struct dl_info *);
12369 +extern struct dl_info *locate_dl_info(struct super_block *, tag_t);
12374 +extern void vx_vsi_statfs(struct super_block *, struct kstatfs *);
12376 +typedef uint64_t dlsize_t;
12378 +#endif /* __KERNEL__ */
12379 +#else /* _VX_DLIMIT_H */
12380 +#warning duplicate inclusion
12381 +#endif /* _VX_DLIMIT_H */
12382 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/global.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/global.h
12383 --- linux-2.6.25/include/linux/vserver/global.h 1969-12-31 19:00:00.000000000 -0500
12384 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/global.h 2008-04-19 15:14:52.000000000 -0400
12386 +#ifndef _VX_GLOBAL_H
12387 +#define _VX_GLOBAL_H
12390 +extern atomic_t vx_global_ctotal;
12391 +extern atomic_t vx_global_cactive;
12393 +extern atomic_t nx_global_ctotal;
12394 +extern atomic_t nx_global_cactive;
12396 +extern atomic_t vs_global_nsproxy;
12397 +extern atomic_t vs_global_fs;
12398 +extern atomic_t vs_global_mnt_ns;
12399 +extern atomic_t vs_global_uts_ns;
12400 +extern atomic_t vs_global_ipc_ns;
12401 +extern atomic_t vs_global_user_ns;
12402 +extern atomic_t vs_global_pid_ns;
12405 +#endif /* _VX_GLOBAL_H */
12406 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/history.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/history.h
12407 --- linux-2.6.25/include/linux/vserver/history.h 1969-12-31 19:00:00.000000000 -0500
12408 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/history.h 2008-04-19 15:14:52.000000000 -0400
12410 +#ifndef _VX_HISTORY_H
12411 +#define _VX_HISTORY_H
12416 + VXH_THROW_OOPS = 1,
12420 + VXH_INIT_VX_INFO,
12423 + VXH_CLAIM_VX_INFO,
12424 + VXH_RELEASE_VX_INFO,
12425 + VXH_ALLOC_VX_INFO,
12426 + VXH_DEALLOC_VX_INFO,
12427 + VXH_HASH_VX_INFO,
12428 + VXH_UNHASH_VX_INFO,
12430 + VXH_LOOKUP_VX_INFO,
12431 + VXH_CREATE_VX_INFO,
12434 +struct _vxhe_vxi {
12435 + struct vx_info *ptr;
12441 +struct _vxhe_set_clr {
12445 +struct _vxhe_loc_lookup {
12449 +struct _vx_hist_entry {
12451 + unsigned short seq;
12452 + unsigned short type;
12453 + struct _vxhe_vxi vxi;
12455 + struct _vxhe_set_clr sc;
12456 + struct _vxhe_loc_lookup ll;
12460 +#ifdef CONFIG_VSERVER_HISTORY
12462 +extern unsigned volatile int vxh_active;
12464 +struct _vx_hist_entry *vxh_advance(void *loc);
12468 +void __vxh_copy_vxi(struct _vx_hist_entry *entry, struct vx_info *vxi)
12470 + entry->vxi.ptr = vxi;
12472 + entry->vxi.usecnt = atomic_read(&vxi->vx_usecnt);
12473 + entry->vxi.tasks = atomic_read(&vxi->vx_tasks);
12474 + entry->vxi.xid = vxi->vx_id;
12479 +#define __HERE__ current_text_addr()
12481 +#define __VXH_BODY(__type, __data, __here) \
12482 + struct _vx_hist_entry *entry; \
12484 + preempt_disable(); \
12485 + entry = vxh_advance(__here); \
12487 + entry->type = __type; \
12488 + preempt_enable();
12491 + /* pass vxi only */
12493 +#define __VXH_SMPL \
12494 + __vxh_copy_vxi(entry, vxi)
12497 +void __vxh_smpl(struct vx_info *vxi, int __type, void *__here)
12499 + __VXH_BODY(__type, __VXH_SMPL, __here)
12502 + /* pass vxi and data (void *) */
12504 +#define __VXH_DATA \
12505 + __vxh_copy_vxi(entry, vxi); \
12506 + entry->sc.data = data
12509 +void __vxh_data(struct vx_info *vxi, void *data,
12510 + int __type, void *__here)
12512 + __VXH_BODY(__type, __VXH_DATA, __here)
12515 + /* pass vxi and arg (long) */
12517 +#define __VXH_LONG \
12518 + __vxh_copy_vxi(entry, vxi); \
12519 + entry->ll.arg = arg
12522 +void __vxh_long(struct vx_info *vxi, long arg,
12523 + int __type, void *__here)
12525 + __VXH_BODY(__type, __VXH_LONG, __here)
12530 +void __vxh_throw_oops(void *__here)
12532 + __VXH_BODY(VXH_THROW_OOPS, {}, __here);
12533 + /* prevent further acquisition */
12538 +#define vxh_throw_oops() __vxh_throw_oops(__HERE__);
12540 +#define __vxh_get_vx_info(v, h) __vxh_smpl(v, VXH_GET_VX_INFO, h);
12541 +#define __vxh_put_vx_info(v, h) __vxh_smpl(v, VXH_PUT_VX_INFO, h);
12543 +#define __vxh_init_vx_info(v, d, h) \
12544 + __vxh_data(v, d, VXH_INIT_VX_INFO, h);
12545 +#define __vxh_set_vx_info(v, d, h) \
12546 + __vxh_data(v, d, VXH_SET_VX_INFO, h);
12547 +#define __vxh_clr_vx_info(v, d, h) \
12548 + __vxh_data(v, d, VXH_CLR_VX_INFO, h);
12550 +#define __vxh_claim_vx_info(v, d, h) \
12551 + __vxh_data(v, d, VXH_CLAIM_VX_INFO, h);
12552 +#define __vxh_release_vx_info(v, d, h) \
12553 + __vxh_data(v, d, VXH_RELEASE_VX_INFO, h);
12555 +#define vxh_alloc_vx_info(v) \
12556 + __vxh_smpl(v, VXH_ALLOC_VX_INFO, __HERE__);
12557 +#define vxh_dealloc_vx_info(v) \
12558 + __vxh_smpl(v, VXH_DEALLOC_VX_INFO, __HERE__);
12560 +#define vxh_hash_vx_info(v) \
12561 + __vxh_smpl(v, VXH_HASH_VX_INFO, __HERE__);
12562 +#define vxh_unhash_vx_info(v) \
12563 + __vxh_smpl(v, VXH_UNHASH_VX_INFO, __HERE__);
12565 +#define vxh_loc_vx_info(v, l) \
12566 + __vxh_long(v, l, VXH_LOC_VX_INFO, __HERE__);
12567 +#define vxh_lookup_vx_info(v, l) \
12568 + __vxh_long(v, l, VXH_LOOKUP_VX_INFO, __HERE__);
12569 +#define vxh_create_vx_info(v, l) \
12570 + __vxh_long(v, l, VXH_CREATE_VX_INFO, __HERE__);
12572 +extern void vxh_dump_history(void);
12575 +#else /* CONFIG_VSERVER_HISTORY */
12577 +#define __HERE__ 0
12579 +#define vxh_throw_oops() do { } while (0)
12581 +#define __vxh_get_vx_info(v, h) do { } while (0)
12582 +#define __vxh_put_vx_info(v, h) do { } while (0)
12584 +#define __vxh_init_vx_info(v, d, h) do { } while (0)
12585 +#define __vxh_set_vx_info(v, d, h) do { } while (0)
12586 +#define __vxh_clr_vx_info(v, d, h) do { } while (0)
12588 +#define __vxh_claim_vx_info(v, d, h) do { } while (0)
12589 +#define __vxh_release_vx_info(v, d, h) do { } while (0)
12591 +#define vxh_alloc_vx_info(v) do { } while (0)
12592 +#define vxh_dealloc_vx_info(v) do { } while (0)
12594 +#define vxh_hash_vx_info(v) do { } while (0)
12595 +#define vxh_unhash_vx_info(v) do { } while (0)
12597 +#define vxh_loc_vx_info(v, l) do { } while (0)
12598 +#define vxh_lookup_vx_info(v, l) do { } while (0)
12599 +#define vxh_create_vx_info(v, l) do { } while (0)
12601 +#define vxh_dump_history() do { } while (0)
12604 +#endif /* CONFIG_VSERVER_HISTORY */
12606 +#endif /* _VX_HISTORY_H */
12607 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/inode_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/inode_cmd.h
12608 --- linux-2.6.25/include/linux/vserver/inode_cmd.h 1969-12-31 19:00:00.000000000 -0500
12609 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/inode_cmd.h 2008-04-19 15:14:52.000000000 -0400
12611 +#ifndef _VX_INODE_CMD_H
12612 +#define _VX_INODE_CMD_H
12615 +/* inode vserver commands */
12617 +#define VCMD_get_iattr VC_CMD(INODE, 1, 1)
12618 +#define VCMD_set_iattr VC_CMD(INODE, 2, 1)
12620 +#define VCMD_fget_iattr VC_CMD(INODE, 3, 0)
12621 +#define VCMD_fset_iattr VC_CMD(INODE, 4, 0)
12623 +struct vcmd_ctx_iattr_v1 {
12624 + const char __user *name;
12630 +struct vcmd_ctx_fiattr_v0 {
12640 +#ifdef CONFIG_COMPAT
12642 +#include <asm/compat.h>
12644 +struct vcmd_ctx_iattr_v1_x32 {
12645 + compat_uptr_t name_ptr;
12651 +#endif /* CONFIG_COMPAT */
12653 +#include <linux/compiler.h>
12655 +extern int vc_get_iattr(void __user *);
12656 +extern int vc_set_iattr(void __user *);
12658 +extern int vc_fget_iattr(uint32_t, void __user *);
12659 +extern int vc_fset_iattr(uint32_t, void __user *);
12661 +#ifdef CONFIG_COMPAT
12663 +extern int vc_get_iattr_x32(void __user *);
12664 +extern int vc_set_iattr_x32(void __user *);
12666 +#endif /* CONFIG_COMPAT */
12668 +#endif /* __KERNEL__ */
12669 +#endif /* _VX_INODE_CMD_H */
12670 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/inode.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/inode.h
12671 --- linux-2.6.25/include/linux/vserver/inode.h 1969-12-31 19:00:00.000000000 -0500
12672 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/inode.h 2008-04-19 15:14:52.000000000 -0400
12674 +#ifndef _VX_INODE_H
12675 +#define _VX_INODE_H
12678 +#define IATTR_TAG 0x01000000
12680 +#define IATTR_ADMIN 0x00000001
12681 +#define IATTR_WATCH 0x00000002
12682 +#define IATTR_HIDE 0x00000004
12683 +#define IATTR_FLAGS 0x00000007
12685 +#define IATTR_BARRIER 0x00010000
12686 +#define IATTR_IUNLINK 0x00020000
12687 +#define IATTR_IMMUTABLE 0x00040000
12692 +#ifdef CONFIG_VSERVER_PROC_SECURE
12693 +#define IATTR_PROC_DEFAULT ( IATTR_ADMIN | IATTR_HIDE )
12694 +#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
12696 +#define IATTR_PROC_DEFAULT ( IATTR_ADMIN )
12697 +#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
12700 +#define vx_hide_check(c, m) (((m) & IATTR_HIDE) ? vx_check(c, m) : 1)
12702 +#endif /* __KERNEL__ */
12704 +/* inode ioctls */
12706 +#define FIOC_GETXFLG _IOR('x', 5, long)
12707 +#define FIOC_SETXFLG _IOW('x', 6, long)
12709 +#else /* _VX_INODE_H */
12710 +#warning duplicate inclusion
12711 +#endif /* _VX_INODE_H */
12712 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/Kbuild linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/Kbuild
12713 --- linux-2.6.25/include/linux/vserver/Kbuild 1969-12-31 19:00:00.000000000 -0500
12714 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/Kbuild 2008-04-19 15:14:52.000000000 -0400
12717 +unifdef-y += context_cmd.h network_cmd.h space_cmd.h \
12718 + cacct_cmd.h cvirt_cmd.h limit_cmd.h dlimit_cmd.h \
12719 + inode_cmd.h tag_cmd.h sched_cmd.h signal_cmd.h \
12720 + debug_cmd.h device_cmd.h
12722 +unifdef-y += switch.h network.h monitor.h inode.h device.h
12724 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/limit_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit_cmd.h
12725 --- linux-2.6.25/include/linux/vserver/limit_cmd.h 1969-12-31 19:00:00.000000000 -0500
12726 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit_cmd.h 2008-04-19 15:14:52.000000000 -0400
12728 +#ifndef _VX_LIMIT_CMD_H
12729 +#define _VX_LIMIT_CMD_H
12732 +/* rlimit vserver commands */
12734 +#define VCMD_get_rlimit VC_CMD(RLIMIT, 1, 0)
12735 +#define VCMD_set_rlimit VC_CMD(RLIMIT, 2, 0)
12736 +#define VCMD_get_rlimit_mask VC_CMD(RLIMIT, 3, 0)
12737 +#define VCMD_reset_minmax VC_CMD(RLIMIT, 9, 0)
12739 +struct vcmd_ctx_rlimit_v0 {
12741 + uint64_t minimum;
12742 + uint64_t softlimit;
12743 + uint64_t maximum;
12746 +struct vcmd_ctx_rlimit_mask_v0 {
12747 + uint32_t minimum;
12748 + uint32_t softlimit;
12749 + uint32_t maximum;
12752 +#define VCMD_rlimit_stat VC_CMD(VSTAT, 1, 0)
12754 +struct vcmd_rlimit_stat_v0 {
12758 + uint64_t minimum;
12759 + uint64_t maximum;
12762 +#define CRLIM_UNSET (0ULL)
12763 +#define CRLIM_INFINITY (~0ULL)
12764 +#define CRLIM_KEEP (~1ULL)
12768 +#ifdef CONFIG_IA32_EMULATION
12770 +struct vcmd_ctx_rlimit_v0_x32 {
12772 + uint64_t minimum;
12773 + uint64_t softlimit;
12774 + uint64_t maximum;
12775 +} __attribute__ ((aligned (4)));
12777 +#endif /* CONFIG_IA32_EMULATION */
12779 +#include <linux/compiler.h>
12781 +extern int vc_get_rlimit_mask(uint32_t, void __user *);
12782 +extern int vc_get_rlimit(struct vx_info *, void __user *);
12783 +extern int vc_set_rlimit(struct vx_info *, void __user *);
12784 +extern int vc_reset_minmax(struct vx_info *, void __user *);
12786 +extern int vc_rlimit_stat(struct vx_info *, void __user *);
12788 +#ifdef CONFIG_IA32_EMULATION
12790 +extern int vc_get_rlimit_x32(struct vx_info *, void __user *);
12791 +extern int vc_set_rlimit_x32(struct vx_info *, void __user *);
12793 +#endif /* CONFIG_IA32_EMULATION */
12795 +#endif /* __KERNEL__ */
12796 +#endif /* _VX_LIMIT_CMD_H */
12797 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/limit_def.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit_def.h
12798 --- linux-2.6.25/include/linux/vserver/limit_def.h 1969-12-31 19:00:00.000000000 -0500
12799 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit_def.h 2008-04-19 15:14:52.000000000 -0400
12801 +#ifndef _VX_LIMIT_DEF_H
12802 +#define _VX_LIMIT_DEF_H
12804 +#include <asm/atomic.h>
12805 +#include <asm/resource.h>
12807 +#include "limit.h"
12810 +struct _vx_res_limit {
12811 + rlim_t soft; /* Context soft limit */
12812 + rlim_t hard; /* Context hard limit */
12814 + rlim_atomic_t rcur; /* Current value */
12815 + rlim_t rmin; /* Context minimum */
12816 + rlim_t rmax; /* Context maximum */
12818 + atomic_t lhit; /* Limit hits */
12821 +/* context sub struct */
12823 +struct _vx_limit {
12824 + struct _vx_res_limit res[NUM_LIMITS];
12827 +#ifdef CONFIG_VSERVER_DEBUG
12829 +static inline void __dump_vx_limit(struct _vx_limit *limit)
12833 + printk("\t_vx_limit:");
12834 + for (i = 0; i < NUM_LIMITS; i++) {
12835 + printk("\t [%2d] = %8lu %8lu/%8lu, %8ld/%8ld, %8d\n",
12836 + i, (unsigned long)__rlim_get(limit, i),
12837 + (unsigned long)__rlim_rmin(limit, i),
12838 + (unsigned long)__rlim_rmax(limit, i),
12839 + (long)__rlim_soft(limit, i),
12840 + (long)__rlim_hard(limit, i),
12841 + atomic_read(&__rlim_lhit(limit, i)));
12847 +#endif /* _VX_LIMIT_DEF_H */
12848 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/limit.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit.h
12849 --- linux-2.6.25/include/linux/vserver/limit.h 1969-12-31 19:00:00.000000000 -0500
12850 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit.h 2008-04-19 15:14:52.000000000 -0400
12852 +#ifndef _VX_LIMIT_H
12853 +#define _VX_LIMIT_H
12855 +#define VLIMIT_NSOCK 16
12856 +#define VLIMIT_OPENFD 17
12857 +#define VLIMIT_ANON 18
12858 +#define VLIMIT_SHMEM 19
12859 +#define VLIMIT_SEMARY 20
12860 +#define VLIMIT_NSEMS 21
12861 +#define VLIMIT_DENTRY 22
12862 +#define VLIMIT_MAPPED 23
12867 +#define VLIM_NOCHECK ((1L << VLIMIT_DENTRY) | (1L << RLIMIT_RSS))
12869 +/* keep in sync with CRLIM_INFINITY */
12871 +#define VLIM_INFINITY (~0ULL)
12873 +#include <asm/atomic.h>
12874 +#include <asm/resource.h>
12876 +#ifndef RLIM_INFINITY
12877 +#warning RLIM_INFINITY is undefined
12880 +#define __rlim_val(l, r, v) ((l)->res[r].v)
12882 +#define __rlim_soft(l, r) __rlim_val(l, r, soft)
12883 +#define __rlim_hard(l, r) __rlim_val(l, r, hard)
12885 +#define __rlim_rcur(l, r) __rlim_val(l, r, rcur)
12886 +#define __rlim_rmin(l, r) __rlim_val(l, r, rmin)
12887 +#define __rlim_rmax(l, r) __rlim_val(l, r, rmax)
12889 +#define __rlim_lhit(l, r) __rlim_val(l, r, lhit)
12890 +#define __rlim_hit(l, r) atomic_inc(&__rlim_lhit(l, r))
12892 +typedef atomic_long_t rlim_atomic_t;
12893 +typedef unsigned long rlim_t;
12895 +#define __rlim_get(l, r) atomic_long_read(&__rlim_rcur(l, r))
12896 +#define __rlim_set(l, r, v) atomic_long_set(&__rlim_rcur(l, r), v)
12897 +#define __rlim_inc(l, r) atomic_long_inc(&__rlim_rcur(l, r))
12898 +#define __rlim_dec(l, r) atomic_long_dec(&__rlim_rcur(l, r))
12899 +#define __rlim_add(l, r, v) atomic_long_add(v, &__rlim_rcur(l, r))
12900 +#define __rlim_sub(l, r, v) atomic_long_sub(v, &__rlim_rcur(l, r))
12903 +#if (RLIM_INFINITY == VLIM_INFINITY)
12904 +#define VX_VLIM(r) ((long long)(long)(r))
12905 +#define VX_RLIM(v) ((rlim_t)(v))
12907 +#define VX_VLIM(r) (((r) == RLIM_INFINITY) \
12908 + ? VLIM_INFINITY : (long long)(r))
12909 +#define VX_RLIM(v) (((v) == VLIM_INFINITY) \
12910 + ? RLIM_INFINITY : (rlim_t)(v))
12915 +void vx_vsi_meminfo(struct sysinfo *);
12916 +void vx_vsi_swapinfo(struct sysinfo *);
12918 +#define NUM_LIMITS 24
12920 +#endif /* __KERNEL__ */
12921 +#endif /* _VX_LIMIT_H */
12922 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/limit_int.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit_int.h
12923 --- linux-2.6.25/include/linux/vserver/limit_int.h 1969-12-31 19:00:00.000000000 -0500
12924 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/limit_int.h 2008-04-19 15:14:52.000000000 -0400
12926 +#ifndef _VX_LIMIT_INT_H
12927 +#define _VX_LIMIT_INT_H
12929 +#include "context.h"
12933 +#define VXD_RCRES_COND(r) VXD_CBIT(cres, r)
12934 +#define VXD_RLIMIT_COND(r) VXD_CBIT(limit, r)
12936 +extern const char *vlimit_name[NUM_LIMITS];
12938 +static inline void __vx_acc_cres(struct vx_info *vxi,
12939 + int res, int dir, void *_data, char *_file, int _line)
12941 + if (VXD_RCRES_COND(res))
12942 + vxlprintk(1, "vx_acc_cres[%5d,%s,%2d]: %5ld%s (%p)",
12943 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
12944 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
12945 + (dir > 0) ? "++" : "--", _data, _file, _line);
12950 + __rlim_inc(&vxi->limit, res);
12952 + __rlim_dec(&vxi->limit, res);
12955 +static inline void __vx_add_cres(struct vx_info *vxi,
12956 + int res, int amount, void *_data, char *_file, int _line)
12958 + if (VXD_RCRES_COND(res))
12959 + vxlprintk(1, "vx_add_cres[%5d,%s,%2d]: %5ld += %5d (%p)",
12960 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
12961 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
12962 + amount, _data, _file, _line);
12967 + __rlim_add(&vxi->limit, res, amount);
12971 +int __vx_cres_adjust_max(struct _vx_limit *limit, int res, rlim_t value)
12973 + int cond = (value > __rlim_rmax(limit, res));
12976 + __rlim_rmax(limit, res) = value;
12981 +int __vx_cres_adjust_min(struct _vx_limit *limit, int res, rlim_t value)
12983 + int cond = (value < __rlim_rmin(limit, res));
12986 + __rlim_rmin(limit, res) = value;
12991 +void __vx_cres_fixup(struct _vx_limit *limit, int res, rlim_t value)
12993 + if (!__vx_cres_adjust_max(limit, res, value))
12994 + __vx_cres_adjust_min(limit, res, value);
12999 + +1 ... no limit hit
13000 + -1 ... over soft limit
13001 + 0 ... over hard limit */
13003 +static inline int __vx_cres_avail(struct vx_info *vxi,
13004 + int res, int num, char *_file, int _line)
13006 + struct _vx_limit *limit;
13009 + if (VXD_RLIMIT_COND(res))
13010 + vxlprintk(1, "vx_cres_avail[%5d,%s,%2d]: %5ld/%5ld > %5ld + %5d",
13011 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
13012 + (vxi ? (long)__rlim_soft(&vxi->limit, res) : -1),
13013 + (vxi ? (long)__rlim_hard(&vxi->limit, res) : -1),
13014 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
13015 + num, _file, _line);
13019 + limit = &vxi->limit;
13020 + value = __rlim_get(limit, res);
13022 + if (!__vx_cres_adjust_max(limit, res, value))
13023 + __vx_cres_adjust_min(limit, res, value);
13028 + if (__rlim_soft(limit, res) == RLIM_INFINITY)
13030 + if (value + num <= __rlim_soft(limit, res))
13033 + if (__rlim_hard(limit, res) == RLIM_INFINITY)
13035 + if (value + num <= __rlim_hard(limit, res))
13038 + __rlim_hit(limit, res);
13043 +static const int VLA_RSS[] = { RLIMIT_RSS, VLIMIT_ANON, VLIMIT_MAPPED, 0 };
13046 +rlim_t __vx_cres_array_sum(struct _vx_limit *limit, const int *array)
13048 + rlim_t value, sum = 0;
13051 + while ((res = *array++)) {
13052 + value = __rlim_get(limit, res);
13053 + __vx_cres_fixup(limit, res, value);
13060 +rlim_t __vx_cres_array_fixup(struct _vx_limit *limit, const int *array)
13062 + rlim_t value = __vx_cres_array_sum(limit, array + 1);
13063 + int res = *array;
13065 + if (value == __rlim_get(limit, res))
13068 + __rlim_set(limit, res, value);
13069 + /* now adjust min/max */
13070 + if (!__vx_cres_adjust_max(limit, res, value))
13071 + __vx_cres_adjust_min(limit, res, value);
13076 +static inline int __vx_cres_array_avail(struct vx_info *vxi,
13077 + const int *array, int num, char *_file, int _line)
13079 + struct _vx_limit *limit;
13080 + rlim_t value = 0;
13088 + limit = &vxi->limit;
13090 + value = __vx_cres_array_sum(limit, array + 1);
13092 + __rlim_set(limit, res, value);
13093 + __vx_cres_fixup(limit, res, value);
13095 + return __vx_cres_avail(vxi, res, num, _file, _line);
13099 +static inline void vx_limit_fixup(struct _vx_limit *limit, int id)
13104 + /* complex resources first */
13105 + if ((id < 0) || (id == RLIMIT_RSS))
13106 + __vx_cres_array_fixup(limit, VLA_RSS);
13108 + for (res = 0; res < NUM_LIMITS; res++) {
13109 + if ((id > 0) && (res != id))
13112 + value = __rlim_get(limit, res);
13113 + __vx_cres_fixup(limit, res, value);
13115 + /* not supposed to happen, maybe warn? */
13116 + if (__rlim_rmax(limit, res) > __rlim_hard(limit, res))
13117 + __rlim_rmax(limit, res) = __rlim_hard(limit, res);
13122 +#endif /* __KERNEL__ */
13123 +#endif /* _VX_LIMIT_INT_H */
13124 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/monitor.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/monitor.h
13125 --- linux-2.6.25/include/linux/vserver/monitor.h 1969-12-31 19:00:00.000000000 -0500
13126 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/monitor.h 2008-04-19 15:14:52.000000000 -0400
13128 +#ifndef _VX_MONITOR_H
13129 +#define _VX_MONITOR_H
13131 +#include <linux/types.h>
13138 + VXM_UPDATE = 0x20,
13142 + VXM_RQINFO_1 = 0x24,
13145 + VXM_ACTIVATE = 0x40,
13152 + VXM_MIGRATE = 0x48,
13155 + /* all other bits are flags */
13156 + VXM_SCHED = 0x80,
13159 +struct _vxm_update_1 {
13160 + uint32_t tokens_max;
13161 + uint32_t fill_rate;
13162 + uint32_t interval;
13165 +struct _vxm_update_2 {
13166 + uint32_t tokens_min;
13167 + uint32_t fill_rate;
13168 + uint32_t interval;
13171 +struct _vxm_rqinfo_1 {
13172 + uint16_t running;
13176 + uint32_t idle_tokens;
13179 +struct _vxm_rqinfo_2 {
13180 + uint32_t norm_time;
13181 + uint32_t idle_time;
13182 + uint32_t idle_skip;
13185 +struct _vxm_sched {
13187 + uint32_t norm_time;
13188 + uint32_t idle_time;
13191 +struct _vxm_task {
13196 +struct _vxm_event {
13205 + struct _vxm_task tsk;
13209 +struct _vx_mon_entry {
13213 + struct _vxm_event ev;
13214 + struct _vxm_sched sd;
13215 + struct _vxm_update_1 u1;
13216 + struct _vxm_update_2 u2;
13217 + struct _vxm_rqinfo_1 q1;
13218 + struct _vxm_rqinfo_2 q2;
13223 +#endif /* _VX_MONITOR_H */
13224 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/network_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/network_cmd.h
13225 --- linux-2.6.25/include/linux/vserver/network_cmd.h 1969-12-31 19:00:00.000000000 -0500
13226 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/network_cmd.h 2008-04-19 15:14:52.000000000 -0400
13228 +#ifndef _VX_NETWORK_CMD_H
13229 +#define _VX_NETWORK_CMD_H
13232 +/* vinfo commands */
13234 +#define VCMD_task_nid VC_CMD(VINFO, 2, 0)
13237 +extern int vc_task_nid(uint32_t);
13239 +#endif /* __KERNEL__ */
13241 +#define VCMD_nx_info VC_CMD(VINFO, 6, 0)
13243 +struct vcmd_nx_info_v0 {
13245 + /* more to come */
13249 +extern int vc_nx_info(struct nx_info *, void __user *);
13251 +#endif /* __KERNEL__ */
13253 +#include <linux/in.h>
13254 +#include <linux/in6.h>
13256 +#define VCMD_net_create_v0 VC_CMD(VNET, 1, 0)
13257 +#define VCMD_net_create VC_CMD(VNET, 1, 1)
13259 +struct vcmd_net_create {
13260 + uint64_t flagword;
13263 +#define VCMD_net_migrate VC_CMD(NETMIG, 1, 0)
13265 +#define VCMD_net_add VC_CMD(NETALT, 1, 0)
13266 +#define VCMD_net_remove VC_CMD(NETALT, 2, 0)
13268 +struct vcmd_net_addr_v0 {
13271 + struct in_addr ip[4];
13272 + struct in_addr mask[4];
13275 +#define VCMD_net_add_ipv4 VC_CMD(NETALT, 1, 1)
13276 +#define VCMD_net_remove_ipv4 VC_CMD(NETALT, 2, 1)
13278 +struct vcmd_net_addr_ipv4_v1 {
13281 + struct in_addr ip;
13282 + struct in_addr mask;
13285 +#define VCMD_net_add_ipv6 VC_CMD(NETALT, 3, 1)
13286 +#define VCMD_net_remove_ipv6 VC_CMD(NETALT, 4, 1)
13288 +struct vcmd_net_addr_ipv6_v1 {
13292 + struct in6_addr ip;
13293 + struct in6_addr mask;
13296 +#define VCMD_add_match_ipv4 VC_CMD(NETALT, 5, 0)
13297 +#define VCMD_get_match_ipv4 VC_CMD(NETALT, 6, 0)
13299 +struct vcmd_match_ipv4_v0 {
13304 + struct in_addr ip;
13305 + struct in_addr ip2;
13306 + struct in_addr mask;
13309 +#define VCMD_add_match_ipv6 VC_CMD(NETALT, 7, 0)
13310 +#define VCMD_get_match_ipv6 VC_CMD(NETALT, 8, 0)
13312 +struct vcmd_match_ipv6_v0 {
13317 + struct in6_addr ip;
13318 + struct in6_addr ip2;
13319 + struct in6_addr mask;
13324 +extern int vc_net_create(uint32_t, void __user *);
13325 +extern int vc_net_migrate(struct nx_info *, void __user *);
13327 +extern int vc_net_add(struct nx_info *, void __user *);
13328 +extern int vc_net_remove(struct nx_info *, void __user *);
13330 +extern int vc_net_add_ipv4(struct nx_info *, void __user *);
13331 +extern int vc_net_remove_ipv4(struct nx_info *, void __user *);
13333 +extern int vc_net_add_ipv6(struct nx_info *, void __user *);
13334 +extern int vc_net_remove_ipv6(struct nx_info *, void __user *);
13336 +extern int vc_add_match_ipv4(struct nx_info *, void __user *);
13337 +extern int vc_get_match_ipv4(struct nx_info *, void __user *);
13339 +extern int vc_add_match_ipv6(struct nx_info *, void __user *);
13340 +extern int vc_get_match_ipv6(struct nx_info *, void __user *);
13342 +#endif /* __KERNEL__ */
13345 +/* flag commands */
13347 +#define VCMD_get_nflags VC_CMD(FLAGS, 5, 0)
13348 +#define VCMD_set_nflags VC_CMD(FLAGS, 6, 0)
13350 +struct vcmd_net_flags_v0 {
13351 + uint64_t flagword;
13356 +extern int vc_get_nflags(struct nx_info *, void __user *);
13357 +extern int vc_set_nflags(struct nx_info *, void __user *);
13359 +#endif /* __KERNEL__ */
13362 +/* network caps commands */
13364 +#define VCMD_get_ncaps VC_CMD(FLAGS, 7, 0)
13365 +#define VCMD_set_ncaps VC_CMD(FLAGS, 8, 0)
13367 +struct vcmd_net_caps_v0 {
13373 +extern int vc_get_ncaps(struct nx_info *, void __user *);
13374 +extern int vc_set_ncaps(struct nx_info *, void __user *);
13376 +#endif /* __KERNEL__ */
13377 +#endif /* _VX_CONTEXT_CMD_H */
13378 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/network.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/network.h
13379 --- linux-2.6.25/include/linux/vserver/network.h 1969-12-31 19:00:00.000000000 -0500
13380 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/network.h 2008-04-19 15:14:52.000000000 -0400
13382 +#ifndef _VX_NETWORK_H
13383 +#define _VX_NETWORK_H
13385 +#include <linux/types.h>
13388 +#define MAX_N_CONTEXT 65535 /* Arbitrary limit */
13391 +/* network flags */
13393 +#define NXF_INFO_PRIVATE 0x00000008
13395 +#define NXF_SINGLE_IP 0x00000100
13396 +#define NXF_LBACK_REMAP 0x00000200
13397 +#define NXF_LBACK_ALLOW 0x00000400
13399 +#define NXF_HIDE_NETIF 0x02000000
13400 +#define NXF_HIDE_LBACK 0x04000000
13402 +#define NXF_STATE_SETUP (1ULL << 32)
13403 +#define NXF_STATE_ADMIN (1ULL << 34)
13405 +#define NXF_SC_HELPER (1ULL << 36)
13406 +#define NXF_PERSISTENT (1ULL << 38)
13408 +#define NXF_ONE_TIME (0x0005ULL << 32)
13411 +#define NXF_INIT_SET (__nxf_init_set())
13413 +static inline uint64_t __nxf_init_set(void) {
13414 + return NXF_STATE_ADMIN
13415 +#ifdef CONFIG_VSERVER_AUTO_LBACK
13416 + | NXF_LBACK_REMAP
13419 +#ifdef CONFIG_VSERVER_AUTO_SINGLE
13422 + | NXF_HIDE_NETIF;
13426 +/* network caps */
13428 +#define NXC_TUN_CREATE 0x00000001
13430 +#define NXC_RAW_ICMP 0x00000100
13433 +/* address types */
13435 +#define NXA_TYPE_IPV4 0x0001
13436 +#define NXA_TYPE_IPV6 0x0002
13438 +#define NXA_TYPE_NONE 0x0000
13439 +#define NXA_TYPE_ANY 0x00FF
13441 +#define NXA_TYPE_ADDR 0x0010
13442 +#define NXA_TYPE_MASK 0x0020
13443 +#define NXA_TYPE_RANGE 0x0040
13445 +#define NXA_MASK_ALL (NXA_TYPE_ADDR | NXA_TYPE_MASK | NXA_TYPE_RANGE)
13447 +#define NXA_MOD_BCAST 0x0100
13448 +#define NXA_MOD_LBACK 0x0200
13450 +#define NXA_LOOPBACK 0x1000
13452 +#define NXA_MASK_BIND (NXA_MASK_ALL | NXA_MOD_BCAST | NXA_MOD_LBACK)
13453 +#define NXA_MASK_SHOW (NXA_MASK_ALL | NXA_LOOPBACK)
13457 +#include <linux/list.h>
13458 +#include <linux/spinlock.h>
13459 +#include <linux/rcupdate.h>
13460 +#include <linux/in.h>
13461 +#include <linux/in6.h>
13462 +#include <asm/atomic.h>
13464 +struct nx_addr_v4 {
13465 + struct nx_addr_v4 *next;
13466 + struct in_addr ip[2];
13467 + struct in_addr mask;
13472 +struct nx_addr_v6 {
13473 + struct nx_addr_v6 *next;
13474 + struct in6_addr ip;
13475 + struct in6_addr mask;
13482 + struct hlist_node nx_hlist; /* linked list of nxinfos */
13483 + nid_t nx_id; /* vnet id */
13484 + atomic_t nx_usecnt; /* usage count */
13485 + atomic_t nx_tasks; /* tasks count */
13486 + int nx_state; /* context state */
13488 + uint64_t nx_flags; /* network flag word */
13489 + uint64_t nx_ncaps; /* network capabilities */
13491 + struct in_addr v4_lback; /* Loopback address */
13492 + struct in_addr v4_bcast; /* Broadcast address */
13493 + struct nx_addr_v4 v4; /* First/Single ipv4 address */
13494 +#ifdef CONFIG_IPV6
13495 + struct nx_addr_v6 v6; /* First/Single ipv6 address */
13497 + char nx_name[65]; /* network context name */
13501 +/* status flags */
13503 +#define NXS_HASHED 0x0001
13504 +#define NXS_SHUTDOWN 0x0100
13505 +#define NXS_RELEASED 0x8000
13507 +extern struct nx_info *lookup_nx_info(int);
13509 +extern int get_nid_list(int, unsigned int *, int);
13510 +extern int nid_is_hashed(nid_t);
13512 +extern int nx_migrate_task(struct task_struct *, struct nx_info *);
13514 +extern long vs_net_change(struct nx_info *, unsigned int);
13519 +#define NX_IPV4(n) ((n)->v4.type != NXA_TYPE_NONE)
13520 +#ifdef CONFIG_IPV6
13521 +#define NX_IPV6(n) ((n)->v6.type != NXA_TYPE_NONE)
13523 +#define NX_IPV6(n) (0)
13526 +#endif /* __KERNEL__ */
13527 +#endif /* _VX_NETWORK_H */
13528 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/percpu.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/percpu.h
13529 --- linux-2.6.25/include/linux/vserver/percpu.h 1969-12-31 19:00:00.000000000 -0500
13530 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/percpu.h 2008-04-19 15:14:52.000000000 -0400
13532 +#ifndef _VX_PERCPU_H
13533 +#define _VX_PERCPU_H
13535 +#include "cvirt_def.h"
13536 +#include "sched_def.h"
13538 +struct _vx_percpu {
13539 + struct _vx_cvirt_pc cvirt;
13540 + struct _vx_sched_pc sched;
13543 +#define PERCPU_PERCTX (sizeof(struct _vx_percpu))
13545 +#endif /* _VX_PERCPU_H */
13546 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/pid.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/pid.h
13547 --- linux-2.6.25/include/linux/vserver/pid.h 1969-12-31 19:00:00.000000000 -0500
13548 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/pid.h 2008-04-19 15:14:52.000000000 -0400
13550 +#ifndef _VSERVER_PID_H
13551 +#define _VSERVER_PID_H
13553 +/* pid faking stuff */
13555 +#define vx_info_map_pid(v, p) \
13556 + __vx_info_map_pid((v), (p), __FUNC__, __FILE__, __LINE__)
13557 +#define vx_info_map_tgid(v,p) vx_info_map_pid(v,p)
13558 +#define vx_map_pid(p) vx_info_map_pid(current->vx_info, p)
13559 +#define vx_map_tgid(p) vx_map_pid(p)
13561 +static inline int __vx_info_map_pid(struct vx_info *vxi, int pid,
13562 + const char *func, const char *file, int line)
13564 + if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
13565 + vxfprintk(VXD_CBIT(cvirt, 2),
13566 + "vx_map_tgid: %p/%llx: %d -> %d",
13567 + vxi, (long long)vxi->vx_flags, pid,
13568 + (pid && pid == vxi->vx_initpid) ? 1 : pid,
13569 + func, file, line);
13572 + if (pid == vxi->vx_initpid)
13578 +#define vx_info_rmap_pid(v, p) \
13579 + __vx_info_rmap_pid((v), (p), __FUNC__, __FILE__, __LINE__)
13580 +#define vx_rmap_pid(p) vx_info_rmap_pid(current->vx_info, p)
13581 +#define vx_rmap_tgid(p) vx_rmap_pid(p)
13583 +static inline int __vx_info_rmap_pid(struct vx_info *vxi, int pid,
13584 + const char *func, const char *file, int line)
13586 + if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
13587 + vxfprintk(VXD_CBIT(cvirt, 2),
13588 + "vx_rmap_tgid: %p/%llx: %d -> %d",
13589 + vxi, (long long)vxi->vx_flags, pid,
13590 + (pid == 1) ? vxi->vx_initpid : pid,
13591 + func, file, line);
13592 + if ((pid == 1) && vxi->vx_initpid)
13593 + return vxi->vx_initpid;
13594 + if (pid == vxi->vx_initpid)
13601 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/sched_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/sched_cmd.h
13602 --- linux-2.6.25/include/linux/vserver/sched_cmd.h 1969-12-31 19:00:00.000000000 -0500
13603 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/sched_cmd.h 2008-04-19 15:14:52.000000000 -0400
13605 +#ifndef _VX_SCHED_CMD_H
13606 +#define _VX_SCHED_CMD_H
13609 +/* sched vserver commands */
13611 +#define VCMD_set_sched_v2 VC_CMD(SCHED, 1, 2)
13612 +#define VCMD_set_sched_v3 VC_CMD(SCHED, 1, 3)
13613 +#define VCMD_set_sched_v4 VC_CMD(SCHED, 1, 4)
13615 +struct vcmd_set_sched_v2 {
13616 + int32_t fill_rate;
13617 + int32_t interval;
13619 + int32_t tokens_min;
13620 + int32_t tokens_max;
13621 + uint64_t cpu_mask;
13624 +struct vcmd_set_sched_v3 {
13625 + uint32_t set_mask;
13626 + int32_t fill_rate;
13627 + int32_t interval;
13629 + int32_t tokens_min;
13630 + int32_t tokens_max;
13631 + int32_t priority_bias;
13634 +struct vcmd_set_sched_v4 {
13635 + uint32_t set_mask;
13636 + int32_t fill_rate;
13637 + int32_t interval;
13639 + int32_t tokens_min;
13640 + int32_t tokens_max;
13641 + int32_t prio_bias;
13643 + int32_t bucket_id;
13646 +#define VCMD_set_sched VC_CMD(SCHED, 1, 5)
13647 +#define VCMD_get_sched VC_CMD(SCHED, 2, 5)
13649 +struct vcmd_sched_v5 {
13652 + int32_t bucket_id;
13653 + int32_t fill_rate[2];
13654 + int32_t interval[2];
13656 + int32_t tokens_min;
13657 + int32_t tokens_max;
13658 + int32_t prio_bias;
13661 +#define VXSM_FILL_RATE 0x0001
13662 +#define VXSM_INTERVAL 0x0002
13663 +#define VXSM_FILL_RATE2 0x0004
13664 +#define VXSM_INTERVAL2 0x0008
13665 +#define VXSM_TOKENS 0x0010
13666 +#define VXSM_TOKENS_MIN 0x0020
13667 +#define VXSM_TOKENS_MAX 0x0040
13668 +#define VXSM_PRIO_BIAS 0x0100
13670 +#define VXSM_IDLE_TIME 0x0200
13671 +#define VXSM_FORCE 0x0400
13673 +#define VXSM_V3_MASK 0x0173
13674 +#define VXSM_SET_MASK 0x01FF
13676 +#define VXSM_CPU_ID 0x1000
13677 +#define VXSM_BUCKET_ID 0x2000
13679 +#define VXSM_MSEC 0x4000
13681 +#define SCHED_KEEP (-2) /* only for v2 */
13685 +#include <linux/compiler.h>
13687 +extern int vc_set_sched_v2(struct vx_info *, void __user *);
13688 +extern int vc_set_sched_v3(struct vx_info *, void __user *);
13689 +extern int vc_set_sched_v4(struct vx_info *, void __user *);
13690 +extern int vc_set_sched(struct vx_info *, void __user *);
13691 +extern int vc_get_sched(struct vx_info *, void __user *);
13693 +#endif /* __KERNEL__ */
13695 +#define VCMD_sched_info VC_CMD(SCHED, 3, 0)
13697 +struct vcmd_sched_info {
13699 + int32_t bucket_id;
13700 + uint64_t user_msec;
13701 + uint64_t sys_msec;
13702 + uint64_t hold_msec;
13703 + uint32_t token_usec;
13704 + int32_t vavavoom;
13709 +extern int vc_sched_info(struct vx_info *, void __user *);
13711 +#endif /* __KERNEL__ */
13712 +#endif /* _VX_SCHED_CMD_H */
13713 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/sched_def.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/sched_def.h
13714 --- linux-2.6.25/include/linux/vserver/sched_def.h 1969-12-31 19:00:00.000000000 -0500
13715 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/sched_def.h 2008-04-19 15:14:52.000000000 -0400
13717 +#ifndef _VX_SCHED_DEF_H
13718 +#define _VX_SCHED_DEF_H
13720 +#include <linux/spinlock.h>
13721 +#include <linux/jiffies.h>
13722 +#include <linux/cpumask.h>
13723 +#include <asm/atomic.h>
13724 +#include <asm/param.h>
13727 +/* context sub struct */
13729 +struct _vx_sched {
13730 + spinlock_t tokens_lock; /* lock for token bucket */
13732 + int tokens; /* number of CPU tokens */
13733 + int fill_rate[2]; /* Fill rate: add X tokens... */
13734 + int interval[2]; /* Divisor: per Y jiffies */
13735 + int tokens_min; /* Limit: minimum for unhold */
13736 + int tokens_max; /* Limit: no more than N tokens */
13738 + int prio_bias; /* bias offset for priority */
13740 + unsigned update_mask; /* which features should be updated */
13741 + cpumask_t update; /* CPUs which should update */
13744 +struct _vx_sched_pc {
13745 + int tokens; /* number of CPU tokens */
13746 + int flags; /* bucket flags */
13748 + int fill_rate[2]; /* Fill rate: add X tokens... */
13749 + int interval[2]; /* Divisor: per Y jiffies */
13750 + int tokens_min; /* Limit: minimum for unhold */
13751 + int tokens_max; /* Limit: no more than N tokens */
13753 + int prio_bias; /* bias offset for priority */
13754 + int vavavoom; /* last calculated vavavoom */
13756 + unsigned long norm_time; /* last time accounted */
13757 + unsigned long idle_time; /* non linear time for fair sched */
13758 + unsigned long token_time; /* token time for accounting */
13759 + unsigned long onhold; /* jiffies when put on hold */
13761 + uint64_t user_ticks; /* token tick events */
13762 + uint64_t sys_ticks; /* token tick events */
13763 + uint64_t hold_ticks; /* token ticks paused */
13767 +#define VXSF_ONHOLD 0x0001
13768 +#define VXSF_IDLE_TIME 0x0100
13770 +#ifdef CONFIG_VSERVER_DEBUG
13772 +static inline void __dump_vx_sched(struct _vx_sched *sched)
13774 + printk("\t_vx_sched:\n");
13775 + printk("\t tokens: %4d/%4d, %4d/%4d, %4d, %4d\n",
13776 + sched->fill_rate[0], sched->interval[0],
13777 + sched->fill_rate[1], sched->interval[1],
13778 + sched->tokens_min, sched->tokens_max);
13779 + printk("\t priority = %4d\n", sched->prio_bias);
13784 +#endif /* _VX_SCHED_DEF_H */
13785 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/sched.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/sched.h
13786 --- linux-2.6.25/include/linux/vserver/sched.h 1969-12-31 19:00:00.000000000 -0500
13787 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/sched.h 2008-04-19 15:14:52.000000000 -0400
13789 +#ifndef _VX_SCHED_H
13790 +#define _VX_SCHED_H
13797 +void vx_vsi_uptime(struct timespec *, struct timespec *);
13802 +void vx_update_load(struct vx_info *);
13805 +int vx_tokens_recalc(struct _vx_sched_pc *,
13806 + unsigned long *, unsigned long *, int [2]);
13808 +void vx_update_sched_param(struct _vx_sched *sched,
13809 + struct _vx_sched_pc *sched_pc);
13811 +#endif /* __KERNEL__ */
13812 +#else /* _VX_SCHED_H */
13813 +#warning duplicate inclusion
13814 +#endif /* _VX_SCHED_H */
13815 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/signal_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/signal_cmd.h
13816 --- linux-2.6.25/include/linux/vserver/signal_cmd.h 1969-12-31 19:00:00.000000000 -0500
13817 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/signal_cmd.h 2008-04-19 15:14:52.000000000 -0400
13819 +#ifndef _VX_SIGNAL_CMD_H
13820 +#define _VX_SIGNAL_CMD_H
13823 +/* signalling vserver commands */
13825 +#define VCMD_ctx_kill VC_CMD(PROCTRL, 1, 0)
13826 +#define VCMD_wait_exit VC_CMD(EVENT, 99, 0)
13828 +struct vcmd_ctx_kill_v0 {
13833 +struct vcmd_wait_exit_v0 {
13834 + int32_t reboot_cmd;
13835 + int32_t exit_code;
13840 +extern int vc_ctx_kill(struct vx_info *, void __user *);
13841 +extern int vc_wait_exit(struct vx_info *, void __user *);
13843 +#endif /* __KERNEL__ */
13845 +/* process alteration commands */
13847 +#define VCMD_get_pflags VC_CMD(PROCALT, 5, 0)
13848 +#define VCMD_set_pflags VC_CMD(PROCALT, 6, 0)
13850 +struct vcmd_pflags_v0 {
13851 + uint32_t flagword;
13857 +extern int vc_get_pflags(uint32_t pid, void __user *);
13858 +extern int vc_set_pflags(uint32_t pid, void __user *);
13860 +#endif /* __KERNEL__ */
13861 +#endif /* _VX_SIGNAL_CMD_H */
13862 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/signal.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/signal.h
13863 --- linux-2.6.25/include/linux/vserver/signal.h 1969-12-31 19:00:00.000000000 -0500
13864 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/signal.h 2008-04-19 15:14:52.000000000 -0400
13866 +#ifndef _VX_SIGNAL_H
13867 +#define _VX_SIGNAL_H
13874 +int vx_info_kill(struct vx_info *, int, int);
13876 +#endif /* __KERNEL__ */
13877 +#else /* _VX_SIGNAL_H */
13878 +#warning duplicate inclusion
13879 +#endif /* _VX_SIGNAL_H */
13880 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/space_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/space_cmd.h
13881 --- linux-2.6.25/include/linux/vserver/space_cmd.h 1969-12-31 19:00:00.000000000 -0500
13882 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/space_cmd.h 2008-04-19 15:14:52.000000000 -0400
13884 +#ifndef _VX_SPACE_CMD_H
13885 +#define _VX_SPACE_CMD_H
13888 +#define VCMD_enter_space_v0 VC_CMD(PROCALT, 1, 0)
13889 +#define VCMD_enter_space VC_CMD(PROCALT, 1, 1)
13891 +#define VCMD_set_space_v0 VC_CMD(PROCALT, 3, 0)
13892 +#define VCMD_set_space VC_CMD(PROCALT, 3, 1)
13894 +#define VCMD_get_space_mask VC_CMD(PROCALT, 4, 0)
13897 +struct vcmd_space_mask {
13904 +extern int vc_enter_space(struct vx_info *, void __user *);
13905 +extern int vc_set_space(struct vx_info *, void __user *);
13906 +extern int vc_get_space_mask(struct vx_info *, void __user *);
13908 +#endif /* __KERNEL__ */
13909 +#endif /* _VX_SPACE_CMD_H */
13910 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/space.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/space.h
13911 --- linux-2.6.25/include/linux/vserver/space.h 1969-12-31 19:00:00.000000000 -0500
13912 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/space.h 2008-04-19 15:14:52.000000000 -0400
13914 +#ifndef _VX_SPACE_H
13915 +#define _VX_SPACE_H
13918 +#include <linux/types.h>
13922 +int vx_set_space(struct vx_info *vxi, unsigned long mask);
13924 +#else /* _VX_SPACE_H */
13925 +#warning duplicate inclusion
13926 +#endif /* _VX_SPACE_H */
13927 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/switch.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/switch.h
13928 --- linux-2.6.25/include/linux/vserver/switch.h 1969-12-31 19:00:00.000000000 -0500
13929 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/switch.h 2008-04-19 15:14:52.000000000 -0400
13931 +#ifndef _VX_SWITCH_H
13932 +#define _VX_SWITCH_H
13934 +#include <linux/types.h>
13937 +#define VC_CATEGORY(c) (((c) >> 24) & 0x3F)
13938 +#define VC_COMMAND(c) (((c) >> 16) & 0xFF)
13939 +#define VC_VERSION(c) ((c) & 0xFFF)
13941 +#define VC_CMD(c, i, v) ((((VC_CAT_ ## c) & 0x3F) << 24) \
13942 + | (((i) & 0xFF) << 16) | ((v) & 0xFFF))
13946 + Syscall Matrix V2.8
13948 + |VERSION|CREATE |MODIFY |MIGRATE|CONTROL|EXPERIM| |SPECIAL|SPECIAL|
13949 + |STATS |DESTROY|ALTER |CHANGE |LIMIT |TEST | | | |
13950 + |INFO |SETUP | |MOVE | | | | | |
13951 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13952 + SYSTEM |VERSION|VSETUP |VHOST | | | | |DEVICE | |
13953 + HOST | 00| 01| 02| 03| 04| 05| | 06| 07|
13954 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13955 + CPU | |VPROC |PROCALT|PROCMIG|PROCTRL| | |SCHED. | |
13956 + PROCESS| 08| 09| 10| 11| 12| 13| | 14| 15|
13957 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13958 + MEMORY | | | | |MEMCTRL| | |SWAP | |
13959 + | 16| 17| 18| 19| 20| 21| | 22| 23|
13960 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13961 + NETWORK| |VNET |NETALT |NETMIG |NETCTL | | |SERIAL | |
13962 + | 24| 25| 26| 27| 28| 29| | 30| 31|
13963 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13964 + DISK | | | |TAGMIG |DLIMIT | | |INODE | |
13965 + VFS | 32| 33| 34| 35| 36| 37| | 38| 39|
13966 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13967 + OTHER |VSTAT | | | | | | |VINFO | |
13968 + | 40| 41| 42| 43| 44| 45| | 46| 47|
13969 + =======+=======+=======+=======+=======+=======+=======+ +=======+=======+
13970 + SPECIAL|EVENT | | | |FLAGS | | | | |
13971 + | 48| 49| 50| 51| 52| 53| | 54| 55|
13972 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13973 + SPECIAL|DEBUG | | | |RLIMIT |SYSCALL| | |COMPAT |
13974 + | 56| 57| 58| 59| 60|TEST 61| | 62| 63|
13975 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
13979 +#define VC_CAT_VERSION 0
13981 +#define VC_CAT_VSETUP 1
13982 +#define VC_CAT_VHOST 2
13984 +#define VC_CAT_DEVICE 6
13986 +#define VC_CAT_VPROC 9
13987 +#define VC_CAT_PROCALT 10
13988 +#define VC_CAT_PROCMIG 11
13989 +#define VC_CAT_PROCTRL 12
13991 +#define VC_CAT_SCHED 14
13992 +#define VC_CAT_MEMCTRL 20
13994 +#define VC_CAT_VNET 25
13995 +#define VC_CAT_NETALT 26
13996 +#define VC_CAT_NETMIG 27
13997 +#define VC_CAT_NETCTRL 28
13999 +#define VC_CAT_TAGMIG 35
14000 +#define VC_CAT_DLIMIT 36
14001 +#define VC_CAT_INODE 38
14003 +#define VC_CAT_VSTAT 40
14004 +#define VC_CAT_VINFO 46
14005 +#define VC_CAT_EVENT 48
14007 +#define VC_CAT_FLAGS 52
14008 +#define VC_CAT_DEBUG 56
14009 +#define VC_CAT_RLIMIT 60
14011 +#define VC_CAT_SYSTEST 61
14012 +#define VC_CAT_COMPAT 63
14014 +/* query version */
14016 +#define VCMD_get_version VC_CMD(VERSION, 0, 0)
14017 +#define VCMD_get_vci VC_CMD(VERSION, 1, 0)
14022 +#include <linux/errno.h>
14025 +#else /* __KERNEL__ */
14027 +#endif /* __KERNEL__ */
14029 +#endif /* _VX_SWITCH_H */
14030 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/tag_cmd.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/tag_cmd.h
14031 --- linux-2.6.25/include/linux/vserver/tag_cmd.h 1969-12-31 19:00:00.000000000 -0500
14032 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/tag_cmd.h 2008-04-19 15:14:52.000000000 -0400
14034 +#ifndef _VX_TAG_CMD_H
14035 +#define _VX_TAG_CMD_H
14038 +/* vinfo commands */
14040 +#define VCMD_task_tag VC_CMD(VINFO, 3, 0)
14043 +extern int vc_task_tag(uint32_t);
14045 +#endif /* __KERNEL__ */
14047 +/* context commands */
14049 +#define VCMD_tag_migrate VC_CMD(TAGMIG, 1, 0)
14052 +extern int vc_tag_migrate(uint32_t);
14054 +#endif /* __KERNEL__ */
14055 +#endif /* _VX_TAG_CMD_H */
14056 diff -NurpP --minimal linux-2.6.25/include/linux/vserver/tag.h linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/tag.h
14057 --- linux-2.6.25/include/linux/vserver/tag.h 1969-12-31 19:00:00.000000000 -0500
14058 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vserver/tag.h 2008-04-21 13:53:47.000000000 -0400
14063 +#include <linux/types.h>
14066 +#define DX_TAG(in) (IS_TAGGED(in))
14069 +#ifdef CONFIG_DX_TAG_NFSD
14070 +#define DX_TAG_NFSD 1
14072 +#define DX_TAG_NFSD 0
14076 +#ifdef CONFIG_TAGGING_NONE
14078 +#define MAX_UID 0xFFFFFFFF
14079 +#define MAX_GID 0xFFFFFFFF
14081 +#define INOTAG_TAG(cond, uid, gid, tag) (0)
14083 +#define TAGINO_UID(cond, uid, tag) (uid)
14084 +#define TAGINO_GID(cond, gid, tag) (gid)
14089 +#ifdef CONFIG_TAGGING_GID16
14091 +#define MAX_UID 0xFFFFFFFF
14092 +#define MAX_GID 0x0000FFFF
14094 +#define INOTAG_TAG(cond, uid, gid, tag) \
14095 + ((cond) ? (((gid) >> 16) & 0xFFFF) : 0)
14097 +#define TAGINO_UID(cond, uid, tag) (uid)
14098 +#define TAGINO_GID(cond, gid, tag) \
14099 + ((cond) ? (((gid) & 0xFFFF) | ((tag) << 16)) : (gid))
14104 +#ifdef CONFIG_TAGGING_ID24
14106 +#define MAX_UID 0x00FFFFFF
14107 +#define MAX_GID 0x00FFFFFF
14109 +#define INOTAG_TAG(cond, uid, gid, tag) \
14110 + ((cond) ? ((((uid) >> 16) & 0xFF00) | (((gid) >> 24) & 0xFF)) : 0)
14112 +#define TAGINO_UID(cond, uid, tag) \
14113 + ((cond) ? (((uid) & 0xFFFFFF) | (((tag) & 0xFF00) << 16)) : (uid))
14114 +#define TAGINO_GID(cond, gid, tag) \
14115 + ((cond) ? (((gid) & 0xFFFFFF) | (((tag) & 0x00FF) << 24)) : (gid))
14120 +#ifdef CONFIG_TAGGING_UID16
14122 +#define MAX_UID 0x0000FFFF
14123 +#define MAX_GID 0xFFFFFFFF
14125 +#define INOTAG_TAG(cond, uid, gid, tag) \
14126 + ((cond) ? (((uid) >> 16) & 0xFFFF) : 0)
14128 +#define TAGINO_UID(cond, uid, tag) \
14129 + ((cond) ? (((uid) & 0xFFFF) | ((tag) << 16)) : (uid))
14130 +#define TAGINO_GID(cond, gid, tag) (gid)
14135 +#ifdef CONFIG_TAGGING_INTERN
14137 +#define MAX_UID 0xFFFFFFFF
14138 +#define MAX_GID 0xFFFFFFFF
14140 +#define INOTAG_TAG(cond, uid, gid, tag) \
14141 + ((cond) ? (tag) : 0)
14143 +#define TAGINO_UID(cond, uid, tag) (uid)
14144 +#define TAGINO_GID(cond, gid, tag) (gid)
14149 +#ifndef CONFIG_TAGGING_NONE
14150 +#define dx_current_fstag(sb) \
14151 + ((sb)->s_flags & MS_TAGGED ? dx_current_tag() : 0)
14153 +#define dx_current_fstag(sb) (0)
14156 +#ifndef CONFIG_TAGGING_INTERN
14157 +#define TAGINO_TAG(cond, tag) (0)
14159 +#define TAGINO_TAG(cond, tag) ((cond) ? (tag) : 0)
14162 +#define INOTAG_UID(cond, uid, gid) \
14163 + ((cond) ? ((uid) & MAX_UID) : (uid))
14164 +#define INOTAG_GID(cond, uid, gid) \
14165 + ((cond) ? ((gid) & MAX_GID) : (gid))
14168 +static inline uid_t dx_map_uid(uid_t uid)
14170 + if ((uid > MAX_UID) && (uid != -1))
14172 + return (uid & MAX_UID);
14175 +static inline gid_t dx_map_gid(gid_t gid)
14177 + if ((gid > MAX_GID) && (gid != -1))
14179 + return (gid & MAX_GID);
14187 +#define dx_notagcheck(nd) ((nd) && (nd)->path.mnt && \
14188 + ((nd)->path.mnt->mnt_flags & MNT_NOTAGCHECK))
14190 +int dx_parse_tag(char *string, tag_t *tag, int remove);
14192 +#ifdef CONFIG_PROPAGATE
14194 +void __dx_propagate_tag(struct nameidata *nd, struct inode *inode);
14196 +#define dx_propagate_tag(n, i) __dx_propagate_tag(n, i)
14199 +#define dx_propagate_tag(n, i) do { } while (0)
14202 +#endif /* _DX_TAG_H */
14203 diff -NurpP --minimal linux-2.6.25/include/linux/vs_inet6.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_inet6.h
14204 --- linux-2.6.25/include/linux/vs_inet6.h 1969-12-31 19:00:00.000000000 -0500
14205 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_inet6.h 2008-04-19 15:14:52.000000000 -0400
14207 +#ifndef _VS_INET6_H
14208 +#define _VS_INET6_H
14210 +#include "vserver/base.h"
14211 +#include "vserver/network.h"
14212 +#include "vserver/debug.h"
14214 +#include <net/ipv6.h>
14216 +#define NXAV6(a) NIP6((a)->ip), NIP6((a)->mask), (a)->prefix, (a)->type
14217 +#define NXAV6_FMT "[" NIP6_FMT "/" NIP6_FMT "/%d:%04x]"
14220 +#ifdef CONFIG_IPV6
14223 +int v6_addr_match(struct nx_addr_v6 *nxa,
14224 + const struct in6_addr *addr, uint16_t mask)
14226 + switch (nxa->type & mask) {
14227 + case NXA_TYPE_MASK:
14228 + return ipv6_masked_addr_cmp(&nxa->ip, &nxa->mask, addr);
14229 + case NXA_TYPE_ADDR:
14230 + return ipv6_addr_equal(&nxa->ip, addr);
14231 + case NXA_TYPE_ANY:
14239 +int v6_addr_in_nx_info(struct nx_info *nxi,
14240 + const struct in6_addr *addr, uint16_t mask)
14242 + struct nx_addr_v6 *nxa;
14246 + for (nxa = &nxi->v6; nxa; nxa = nxa->next)
14247 + if (v6_addr_match(nxa, addr, mask))
14253 +int v6_nx_addr_match(struct nx_addr_v6 *nxa, struct nx_addr_v6 *addr, uint16_t mask)
14255 + /* FIXME: needs full range checks */
14256 + return v6_addr_match(nxa, &addr->ip, mask);
14260 +int v6_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v6 *nxa, uint16_t mask)
14262 + struct nx_addr_v6 *ptr;
14264 + for (ptr = &nxi->v6; ptr; ptr = ptr->next)
14265 + if (v6_nx_addr_match(ptr, nxa, mask))
14272 + * Check if a given address matches for a socket
14274 + * nxi: the socket's nx_info if any
14275 + * addr: to be verified address
14278 +int v6_sock_addr_match (
14279 + struct nx_info *nxi,
14280 + struct inet_sock *inet,
14281 + struct in6_addr *addr)
14283 + struct sock *sk = &inet->sk;
14284 + struct in6_addr *saddr = inet6_rcv_saddr(sk);
14286 + if (!ipv6_addr_any(addr) &&
14287 + ipv6_addr_equal(saddr, addr))
14289 + if (ipv6_addr_any(saddr))
14290 + return v6_addr_in_nx_info(nxi, addr, -1);
14295 + * check if address is covered by socket
14297 + * sk: the socket to check against
14298 + * addr: the address in question (must be != 0)
14302 +int __v6_addr_match_socket(const struct sock *sk, struct nx_addr_v6 *nxa)
14304 + struct nx_info *nxi = sk->sk_nx_info;
14305 + struct in6_addr *saddr = inet6_rcv_saddr(sk);
14307 + vxdprintk(VXD_CBIT(net, 5),
14308 + "__v6_addr_in_socket(%p," NXAV6_FMT ") %p:" NIP6_FMT " %p;%lx",
14309 + sk, NXAV6(nxa), nxi, NIP6(*saddr), sk->sk_socket,
14310 + (sk->sk_socket?sk->sk_socket->flags:0));
14312 + if (!ipv6_addr_any(saddr)) { /* direct address match */
14313 + return v6_addr_match(nxa, saddr, -1);
14314 + } else if (nxi) { /* match against nx_info */
14315 + return v6_nx_addr_in_nx_info(nxi, nxa, -1);
14316 + } else { /* unrestricted any socket */
14322 +/* inet related checks and helpers */
14326 +struct net_device;
14330 +#include <linux/netdevice.h>
14331 +#include <linux/inetdevice.h>
14332 +#include <net/inet_timewait_sock.h>
14335 +int dev_in_nx_info(struct net_device *, struct nx_info *);
14336 +int v6_dev_in_nx_info(struct net_device *, struct nx_info *);
14337 +int nx_v6_addr_conflict(struct nx_info *, struct nx_info *);
14342 +int v6_ifa_in_nx_info(struct inet6_ifaddr *ifa, struct nx_info *nxi)
14348 + return v6_addr_in_nx_info(nxi, &ifa->addr, -1);
14352 +int nx_v6_ifa_visible(struct nx_info *nxi, struct inet6_ifaddr *ifa)
14354 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
14356 + if (v6_ifa_in_nx_info(ifa, nxi))
14362 +struct nx_v6_sock_addr {
14363 + struct in6_addr saddr; /* Address used for validation */
14364 + struct in6_addr baddr; /* Address used for socket bind */
14368 +int v6_map_sock_addr(struct inet_sock *inet, struct sockaddr_in6 *addr,
14369 + struct nx_v6_sock_addr *nsa)
14371 + // struct sock *sk = &inet->sk;
14372 + // struct nx_info *nxi = sk->sk_nx_info;
14373 + struct in6_addr saddr = addr->sin6_addr;
14374 + struct in6_addr baddr = saddr;
14376 + nsa->saddr = saddr;
14377 + nsa->baddr = baddr;
14382 +void v6_set_sock_addr(struct inet_sock *inet, struct nx_v6_sock_addr *nsa)
14384 + // struct sock *sk = &inet->sk;
14385 + // struct in6_addr *saddr = inet6_rcv_saddr(sk);
14387 + // *saddr = nsa->baddr;
14388 + // inet->saddr = nsa->baddr;
14392 +int nx_info_has_v6(struct nx_info *nxi)
14396 + if (NX_IPV6(nxi))
14401 +#else /* CONFIG_IPV6 */
14404 +int nx_v6_dev_visible(struct nx_info *n, struct net_device *d)
14411 +int nx_v6_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
14417 +int v6_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
14423 +int nx_info_has_v6(struct nx_info *nxi)
14428 +#endif /* CONFIG_IPV6 */
14430 +#define current_nx_info_has_v6() \
14431 + nx_info_has_v6(current_nx_info())
14434 +#warning duplicate inclusion
14436 diff -NurpP --minimal linux-2.6.25/include/linux/vs_inet.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_inet.h
14437 --- linux-2.6.25/include/linux/vs_inet.h 1969-12-31 19:00:00.000000000 -0500
14438 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_inet.h 2008-04-19 15:14:52.000000000 -0400
14440 +#ifndef _VS_INET_H
14441 +#define _VS_INET_H
14443 +#include "vserver/base.h"
14444 +#include "vserver/network.h"
14445 +#include "vserver/debug.h"
14447 +#define IPI_LOOPBACK htonl(INADDR_LOOPBACK)
14449 +#define NXAV4(a) NIPQUAD((a)->ip[0]), NIPQUAD((a)->ip[1]), \
14450 + NIPQUAD((a)->mask), (a)->type
14451 +#define NXAV4_FMT "[" NIPQUAD_FMT "-" NIPQUAD_FMT "/" NIPQUAD_FMT ":%04x]"
14455 +int v4_addr_match(struct nx_addr_v4 *nxa, __be32 addr, uint16_t tmask)
14457 + __be32 ip = nxa->ip[0].s_addr;
14458 + __be32 mask = nxa->mask.s_addr;
14459 + __be32 bcast = ip | ~mask;
14462 + switch (nxa->type & tmask) {
14463 + case NXA_TYPE_MASK:
14464 + ret = (ip == (addr & mask));
14466 + case NXA_TYPE_ADDR:
14470 + /* fall through to broadcast */
14471 + case NXA_MOD_BCAST:
14472 + ret = ((tmask & NXA_MOD_BCAST) && (addr == bcast));
14474 + case NXA_TYPE_RANGE:
14475 + ret = ((nxa->ip[0].s_addr <= addr) &&
14476 + (nxa->ip[1].s_addr > addr));
14478 + case NXA_TYPE_ANY:
14483 + vxdprintk(VXD_CBIT(net, 0),
14484 + "v4_addr_match(%p" NXAV4_FMT "," NIPQUAD_FMT ",%04x) = %d",
14485 + nxa, NXAV4(nxa), NIPQUAD(addr), tmask, ret);
14490 +int v4_addr_in_nx_info(struct nx_info *nxi, __be32 addr, uint16_t tmask)
14492 + struct nx_addr_v4 *nxa;
14499 + /* allow 127.0.0.1 when remapping lback */
14500 + if ((tmask & NXA_LOOPBACK) &&
14501 + (addr == IPI_LOOPBACK) &&
14502 + nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
14505 + /* check for lback address */
14506 + if ((tmask & NXA_MOD_LBACK) &&
14507 + (nxi->v4_lback.s_addr == addr))
14510 + /* check for broadcast address */
14511 + if ((tmask & NXA_MOD_BCAST) &&
14512 + (nxi->v4_bcast.s_addr == addr))
14515 + /* check for v4 addresses */
14516 + for (nxa = &nxi->v4; nxa; nxa = nxa->next)
14517 + if (v4_addr_match(nxa, addr, tmask))
14521 + vxdprintk(VXD_CBIT(net, 0),
14522 + "v4_addr_in_nx_info(%p[#%u]," NIPQUAD_FMT ",%04x) = %d",
14523 + nxi, nxi ? nxi->nx_id : 0, NIPQUAD(addr), tmask, ret);
14528 +int v4_nx_addr_match(struct nx_addr_v4 *nxa, struct nx_addr_v4 *addr, uint16_t mask)
14530 + /* FIXME: needs full range checks */
14531 + return v4_addr_match(nxa, addr->ip[0].s_addr, mask);
14535 +int v4_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v4 *nxa, uint16_t mask)
14537 + struct nx_addr_v4 *ptr;
14539 + for (ptr = &nxi->v4; ptr; ptr = ptr->next)
14540 + if (v4_nx_addr_match(ptr, nxa, mask))
14545 +#include <net/inet_sock.h>
14548 + * Check if a given address matches for a socket
14550 + * nxi: the socket's nx_info if any
14551 + * addr: to be verified address
14554 +int v4_sock_addr_match (
14555 + struct nx_info *nxi,
14556 + struct inet_sock *inet,
14559 + __be32 saddr = inet->rcv_saddr;
14560 + __be32 bcast = nxi ? nxi->v4_bcast.s_addr : INADDR_BROADCAST;
14562 + if (addr && (saddr == addr || bcast == addr))
14565 + return v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND);
14570 +/* inet related checks and helpers */
14574 +struct net_device;
14577 +#ifdef CONFIG_INET
14579 +#include <linux/netdevice.h>
14580 +#include <linux/inetdevice.h>
14581 +#include <net/inet_sock.h>
14582 +#include <net/inet_timewait_sock.h>
14585 +int dev_in_nx_info(struct net_device *, struct nx_info *);
14586 +int v4_dev_in_nx_info(struct net_device *, struct nx_info *);
14587 +int nx_v4_addr_conflict(struct nx_info *, struct nx_info *);
14591 + * check if address is covered by socket
14593 + * sk: the socket to check against
14594 + * addr: the address in question (must be != 0)
14598 +int __v4_addr_match_socket(const struct sock *sk, struct nx_addr_v4 *nxa)
14600 + struct nx_info *nxi = sk->sk_nx_info;
14601 + __be32 saddr = inet_rcv_saddr(sk);
14603 + vxdprintk(VXD_CBIT(net, 5),
14604 + "__v4_addr_in_socket(%p," NXAV4_FMT ") %p:" NIPQUAD_FMT " %p;%lx",
14605 + sk, NXAV4(nxa), nxi, NIPQUAD(saddr), sk->sk_socket,
14606 + (sk->sk_socket?sk->sk_socket->flags:0));
14608 + if (saddr) { /* direct address match */
14609 + return v4_addr_match(nxa, saddr, -1);
14610 + } else if (nxi) { /* match against nx_info */
14611 + return v4_nx_addr_in_nx_info(nxi, nxa, -1);
14612 + } else { /* unrestricted any socket */
14620 +int nx_dev_visible(struct nx_info *nxi, struct net_device *dev)
14622 + vxdprintk(VXD_CBIT(net, 1), "nx_dev_visible(%p[#%u],%p »%s«) %d",
14623 + nxi, nxi ? nxi->nx_id : 0, dev, dev->name,
14624 + nxi ? dev_in_nx_info(dev, nxi) : 0);
14626 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
14628 + if (dev_in_nx_info(dev, nxi))
14635 +int v4_ifa_in_nx_info(struct in_ifaddr *ifa, struct nx_info *nxi)
14641 + return v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW);
14645 +int nx_v4_ifa_visible(struct nx_info *nxi, struct in_ifaddr *ifa)
14647 + vxdprintk(VXD_CBIT(net, 1), "nx_v4_ifa_visible(%p[#%u],%p) %d",
14648 + nxi, nxi ? nxi->nx_id : 0, ifa,
14649 + nxi ? v4_ifa_in_nx_info(ifa, nxi) : 0);
14651 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
14653 + if (v4_ifa_in_nx_info(ifa, nxi))
14659 +struct nx_v4_sock_addr {
14660 + __be32 saddr; /* Address used for validation */
14661 + __be32 baddr; /* Address used for socket bind */
14665 +int v4_map_sock_addr(struct inet_sock *inet, struct sockaddr_in *addr,
14666 + struct nx_v4_sock_addr *nsa)
14668 + struct sock *sk = &inet->sk;
14669 + struct nx_info *nxi = sk->sk_nx_info;
14670 + __be32 saddr = addr->sin_addr.s_addr;
14671 + __be32 baddr = saddr;
14673 + vxdprintk(VXD_CBIT(net, 3),
14674 + "inet_bind(%p)* %p,%p;%lx " NIPQUAD_FMT,
14675 + sk, sk->sk_nx_info, sk->sk_socket,
14676 + (sk->sk_socket ? sk->sk_socket->flags : 0),
14680 + if (saddr == INADDR_ANY) {
14681 + if (nx_info_flags(nxi, NXF_SINGLE_IP, 0))
14682 + baddr = nxi->v4.ip[0].s_addr;
14683 + } else if (saddr == IPI_LOOPBACK) {
14684 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
14685 + baddr = nxi->v4_lback.s_addr;
14686 + } else { /* normal address bind */
14687 + if (!v4_addr_in_nx_info(nxi, saddr, NXA_MASK_BIND))
14688 + return -EADDRNOTAVAIL;
14692 + vxdprintk(VXD_CBIT(net, 3),
14693 + "inet_bind(%p) " NIPQUAD_FMT ", " NIPQUAD_FMT,
14694 + sk, NIPQUAD(saddr), NIPQUAD(baddr));
14696 + nsa->saddr = saddr;
14697 + nsa->baddr = baddr;
14702 +void v4_set_sock_addr(struct inet_sock *inet, struct nx_v4_sock_addr *nsa)
14704 + inet->saddr = nsa->baddr;
14705 + inet->rcv_saddr = nsa->baddr;
14710 + * helper to simplify inet_lookup_listener
14712 + * nxi: the socket's nx_info if any
14713 + * addr: to be verified address
14714 + * saddr: socket address
14716 +static inline int v4_inet_addr_match (
14717 + struct nx_info *nxi,
14721 + if (addr && (saddr == addr))
14724 + return nxi ? v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND) : 1;
14728 +static inline __be32 nx_map_sock_lback(struct nx_info *nxi, __be32 addr)
14730 + if (nx_info_flags(nxi, NXF_HIDE_LBACK, 0) &&
14731 + (addr == nxi->v4_lback.s_addr))
14732 + return IPI_LOOPBACK;
14737 +int nx_info_has_v4(struct nx_info *nxi)
14741 + if (NX_IPV4(nxi))
14743 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
14748 +#else /* CONFIG_INET */
14751 +int nx_dev_visible(struct nx_info *n, struct net_device *d)
14757 +int nx_v4_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
14763 +int v4_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
14769 +int nx_info_has_v4(struct nx_info *nxi)
14774 +#endif /* CONFIG_INET */
14776 +#define current_nx_info_has_v4() \
14777 + nx_info_has_v4(current_nx_info())
14780 +// #warning duplicate inclusion
14782 diff -NurpP --minimal linux-2.6.25/include/linux/vs_limit.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_limit.h
14783 --- linux-2.6.25/include/linux/vs_limit.h 1969-12-31 19:00:00.000000000 -0500
14784 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_limit.h 2008-04-19 15:14:52.000000000 -0400
14786 +#ifndef _VS_LIMIT_H
14787 +#define _VS_LIMIT_H
14789 +#include "vserver/limit.h"
14790 +#include "vserver/base.h"
14791 +#include "vserver/context.h"
14792 +#include "vserver/debug.h"
14793 +#include "vserver/context.h"
14794 +#include "vserver/limit_int.h"
14797 +#define vx_acc_cres(v, d, p, r) \
14798 + __vx_acc_cres(v, r, d, p, __FILE__, __LINE__)
14800 +#define vx_acc_cres_cond(x, d, p, r) \
14801 + __vx_acc_cres(((x) == vx_current_xid()) ? current->vx_info : 0, \
14802 + r, d, p, __FILE__, __LINE__)
14805 +#define vx_add_cres(v, a, p, r) \
14806 + __vx_add_cres(v, r, a, p, __FILE__, __LINE__)
14807 +#define vx_sub_cres(v, a, p, r) vx_add_cres(v, -(a), p, r)
14809 +#define vx_add_cres_cond(x, a, p, r) \
14810 + __vx_add_cres(((x) == vx_current_xid()) ? current->vx_info : 0, \
14811 + r, a, p, __FILE__, __LINE__)
14812 +#define vx_sub_cres_cond(x, a, p, r) vx_add_cres_cond(x, -(a), p, r)
14815 +/* process and file limits */
14817 +#define vx_nproc_inc(p) \
14818 + vx_acc_cres((p)->vx_info, 1, p, RLIMIT_NPROC)
14820 +#define vx_nproc_dec(p) \
14821 + vx_acc_cres((p)->vx_info,-1, p, RLIMIT_NPROC)
14823 +#define vx_files_inc(f) \
14824 + vx_acc_cres_cond((f)->f_xid, 1, f, RLIMIT_NOFILE)
14826 +#define vx_files_dec(f) \
14827 + vx_acc_cres_cond((f)->f_xid,-1, f, RLIMIT_NOFILE)
14829 +#define vx_locks_inc(l) \
14830 + vx_acc_cres_cond((l)->fl_xid, 1, l, RLIMIT_LOCKS)
14832 +#define vx_locks_dec(l) \
14833 + vx_acc_cres_cond((l)->fl_xid,-1, l, RLIMIT_LOCKS)
14835 +#define vx_openfd_inc(f) \
14836 + vx_acc_cres(current->vx_info, 1, (void *)(long)(f), VLIMIT_OPENFD)
14838 +#define vx_openfd_dec(f) \
14839 + vx_acc_cres(current->vx_info,-1, (void *)(long)(f), VLIMIT_OPENFD)
14842 +#define vx_cres_avail(v, n, r) \
14843 + __vx_cres_avail(v, r, n, __FILE__, __LINE__)
14846 +#define vx_nproc_avail(n) \
14847 + vx_cres_avail(current->vx_info, n, RLIMIT_NPROC)
14849 +#define vx_files_avail(n) \
14850 + vx_cres_avail(current->vx_info, n, RLIMIT_NOFILE)
14852 +#define vx_locks_avail(n) \
14853 + vx_cres_avail(current->vx_info, n, RLIMIT_LOCKS)
14855 +#define vx_openfd_avail(n) \
14856 + vx_cres_avail(current->vx_info, n, VLIMIT_OPENFD)
14859 +/* dentry limits */
14861 +#define vx_dentry_inc(d) do { \
14862 + if (atomic_read(&d->d_count) == 1) \
14863 + vx_acc_cres(current->vx_info, 1, d, VLIMIT_DENTRY); \
14866 +#define vx_dentry_dec(d) do { \
14867 + if (atomic_read(&d->d_count) == 0) \
14868 + vx_acc_cres(current->vx_info,-1, d, VLIMIT_DENTRY); \
14871 +#define vx_dentry_avail(n) \
14872 + vx_cres_avail(current->vx_info, n, VLIMIT_DENTRY)
14875 +/* socket limits */
14877 +#define vx_sock_inc(s) \
14878 + vx_acc_cres((s)->sk_vx_info, 1, s, VLIMIT_NSOCK)
14880 +#define vx_sock_dec(s) \
14881 + vx_acc_cres((s)->sk_vx_info,-1, s, VLIMIT_NSOCK)
14883 +#define vx_sock_avail(n) \
14884 + vx_cres_avail(current->vx_info, n, VLIMIT_NSOCK)
14887 +/* ipc resource limits */
14889 +#define vx_ipcmsg_add(v, u, a) \
14890 + vx_add_cres(v, a, u, RLIMIT_MSGQUEUE)
14892 +#define vx_ipcmsg_sub(v, u, a) \
14893 + vx_sub_cres(v, a, u, RLIMIT_MSGQUEUE)
14895 +#define vx_ipcmsg_avail(v, a) \
14896 + vx_cres_avail(v, a, RLIMIT_MSGQUEUE)
14899 +#define vx_ipcshm_add(v, k, a) \
14900 + vx_add_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
14902 +#define vx_ipcshm_sub(v, k, a) \
14903 + vx_sub_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
14905 +#define vx_ipcshm_avail(v, a) \
14906 + vx_cres_avail(v, a, VLIMIT_SHMEM)
14909 +#define vx_semary_inc(a) \
14910 + vx_acc_cres(current->vx_info, 1, a, VLIMIT_SEMARY)
14912 +#define vx_semary_dec(a) \
14913 + vx_acc_cres(current->vx_info, -1, a, VLIMIT_SEMARY)
14916 +#define vx_nsems_add(a,n) \
14917 + vx_add_cres(current->vx_info, n, a, VLIMIT_NSEMS)
14919 +#define vx_nsems_sub(a,n) \
14920 + vx_sub_cres(current->vx_info, n, a, VLIMIT_NSEMS)
14924 +#warning duplicate inclusion
14926 diff -NurpP --minimal linux-2.6.25/include/linux/vs_memory.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_memory.h
14927 --- linux-2.6.25/include/linux/vs_memory.h 1969-12-31 19:00:00.000000000 -0500
14928 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_memory.h 2008-04-19 15:14:52.000000000 -0400
14930 +#ifndef _VS_MEMORY_H
14931 +#define _VS_MEMORY_H
14933 +#include "vserver/limit.h"
14934 +#include "vserver/base.h"
14935 +#include "vserver/context.h"
14936 +#include "vserver/debug.h"
14937 +#include "vserver/context.h"
14938 +#include "vserver/limit_int.h"
14941 +#define __acc_add_long(a, v) (*(v) += (a))
14942 +#define __acc_inc_long(v) (++*(v))
14943 +#define __acc_dec_long(v) (--*(v))
14945 +#if NR_CPUS >= CONFIG_SPLIT_PTLOCK_CPUS
14946 +#define __acc_add_atomic(a, v) atomic_long_add(a, v)
14947 +#define __acc_inc_atomic(v) atomic_long_inc(v)
14948 +#define __acc_dec_atomic(v) atomic_long_dec(v)
14949 +#else /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
14950 +#define __acc_add_atomic(a, v) __acc_add_long(a, v)
14951 +#define __acc_inc_atomic(v) __acc_inc_long(v)
14952 +#define __acc_dec_atomic(v) __acc_dec_long(v)
14953 +#endif /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
14956 +#define vx_acc_page(m, d, v, r) do { \
14958 + __acc_inc_long(&(m)->v); \
14960 + __acc_dec_long(&(m)->v); \
14961 + __vx_acc_cres(m->mm_vx_info, r, d, m, __FILE__, __LINE__); \
14964 +#define vx_acc_page_atomic(m, d, v, r) do { \
14966 + __acc_inc_atomic(&(m)->v); \
14968 + __acc_dec_atomic(&(m)->v); \
14969 + __vx_acc_cres(m->mm_vx_info, r, d, m, __FILE__, __LINE__); \
14973 +#define vx_acc_pages(m, p, v, r) do { \
14974 + unsigned long __p = (p); \
14975 + __acc_add_long(__p, &(m)->v); \
14976 + __vx_add_cres(m->mm_vx_info, r, __p, m, __FILE__, __LINE__); \
14979 +#define vx_acc_pages_atomic(m, p, v, r) do { \
14980 + unsigned long __p = (p); \
14981 + __acc_add_atomic(__p, &(m)->v); \
14982 + __vx_add_cres(m->mm_vx_info, r, __p, m, __FILE__, __LINE__); \
14987 +#define vx_acc_vmpage(m, d) \
14988 + vx_acc_page(m, d, total_vm, RLIMIT_AS)
14989 +#define vx_acc_vmlpage(m, d) \
14990 + vx_acc_page(m, d, locked_vm, RLIMIT_MEMLOCK)
14991 +#define vx_acc_file_rsspage(m, d) \
14992 + vx_acc_page_atomic(m, d, _file_rss, VLIMIT_MAPPED)
14993 +#define vx_acc_anon_rsspage(m, d) \
14994 + vx_acc_page_atomic(m, d, _anon_rss, VLIMIT_ANON)
14996 +#define vx_acc_vmpages(m, p) \
14997 + vx_acc_pages(m, p, total_vm, RLIMIT_AS)
14998 +#define vx_acc_vmlpages(m, p) \
14999 + vx_acc_pages(m, p, locked_vm, RLIMIT_MEMLOCK)
15000 +#define vx_acc_file_rsspages(m, p) \
15001 + vx_acc_pages_atomic(m, p, _file_rss, VLIMIT_MAPPED)
15002 +#define vx_acc_anon_rsspages(m, p) \
15003 + vx_acc_pages_atomic(m, p, _anon_rss, VLIMIT_ANON)
15005 +#define vx_pages_add(s, r, p) __vx_add_cres(s, r, p, 0, __FILE__, __LINE__)
15006 +#define vx_pages_sub(s, r, p) vx_pages_add(s, r, -(p))
15008 +#define vx_vmpages_inc(m) vx_acc_vmpage(m, 1)
15009 +#define vx_vmpages_dec(m) vx_acc_vmpage(m, -1)
15010 +#define vx_vmpages_add(m, p) vx_acc_vmpages(m, p)
15011 +#define vx_vmpages_sub(m, p) vx_acc_vmpages(m, -(p))
15013 +#define vx_vmlocked_inc(m) vx_acc_vmlpage(m, 1)
15014 +#define vx_vmlocked_dec(m) vx_acc_vmlpage(m, -1)
15015 +#define vx_vmlocked_add(m, p) vx_acc_vmlpages(m, p)
15016 +#define vx_vmlocked_sub(m, p) vx_acc_vmlpages(m, -(p))
15018 +#define vx_file_rsspages_inc(m) vx_acc_file_rsspage(m, 1)
15019 +#define vx_file_rsspages_dec(m) vx_acc_file_rsspage(m, -1)
15020 +#define vx_file_rsspages_add(m, p) vx_acc_file_rsspages(m, p)
15021 +#define vx_file_rsspages_sub(m, p) vx_acc_file_rsspages(m, -(p))
15023 +#define vx_anon_rsspages_inc(m) vx_acc_anon_rsspage(m, 1)
15024 +#define vx_anon_rsspages_dec(m) vx_acc_anon_rsspage(m, -1)
15025 +#define vx_anon_rsspages_add(m, p) vx_acc_anon_rsspages(m, p)
15026 +#define vx_anon_rsspages_sub(m, p) vx_acc_anon_rsspages(m, -(p))
15029 +#define vx_pages_avail(m, p, r) \
15030 + __vx_cres_avail((m)->mm_vx_info, r, p, __FILE__, __LINE__)
15032 +#define vx_vmpages_avail(m, p) vx_pages_avail(m, p, RLIMIT_AS)
15033 +#define vx_vmlocked_avail(m, p) vx_pages_avail(m, p, RLIMIT_MEMLOCK)
15034 +#define vx_anon_avail(m, p) vx_pages_avail(m, p, VLIMIT_ANON)
15035 +#define vx_mapped_avail(m, p) vx_pages_avail(m, p, VLIMIT_MAPPED)
15037 +#define vx_rss_avail(m, p) \
15038 + __vx_cres_array_avail((m)->mm_vx_info, VLA_RSS, p, __FILE__, __LINE__)
15042 + VXPT_UNKNOWN = 0,
15051 +#define vx_page_fault(mm, vma, type, ret)
15055 +void __vx_page_fault(struct mm_struct *mm,
15056 + struct vm_area_struct *vma, int type, int ret)
15058 + struct vx_info *vxi = mm->mm_vx_info;
15061 + static char *page_type[6] =
15062 + { "UNKNOWN", "ANON", "NONE", "FILE", "SWAP", "WRITE" };
15063 + static char *page_what[4] =
15064 + { "FAULT_OOM", "FAULT_SIGBUS", "FAULT_MINOR", "FAULT_MAJOR" };
15070 + what = (ret & 0x3);
15072 +/* printk("[%d] page[%d][%d] %2x %s %s\n", vxi->vx_id,
15073 + type, what, ret, page_type[type], page_what[what]);
15075 + if (ret & VM_FAULT_WRITE)
15077 + atomic_inc(&vxi->cacct.page[type][what]);
15080 +#define vx_page_fault(mm, vma, type, ret) __vx_page_fault(mm, vma, type, ret)
15084 +extern unsigned long vx_badness(struct task_struct *task, struct mm_struct *mm);
15087 +#warning duplicate inclusion
15089 diff -NurpP --minimal linux-2.6.25/include/linux/vs_network.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_network.h
15090 --- linux-2.6.25/include/linux/vs_network.h 1969-12-31 19:00:00.000000000 -0500
15091 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_network.h 2008-04-29 18:42:49.000000000 -0400
15093 +#ifndef _NX_VS_NETWORK_H
15094 +#define _NX_VS_NETWORK_H
15096 +#include "vserver/context.h"
15097 +#include "vserver/network.h"
15098 +#include "vserver/base.h"
15099 +#include "vserver/check.h"
15100 +#include "vserver/debug.h"
15102 +#include <linux/sched.h>
15105 +#define get_nx_info(i) __get_nx_info(i, __FILE__, __LINE__)
15107 +static inline struct nx_info *__get_nx_info(struct nx_info *nxi,
15108 + const char *_file, int _line)
15113 + vxlprintk(VXD_CBIT(nid, 2), "get_nx_info(%p[#%d.%d])",
15114 + nxi, nxi ? nxi->nx_id : 0,
15115 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15118 + atomic_inc(&nxi->nx_usecnt);
15123 +extern void free_nx_info(struct nx_info *);
15125 +#define put_nx_info(i) __put_nx_info(i, __FILE__, __LINE__)
15127 +static inline void __put_nx_info(struct nx_info *nxi, const char *_file, int _line)
15132 + vxlprintk(VXD_CBIT(nid, 2), "put_nx_info(%p[#%d.%d])",
15133 + nxi, nxi ? nxi->nx_id : 0,
15134 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15137 + if (atomic_dec_and_test(&nxi->nx_usecnt))
15138 + free_nx_info(nxi);
15142 +#define init_nx_info(p, i) __init_nx_info(p, i, __FILE__, __LINE__)
15144 +static inline void __init_nx_info(struct nx_info **nxp, struct nx_info *nxi,
15145 + const char *_file, int _line)
15148 + vxlprintk(VXD_CBIT(nid, 3),
15149 + "init_nx_info(%p[#%d.%d])",
15150 + nxi, nxi ? nxi->nx_id : 0,
15151 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15154 + atomic_inc(&nxi->nx_usecnt);
15160 +#define set_nx_info(p, i) __set_nx_info(p, i, __FILE__, __LINE__)
15162 +static inline void __set_nx_info(struct nx_info **nxp, struct nx_info *nxi,
15163 + const char *_file, int _line)
15165 + struct nx_info *nxo;
15170 + vxlprintk(VXD_CBIT(nid, 3), "set_nx_info(%p[#%d.%d])",
15171 + nxi, nxi ? nxi->nx_id : 0,
15172 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15175 + atomic_inc(&nxi->nx_usecnt);
15176 + nxo = xchg(nxp, nxi);
15180 +#define clr_nx_info(p) __clr_nx_info(p, __FILE__, __LINE__)
15182 +static inline void __clr_nx_info(struct nx_info **nxp,
15183 + const char *_file, int _line)
15185 + struct nx_info *nxo;
15187 + nxo = xchg(nxp, NULL);
15191 + vxlprintk(VXD_CBIT(nid, 3), "clr_nx_info(%p[#%d.%d])",
15192 + nxo, nxo ? nxo->nx_id : 0,
15193 + nxo ? atomic_read(&nxo->nx_usecnt) : 0,
15196 + if (atomic_dec_and_test(&nxo->nx_usecnt))
15197 + free_nx_info(nxo);
15201 +#define claim_nx_info(v, p) __claim_nx_info(v, p, __FILE__, __LINE__)
15203 +static inline void __claim_nx_info(struct nx_info *nxi,
15204 + struct task_struct *task, const char *_file, int _line)
15206 + vxlprintk(VXD_CBIT(nid, 3), "claim_nx_info(%p[#%d.%d.%d]) %p",
15207 + nxi, nxi ? nxi->nx_id : 0,
15208 + nxi?atomic_read(&nxi->nx_usecnt):0,
15209 + nxi?atomic_read(&nxi->nx_tasks):0,
15210 + task, _file, _line);
15212 + atomic_inc(&nxi->nx_tasks);
15216 +extern void unhash_nx_info(struct nx_info *);
15218 +#define release_nx_info(v, p) __release_nx_info(v, p, __FILE__, __LINE__)
15220 +static inline void __release_nx_info(struct nx_info *nxi,
15221 + struct task_struct *task, const char *_file, int _line)
15223 + vxlprintk(VXD_CBIT(nid, 3), "release_nx_info(%p[#%d.%d.%d]) %p",
15224 + nxi, nxi ? nxi->nx_id : 0,
15225 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15226 + nxi ? atomic_read(&nxi->nx_tasks) : 0,
15227 + task, _file, _line);
15231 + if (atomic_dec_and_test(&nxi->nx_tasks))
15232 + unhash_nx_info(nxi);
15236 +#define task_get_nx_info(i) __task_get_nx_info(i, __FILE__, __LINE__)
15238 +static __inline__ struct nx_info *__task_get_nx_info(struct task_struct *p,
15239 + const char *_file, int _line)
15241 + struct nx_info *nxi;
15244 + vxlprintk(VXD_CBIT(nid, 5), "task_get_nx_info(%p)",
15245 + p, _file, _line);
15246 + nxi = __get_nx_info(p->nx_info, _file, _line);
15252 +static inline void exit_nx_info(struct task_struct *p)
15255 + release_nx_info(p->nx_info, p);
15260 +#warning duplicate inclusion
15262 diff -NurpP --minimal linux-2.6.25/include/linux/vs_pid.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_pid.h
15263 --- linux-2.6.25/include/linux/vs_pid.h 1969-12-31 19:00:00.000000000 -0500
15264 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_pid.h 2008-04-19 15:14:52.000000000 -0400
15269 +#include "vserver/base.h"
15270 +#include "vserver/check.h"
15271 +#include "vserver/context.h"
15272 +#include "vserver/debug.h"
15273 +#include "vserver/pid.h"
15274 +#include <linux/pid_namespace.h>
15277 +#define VXF_FAKE_INIT (VXF_INFO_INIT | VXF_STATE_INIT)
15280 +int vx_proc_task_visible(struct task_struct *task)
15282 + if ((task->pid == 1) &&
15283 + !vx_flags(VXF_FAKE_INIT, VXF_FAKE_INIT))
15284 + /* show a blend through init */
15286 + if (vx_check(vx_task_xid(task), VS_WATCH | VS_IDENT))
15293 +#define find_task_by_real_pid find_task_by_pid
15298 +struct task_struct *vx_find_proc_task_by_pid(int pid)
15300 + struct task_struct *task = find_task_by_real_pid(pid);
15302 + if (task && !vx_proc_task_visible(task)) {
15303 + vxdprintk(VXD_CBIT(misc, 6),
15304 + "dropping task (find) %p[#%u,%u] for %p[#%u,%u]",
15305 + task, task->xid, task->pid,
15306 + current, current->xid, current->pid);
15315 +struct task_struct *vx_get_proc_task(struct inode *inode, struct pid *pid)
15317 + struct task_struct *task = get_pid_task(pid, PIDTYPE_PID);
15319 + if (task && !vx_proc_task_visible(task)) {
15320 + vxdprintk(VXD_CBIT(misc, 6),
15321 + "dropping task (get) %p[#%u,%u] for %p[#%u,%u]",
15322 + task, task->xid, task->pid,
15323 + current, current->xid, current->pid);
15324 + put_task_struct(task);
15333 +struct task_struct *vx_child_reaper(struct task_struct *p)
15335 + struct vx_info *vxi = p->vx_info;
15336 + struct task_struct *reaper = child_reaper(p);
15341 + BUG_ON(!p->vx_info->vx_reaper);
15343 + /* child reaper for the guest reaper */
15344 + if (vxi->vx_reaper == p)
15347 + reaper = vxi->vx_reaper;
15349 + vxdprintk(VXD_CBIT(xid, 7),
15350 + "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]",
15351 + p, p->xid, p->pid, reaper, reaper->xid, reaper->pid);
15359 +#warning duplicate inclusion
15361 diff -NurpP --minimal linux-2.6.25/include/linux/vs_sched.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_sched.h
15362 --- linux-2.6.25/include/linux/vs_sched.h 1969-12-31 19:00:00.000000000 -0500
15363 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_sched.h 2008-04-19 15:14:52.000000000 -0400
15365 +#ifndef _VS_SCHED_H
15366 +#define _VS_SCHED_H
15368 +#include "vserver/base.h"
15369 +#include "vserver/context.h"
15370 +#include "vserver/sched.h"
15373 +#define VAVAVOOM_RATIO 50
15375 +#define MAX_PRIO_BIAS 20
15376 +#define MIN_PRIO_BIAS -20
15379 +#ifdef CONFIG_VSERVER_HARDCPU
15382 + * effective_prio - return the priority that is based on the static
15383 + * priority but is modified by bonuses/penalties.
15385 + * We scale the actual sleep average [0 .... MAX_SLEEP_AVG]
15386 + * into a -4 ... 0 ... +4 bonus/penalty range.
15388 + * Additionally, we scale another amount based on the number of
15389 + * CPU tokens currently held by the context, if the process is
15390 + * part of a context (and the appropriate SCHED flag is set).
15391 + * This ranges from -5 ... 0 ... +15, quadratically.
15393 + * So, the total bonus is -9 .. 0 .. +19
15394 + * We use ~50% of the full 0...39 priority range so that:
15396 + * 1) nice +19 interactive tasks do not preempt nice 0 CPU hogs.
15397 + * 2) nice -20 CPU hogs do not get preempted by nice 0 tasks.
15398 + * unless that context is far exceeding its CPU allocation.
15400 + * Both properties are important to certain workloads.
15403 +int vx_effective_vavavoom(struct _vx_sched_pc *sched_pc, int max_prio)
15405 + int vavavoom, max;
15407 + /* lots of tokens = lots of vavavoom
15408 + * no tokens = no vavavoom */
15409 + if ((vavavoom = sched_pc->tokens) >= 0) {
15410 + max = sched_pc->tokens_max;
15411 + vavavoom = max - vavavoom;
15413 + vavavoom = max_prio * VAVAVOOM_RATIO / 100
15414 + * (vavavoom*vavavoom - (max >> 2)) / max;
15422 +int vx_adjust_prio(struct task_struct *p, int prio, int max_user)
15424 + struct vx_info *vxi = p->vx_info;
15425 + struct _vx_sched_pc *sched_pc;
15430 + sched_pc = &vx_cpu(vxi, sched_pc);
15431 + if (vx_info_flags(vxi, VXF_SCHED_PRIO, 0)) {
15432 + int vavavoom = vx_effective_vavavoom(sched_pc, max_user);
15434 + sched_pc->vavavoom = vavavoom;
15435 + prio += vavavoom;
15437 + prio += sched_pc->prio_bias;
15441 +#else /* !CONFIG_VSERVER_HARDCPU */
15444 +int vx_adjust_prio(struct task_struct *p, int prio, int max_user)
15446 + struct vx_info *vxi = p->vx_info;
15449 + prio += vx_cpu(vxi, sched_pc).prio_bias;
15453 +#endif /* CONFIG_VSERVER_HARDCPU */
15456 +static inline void vx_account_user(struct vx_info *vxi,
15457 + cputime_t cputime, int nice)
15461 + vx_cpu(vxi, sched_pc).user_ticks += cputime;
15464 +static inline void vx_account_system(struct vx_info *vxi,
15465 + cputime_t cputime, int idle)
15469 + vx_cpu(vxi, sched_pc).sys_ticks += cputime;
15473 +#warning duplicate inclusion
15475 diff -NurpP --minimal linux-2.6.25/include/linux/vs_socket.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_socket.h
15476 --- linux-2.6.25/include/linux/vs_socket.h 1969-12-31 19:00:00.000000000 -0500
15477 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_socket.h 2008-04-23 14:32:00.000000000 -0400
15479 +#ifndef _VS_SOCKET_H
15480 +#define _VS_SOCKET_H
15482 +#include "vserver/debug.h"
15483 +#include "vserver/base.h"
15484 +#include "vserver/cacct.h"
15485 +#include "vserver/context.h"
15486 +#include "vserver/tag.h"
15489 +/* socket accounting */
15491 +#include <linux/socket.h>
15493 +static inline int vx_sock_type(int family)
15495 + switch (family) {
15497 + return VXA_SOCK_UNSPEC;
15499 + return VXA_SOCK_UNIX;
15501 + return VXA_SOCK_INET;
15503 + return VXA_SOCK_INET6;
15505 + return VXA_SOCK_PACKET;
15507 + return VXA_SOCK_OTHER;
15511 +#define vx_acc_sock(v, f, p, s) \
15512 + __vx_acc_sock(v, f, p, s, __FILE__, __LINE__)
15514 +static inline void __vx_acc_sock(struct vx_info *vxi,
15515 + int family, int pos, int size, char *file, int line)
15518 + int type = vx_sock_type(family);
15520 + atomic_long_inc(&vxi->cacct.sock[type][pos].count);
15521 + atomic_long_add(size, &vxi->cacct.sock[type][pos].total);
15525 +#define vx_sock_recv(sk, s) \
15526 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 0, s)
15527 +#define vx_sock_send(sk, s) \
15528 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 1, s)
15529 +#define vx_sock_fail(sk, s) \
15530 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 2, s)
15533 +#define sock_vx_init(s) do { \
15534 + (s)->sk_xid = 0; \
15535 + (s)->sk_vx_info = NULL; \
15538 +#define sock_nx_init(s) do { \
15539 + (s)->sk_nid = 0; \
15540 + (s)->sk_nx_info = NULL; \
15544 +#warning duplicate inclusion
15546 diff -NurpP --minimal linux-2.6.25/include/linux/vs_tag.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_tag.h
15547 --- linux-2.6.25/include/linux/vs_tag.h 1969-12-31 19:00:00.000000000 -0500
15548 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_tag.h 2008-04-19 15:14:52.000000000 -0400
15553 +#include <linux/vserver/tag.h>
15555 +/* check conditions */
15557 +#define DX_ADMIN 0x0001
15558 +#define DX_WATCH 0x0002
15559 +#define DX_HOSTID 0x0008
15561 +#define DX_IDENT 0x0010
15563 +#define DX_ARG_MASK 0x0010
15566 +#define dx_task_tag(t) ((t)->tag)
15568 +#define dx_current_tag() dx_task_tag(current)
15570 +#define dx_check(c, m) __dx_check(dx_current_tag(), c, m)
15572 +#define dx_weak_check(c, m) ((m) ? dx_check(c, m) : 1)
15576 + * check current context for ADMIN/WATCH and
15577 + * optionally against supplied argument
15579 +static inline int __dx_check(tag_t cid, tag_t id, unsigned int mode)
15581 + if (mode & DX_ARG_MASK) {
15582 + if ((mode & DX_IDENT) && (id == cid))
15585 + return (((mode & DX_ADMIN) && (cid == 0)) ||
15586 + ((mode & DX_WATCH) && (cid == 1)) ||
15587 + ((mode & DX_HOSTID) && (id == 0)));
15591 +#warning duplicate inclusion
15593 diff -NurpP --minimal linux-2.6.25/include/linux/vs_time.h linux-2.6.25-vs2.3.0.34.9/include/linux/vs_time.h
15594 --- linux-2.6.25/include/linux/vs_time.h 1969-12-31 19:00:00.000000000 -0500
15595 +++ linux-2.6.25-vs2.3.0.34.9/include/linux/vs_time.h 2008-04-19 15:14:52.000000000 -0400
15597 +#ifndef _VS_TIME_H
15598 +#define _VS_TIME_H
15601 +/* time faking stuff */
15603 +#ifdef CONFIG_VSERVER_VTIME
15605 +extern void vx_gettimeofday(struct timeval *tv);
15606 +extern int vx_settimeofday(struct timespec *ts);
15609 +#define vx_gettimeofday(t) do_gettimeofday(t)
15610 +#define vx_settimeofday(t) do_settimeofday(t)
15614 +#warning duplicate inclusion
15616 diff -NurpP --minimal linux-2.6.25/include/net/addrconf.h linux-2.6.25-vs2.3.0.34.9/include/net/addrconf.h
15617 --- linux-2.6.25/include/net/addrconf.h 2008-04-17 12:05:44.000000000 -0400
15618 +++ linux-2.6.25-vs2.3.0.34.9/include/net/addrconf.h 2008-04-19 15:14:52.000000000 -0400
15619 @@ -75,10 +75,12 @@ extern struct inet6_ifaddr *ipv6_ge
15621 extern int ipv6_get_saddr(struct dst_entry *dst,
15622 struct in6_addr *daddr,
15623 - struct in6_addr *saddr);
15624 + struct in6_addr *saddr,
15625 + struct nx_info *nxi);
15626 extern int ipv6_dev_get_saddr(struct net_device *dev,
15627 struct in6_addr *daddr,
15628 - struct in6_addr *saddr);
15629 + struct in6_addr *saddr,
15630 + struct nx_info *nxi);
15631 extern int ipv6_get_lladdr(struct net_device *dev,
15632 struct in6_addr *addr,
15633 unsigned char banned_flags);
15634 diff -NurpP --minimal linux-2.6.25/include/net/af_unix.h linux-2.6.25-vs2.3.0.34.9/include/net/af_unix.h
15635 --- linux-2.6.25/include/net/af_unix.h 2008-04-17 12:05:44.000000000 -0400
15636 +++ linux-2.6.25-vs2.3.0.34.9/include/net/af_unix.h 2008-04-19 15:14:52.000000000 -0400
15638 #include <linux/socket.h>
15639 #include <linux/un.h>
15640 #include <linux/mutex.h>
15641 +#include <linux/vs_base.h>
15642 #include <net/sock.h>
15644 extern void unix_inflight(struct file *fp);
15645 diff -NurpP --minimal linux-2.6.25/include/net/inet_sock.h linux-2.6.25-vs2.3.0.34.9/include/net/inet_sock.h
15646 --- linux-2.6.25/include/net/inet_sock.h 2008-04-17 12:05:44.000000000 -0400
15647 +++ linux-2.6.25-vs2.3.0.34.9/include/net/inet_sock.h 2008-04-19 15:14:52.000000000 -0400
15649 #include <net/flow.h>
15650 #include <net/sock.h>
15651 #include <net/request_sock.h>
15652 -#include <net/route.h>
15653 +// #include <net/route.h>
15655 /** struct ip_options - IP Options
15657 @@ -193,9 +193,4 @@ static inline int inet_sk_ehashfn(const
15661 -static inline int inet_iif(const struct sk_buff *skb)
15663 - return ((struct rtable *)skb->dst)->rt_iif;
15666 #endif /* _INET_SOCK_H */
15667 diff -NurpP --minimal linux-2.6.25/include/net/inet_timewait_sock.h linux-2.6.25-vs2.3.0.34.9/include/net/inet_timewait_sock.h
15668 --- linux-2.6.25/include/net/inet_timewait_sock.h 2008-04-17 12:05:44.000000000 -0400
15669 +++ linux-2.6.25-vs2.3.0.34.9/include/net/inet_timewait_sock.h 2008-04-19 15:25:34.000000000 -0400
15670 @@ -15,15 +15,14 @@
15671 #ifndef _INET_TIMEWAIT_SOCK_
15672 #define _INET_TIMEWAIT_SOCK_
15674 +// #include <net/inet_sock.h>
15675 +#include <net/sock.h>
15677 #include <linux/list.h>
15678 #include <linux/module.h>
15679 #include <linux/timer.h>
15680 #include <linux/types.h>
15681 #include <linux/workqueue.h>
15683 -#include <net/inet_sock.h>
15684 -#include <net/sock.h>
15685 #include <net/tcp_states.h>
15686 #include <net/timewait_sock.h>
15688 @@ -116,6 +115,10 @@ struct inet_timewait_sock {
15689 #define tw_hash __tw_common.skc_hash
15690 #define tw_prot __tw_common.skc_prot
15691 #define tw_net __tw_common.skc_net
15692 +#define tw_xid __tw_common.skc_xid
15693 +#define tw_vx_info __tw_common.skc_vx_info
15694 +#define tw_nid __tw_common.skc_nid
15695 +#define tw_nx_info __tw_common.skc_nx_info
15697 volatile unsigned char tw_substate;
15698 /* 3 bits hole, try to pack */
15699 diff -NurpP --minimal linux-2.6.25/include/net/route.h linux-2.6.25-vs2.3.0.34.9/include/net/route.h
15700 --- linux-2.6.25/include/net/route.h 2008-04-17 12:05:44.000000000 -0400
15701 +++ linux-2.6.25-vs2.3.0.34.9/include/net/route.h 2008-04-21 12:39:35.000000000 -0400
15703 #include <linux/ip.h>
15704 #include <linux/cache.h>
15705 #include <linux/security.h>
15706 -#include <net/sock.h>
15707 +#include <linux/in.h>
15710 #warning This file is not supposed to be used outside of kernel.
15711 @@ -86,6 +86,11 @@ struct ip_rt_acct
15715 +static inline int inet_iif(const struct sk_buff *skb)
15717 + return ((struct rtable *)skb->dst)->rt_iif;
15720 struct rt_cache_stat
15722 unsigned int in_hit;
15723 @@ -136,6 +141,9 @@ static inline void ip_rt_put(struct rtab
15724 dst_release(&rt->u.dst);
15727 +#include <linux/vs_base.h>
15728 +#include <linux/vs_inet.h>
15730 #define IPTOS_RT_MASK (IPTOS_TOS_MASK & ~3)
15732 extern const __u8 ip_tos2prio[16];
15733 @@ -145,6 +153,9 @@ static inline char rt_tos2priority(u8 to
15734 return ip_tos2prio[IPTOS_TOS(tos)>>1];
15737 +extern int ip_v4_find_src(struct net *net, struct nx_info *,
15738 + struct rtable **, struct flowi *);
15740 static inline int ip_route_connect(struct rtable **rp, __be32 dst,
15741 __be32 src, u32 tos, int oif, u8 protocol,
15742 __be16 sport, __be16 dport, struct sock *sk,
15743 @@ -162,7 +173,21 @@ static inline int ip_route_connect(struc
15746 struct net *net = sk->sk_net;
15747 - if (!dst || !src) {
15748 + struct nx_info *nx_info = current->nx_info;
15751 + nx_info = sk->sk_nx_info;
15753 + vxdprintk(VXD_CBIT(net, 4),
15754 + "ip_route_connect(%p) %p,%p;%lx",
15755 + sk, nx_info, sk->sk_socket,
15756 + (sk->sk_socket?sk->sk_socket->flags:0));
15758 + err = ip_v4_find_src(net, nx_info, rp, &fl);
15762 + if (!fl.fl4_dst || !fl.fl4_src) {
15763 err = __ip_route_output_key(net, rp, &fl);
15766 diff -NurpP --minimal linux-2.6.25/include/net/sock.h linux-2.6.25-vs2.3.0.34.9/include/net/sock.h
15767 --- linux-2.6.25/include/net/sock.h 2008-04-17 12:05:44.000000000 -0400
15768 +++ linux-2.6.25-vs2.3.0.34.9/include/net/sock.h 2008-04-19 15:14:52.000000000 -0400
15769 @@ -123,6 +123,10 @@ struct sock_common {
15770 unsigned int skc_hash;
15771 struct proto *skc_prot;
15772 struct net *skc_net;
15774 + struct vx_info *skc_vx_info;
15776 + struct nx_info *skc_nx_info;
15780 @@ -205,6 +209,10 @@ struct sock {
15781 #define sk_hash __sk_common.skc_hash
15782 #define sk_prot __sk_common.skc_prot
15783 #define sk_net __sk_common.skc_net
15784 +#define sk_xid __sk_common.skc_xid
15785 +#define sk_vx_info __sk_common.skc_vx_info
15786 +#define sk_nid __sk_common.skc_nid
15787 +#define sk_nx_info __sk_common.skc_nx_info
15788 unsigned char sk_shutdown : 2,
15791 diff -NurpP --minimal linux-2.6.25/init/main.c linux-2.6.25-vs2.3.0.34.9/init/main.c
15792 --- linux-2.6.25/init/main.c 2008-04-17 12:05:44.000000000 -0400
15793 +++ linux-2.6.25-vs2.3.0.34.9/init/main.c 2008-04-21 10:46:10.000000000 -0400
15795 #include <linux/kthread.h>
15796 #include <linux/sched.h>
15797 #include <linux/signal.h>
15798 +#include <linux/vserver/percpu.h>
15800 #include <asm/io.h>
15801 #include <asm/bugs.h>
15802 @@ -370,12 +371,14 @@ EXPORT_SYMBOL(__per_cpu_offset);
15804 static void __init setup_per_cpu_areas(void)
15806 - unsigned long size, i;
15807 + unsigned long size, vspc, i;
15809 unsigned long nr_possible_cpus = num_possible_cpus();
15811 + vspc = PERCPU_PERCTX * CONFIG_VSERVER_CONTEXTS;
15813 /* Copy section for each CPU (we discard the original) */
15814 - size = ALIGN(PERCPU_ENOUGH_ROOM, PAGE_SIZE);
15815 + size = ALIGN(PERCPU_ENOUGH_ROOM + vspc, PAGE_SIZE);
15816 ptr = alloc_bootmem_pages(size * nr_possible_cpus);
15818 for_each_possible_cpu(i) {
15819 diff -NurpP --minimal linux-2.6.25/ipc/mqueue.c linux-2.6.25-vs2.3.0.34.9/ipc/mqueue.c
15820 --- linux-2.6.25/ipc/mqueue.c 2008-04-17 12:05:44.000000000 -0400
15821 +++ linux-2.6.25-vs2.3.0.34.9/ipc/mqueue.c 2008-04-19 15:14:52.000000000 -0400
15823 #include <linux/mutex.h>
15824 #include <linux/nsproxy.h>
15825 #include <linux/pid.h>
15826 +#include <linux/vs_context.h>
15827 +#include <linux/vs_limit.h>
15829 #include <net/sock.h>
15831 @@ -71,6 +73,7 @@ struct mqueue_inode_info {
15832 struct sigevent notify;
15833 struct pid* notify_owner;
15834 struct user_struct *user; /* user who created, for accounting */
15835 + struct vx_info *vxi;
15836 struct sock *notify_sock;
15837 struct sk_buff *notify_cookie;
15839 @@ -119,6 +122,7 @@ static struct inode *mqueue_get_inode(st
15840 struct mqueue_inode_info *info;
15841 struct task_struct *p = current;
15842 struct user_struct *u = p->user;
15843 + struct vx_info *vxi = p->vx_info;
15844 unsigned long mq_bytes, mq_msg_tblsz;
15846 inode->i_fop = &mqueue_file_operations;
15847 @@ -133,6 +137,7 @@ static struct inode *mqueue_get_inode(st
15848 info->notify_owner = NULL;
15850 info->user = NULL; /* set when all is ok */
15851 + info->vxi = NULL;
15852 memset(&info->attr, 0, sizeof(info->attr));
15853 info->attr.mq_maxmsg = DFLT_MSGMAX;
15854 info->attr.mq_msgsize = DFLT_MSGSIZEMAX;
15855 @@ -147,22 +152,26 @@ static struct inode *mqueue_get_inode(st
15856 spin_lock(&mq_lock);
15857 if (u->mq_bytes + mq_bytes < u->mq_bytes ||
15858 u->mq_bytes + mq_bytes >
15859 - p->signal->rlim[RLIMIT_MSGQUEUE].rlim_cur) {
15860 + p->signal->rlim[RLIMIT_MSGQUEUE].rlim_cur ||
15861 + !vx_ipcmsg_avail(vxi, mq_bytes)) {
15862 spin_unlock(&mq_lock);
15865 u->mq_bytes += mq_bytes;
15866 + vx_ipcmsg_add(vxi, u, mq_bytes);
15867 spin_unlock(&mq_lock);
15869 info->messages = kmalloc(mq_msg_tblsz, GFP_KERNEL);
15870 if (!info->messages) {
15871 spin_lock(&mq_lock);
15872 u->mq_bytes -= mq_bytes;
15873 + vx_ipcmsg_sub(vxi, u, mq_bytes);
15874 spin_unlock(&mq_lock);
15878 info->user = get_uid(u);
15879 + info->vxi = get_vx_info(vxi);
15880 } else if (S_ISDIR(mode)) {
15882 /* Some things misbehave if size == 0 on a directory */
15883 @@ -253,10 +262,14 @@ static void mqueue_delete_inode(struct i
15884 (info->attr.mq_maxmsg * info->attr.mq_msgsize));
15887 + struct vx_info *vxi = info->vxi;
15889 spin_lock(&mq_lock);
15890 user->mq_bytes -= mq_bytes;
15891 + vx_ipcmsg_sub(vxi, user, mq_bytes);
15893 spin_unlock(&mq_lock);
15894 + put_vx_info(vxi);
15898 @@ -743,7 +756,7 @@ asmlinkage long sys_mq_unlink(const char
15900 atomic_inc(&inode->i_count);
15902 - err = vfs_unlink(dentry->d_parent->d_inode, dentry);
15903 + err = vfs_unlink(dentry->d_parent->d_inode, dentry, NULL);
15907 diff -NurpP --minimal linux-2.6.25/ipc/msg.c linux-2.6.25-vs2.3.0.34.9/ipc/msg.c
15908 --- linux-2.6.25/ipc/msg.c 2008-04-17 12:05:44.000000000 -0400
15909 +++ linux-2.6.25-vs2.3.0.34.9/ipc/msg.c 2008-04-21 10:41:47.000000000 -0400
15911 #include <linux/rwsem.h>
15912 #include <linux/nsproxy.h>
15913 #include <linux/ipc_namespace.h>
15914 +#include <linux/vs_base.h>
15916 #include <asm/current.h>
15917 #include <asm/uaccess.h>
15918 @@ -168,6 +169,7 @@ static int newque(struct ipc_namespace *
15920 msq->q_perm.mode = msgflg & S_IRWXUGO;
15921 msq->q_perm.key = key;
15922 + msq->q_perm.xid = vx_current_xid();
15924 msq->q_perm.security = NULL;
15925 retval = security_msg_queue_alloc(msq);
15926 diff -NurpP --minimal linux-2.6.25/ipc/namespace.c linux-2.6.25-vs2.3.0.34.9/ipc/namespace.c
15927 --- linux-2.6.25/ipc/namespace.c 2008-04-17 12:05:44.000000000 -0400
15928 +++ linux-2.6.25-vs2.3.0.34.9/ipc/namespace.c 2008-04-21 10:44:58.000000000 -0400
15930 #include <linux/rcupdate.h>
15931 #include <linux/nsproxy.h>
15932 #include <linux/slab.h>
15933 +#include <linux/vs_base.h>
15934 +#include <linux/vserver/global.h>
15938 @@ -25,6 +27,7 @@ static struct ipc_namespace *clone_ipc_n
15941 kref_init(&ns->kref);
15942 + atomic_inc(&vs_global_ipc_ns);
15946 @@ -82,5 +85,6 @@ void free_ipc_ns(struct kref *kref)
15950 + atomic_dec(&vs_global_ipc_ns);
15953 diff -NurpP --minimal linux-2.6.25/ipc/sem.c linux-2.6.25-vs2.3.0.34.9/ipc/sem.c
15954 --- linux-2.6.25/ipc/sem.c 2008-04-17 12:05:44.000000000 -0400
15955 +++ linux-2.6.25-vs2.3.0.34.9/ipc/sem.c 2008-04-21 10:45:22.000000000 -0400
15957 #include <linux/rwsem.h>
15958 #include <linux/nsproxy.h>
15959 #include <linux/ipc_namespace.h>
15960 +#include <linux/vs_base.h>
15961 +#include <linux/vs_limit.h>
15963 #include <asm/uaccess.h>
15965 @@ -252,6 +254,7 @@ static int newary(struct ipc_namespace *
15967 sma->sem_perm.mode = (semflg & S_IRWXUGO);
15968 sma->sem_perm.key = key;
15969 + sma->sem_perm.xid = vx_current_xid();
15971 sma->sem_perm.security = NULL;
15972 retval = security_sem_alloc(sma);
15973 @@ -267,6 +270,9 @@ static int newary(struct ipc_namespace *
15976 ns->used_sems += nsems;
15977 + /* FIXME: obsoleted? */
15978 + vx_semary_inc(sma);
15979 + vx_nsems_add(sma, nsems);
15981 sma->sem_perm.id = sem_buildid(id, sma->sem_perm.seq);
15982 sma->sem_base = (struct sem *) &sma[1];
15983 diff -NurpP --minimal linux-2.6.25/ipc/shm.c linux-2.6.25-vs2.3.0.34.9/ipc/shm.c
15984 --- linux-2.6.25/ipc/shm.c 2008-04-17 12:05:44.000000000 -0400
15985 +++ linux-2.6.25-vs2.3.0.34.9/ipc/shm.c 2008-04-21 10:45:38.000000000 -0400
15987 #include <linux/nsproxy.h>
15988 #include <linux/mount.h>
15989 #include <linux/ipc_namespace.h>
15990 +#include <linux/vs_context.h>
15991 +#include <linux/vs_limit.h>
15993 #include <asm/uaccess.h>
15995 @@ -202,7 +204,12 @@ static void shm_open(struct vm_area_stru
15997 static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp)
15999 - ns->shm_tot -= (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
16000 + struct vx_info *vxi = lookup_vx_info(shp->shm_perm.xid);
16001 + int numpages = (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
16003 + vx_ipcshm_sub(vxi, shp, numpages);
16004 + ns->shm_tot -= numpages;
16008 if (!is_file_hugepages(shp->shm_file))
16009 @@ -212,6 +219,7 @@ static void shm_destroy(struct ipc_names
16011 fput (shp->shm_file);
16012 security_shm_free(shp);
16013 + put_vx_info(vxi);
16014 ipc_rcu_putref(shp);
16017 @@ -383,11 +391,15 @@ static int newseg(struct ipc_namespace *
16018 if (ns->shm_tot + numpages > ns->shm_ctlall)
16021 + if (!vx_ipcshm_avail(current->vx_info, numpages))
16024 shp = ipc_rcu_alloc(sizeof(*shp));
16028 shp->shm_perm.key = key;
16029 + shp->shm_perm.xid = vx_current_xid();
16030 shp->shm_perm.mode = (shmflg & S_IRWXUGO);
16031 shp->mlock_user = NULL;
16033 @@ -441,6 +453,7 @@ static int newseg(struct ipc_namespace *
16034 ns->shm_tot += numpages;
16035 error = shp->shm_perm.id;
16037 + vx_ipcshm_add(current->vx_info, key, numpages);
16041 diff -NurpP --minimal linux-2.6.25/kernel/capability.c linux-2.6.25-vs2.3.0.34.9/kernel/capability.c
16042 --- linux-2.6.25/kernel/capability.c 2008-04-17 12:05:44.000000000 -0400
16043 +++ linux-2.6.25-vs2.3.0.34.9/kernel/capability.c 2008-04-19 15:14:52.000000000 -0400
16045 #include <linux/security.h>
16046 #include <linux/syscalls.h>
16047 #include <linux/pid_namespace.h>
16048 +#include <linux/vs_context.h>
16049 #include <asm/uaccess.h>
16052 @@ -171,6 +172,8 @@ static inline int cap_set_pg(int pgrp_nr
16054 pgrp = find_vpid(pgrp_nr);
16055 do_each_pid_task(pgrp, PIDTYPE_PGID, g) {
16056 + if (!vx_check(g->xid, VS_ADMIN_P | VS_IDENT))
16059 while_each_thread(g, target) {
16060 if (!security_capset_check(target, effective,
16061 @@ -335,8 +338,12 @@ int __capable(struct task_struct *t, int
16065 +#include <linux/vserver/base.h>
16066 int capable(int cap)
16068 + /* here for now so we don't require task locking */
16069 + if (vs_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap))
16071 return __capable(current, cap);
16073 EXPORT_SYMBOL(capable);
16074 diff -NurpP --minimal linux-2.6.25/kernel/cgroup.c linux-2.6.25-vs2.3.0.34.9/kernel/cgroup.c
16075 --- linux-2.6.25/kernel/cgroup.c 2008-04-17 12:05:44.000000000 -0400
16076 +++ linux-2.6.25-vs2.3.0.34.9/kernel/cgroup.c 2008-04-19 15:14:52.000000000 -0400
16077 @@ -2828,7 +2828,7 @@ int cgroup_clone(struct task_struct *tsk
16080 /* Create the cgroup directory, which also creates the cgroup */
16081 - ret = vfs_mkdir(inode, dentry, S_IFDIR | 0755);
16082 + ret = vfs_mkdir(inode, dentry, S_IFDIR | 0755, NULL);
16083 child = __d_cgrp(dentry);
16086 diff -NurpP --minimal linux-2.6.25/kernel/compat.c linux-2.6.25-vs2.3.0.34.9/kernel/compat.c
16087 --- linux-2.6.25/kernel/compat.c 2008-04-17 12:05:44.000000000 -0400
16088 +++ linux-2.6.25-vs2.3.0.34.9/kernel/compat.c 2008-04-19 15:14:52.000000000 -0400
16089 @@ -846,7 +846,7 @@ asmlinkage long compat_sys_time(compat_t
16093 - do_gettimeofday(&tv);
16094 + vx_gettimeofday(&tv);
16098 @@ -870,7 +870,7 @@ asmlinkage long compat_sys_stime(compat_
16102 - do_settimeofday(&tv);
16103 + vx_settimeofday(&tv);
16107 diff -NurpP --minimal linux-2.6.25/kernel/exit.c linux-2.6.25-vs2.3.0.34.9/kernel/exit.c
16108 --- linux-2.6.25/kernel/exit.c 2008-04-17 12:05:44.000000000 -0400
16109 +++ linux-2.6.25-vs2.3.0.34.9/kernel/exit.c 2008-04-19 15:14:52.000000000 -0400
16111 #include <linux/resource.h>
16112 #include <linux/blkdev.h>
16113 #include <linux/task_io_accounting_ops.h>
16114 +#include <linux/vs_limit.h>
16115 +#include <linux/vs_context.h>
16116 +#include <linux/vs_network.h>
16117 +#include <linux/vs_pid.h>
16118 +#include <linux/vserver/global.h>
16120 #include <asm/uaccess.h>
16121 #include <asm/unistd.h>
16122 @@ -468,9 +473,11 @@ static void close_files(struct files_str
16123 filp_close(file, files);
16126 + vx_openfd_dec(i);
16134 @@ -1014,6 +1021,10 @@ NORET_TYPE void do_exit(long code)
16135 if (tsk->splice_pipe)
16136 __free_pipe_info(tsk->splice_pipe);
16138 + /* needs to stay after exit_notify() */
16139 + exit_vx_info(tsk, code);
16140 + exit_nx_info(tsk);
16143 /* causes final put_task_struct in finish_task_switch(). */
16144 tsk->state = TASK_DEAD;
16145 diff -NurpP --minimal linux-2.6.25/kernel/fork.c linux-2.6.25-vs2.3.0.34.9/kernel/fork.c
16146 --- linux-2.6.25/kernel/fork.c 2008-04-17 12:05:44.000000000 -0400
16147 +++ linux-2.6.25-vs2.3.0.34.9/kernel/fork.c 2008-04-21 11:09:01.000000000 -0400
16149 #include <linux/tty.h>
16150 #include <linux/proc_fs.h>
16151 #include <linux/blkdev.h>
16152 +#include <linux/vs_context.h>
16153 +#include <linux/vs_network.h>
16154 +#include <linux/vs_limit.h>
16155 +#include <linux/vs_memory.h>
16156 +#include <linux/vserver/global.h>
16158 #include <asm/pgtable.h>
16159 #include <asm/pgalloc.h>
16160 @@ -113,6 +118,8 @@ void free_task(struct task_struct *tsk)
16161 prop_local_destroy_single(&tsk->dirties);
16162 free_thread_info(tsk->stack);
16163 rt_mutex_debug_task_free(tsk);
16164 + clr_vx_info(&tsk->vx_info);
16165 + clr_nx_info(&tsk->nx_info);
16166 free_task_struct(tsk);
16168 EXPORT_SYMBOL(free_task);
16169 @@ -229,6 +236,8 @@ static int dup_mmap(struct mm_struct *mm
16170 mm->free_area_cache = oldmm->mmap_base;
16171 mm->cached_hole_size = ~0UL;
16173 + __set_mm_counter(mm, file_rss, 0);
16174 + __set_mm_counter(mm, anon_rss, 0);
16175 cpus_clear(mm->cpu_vm_mask);
16176 mm->mm_rb = RB_ROOT;
16177 rb_link = &mm->mm_rb.rb_node;
16178 @@ -240,7 +249,7 @@ static int dup_mmap(struct mm_struct *mm
16180 if (mpnt->vm_flags & VM_DONTCOPY) {
16181 long pages = vma_pages(mpnt);
16182 - mm->total_vm -= pages;
16183 + vx_vmpages_sub(mm, pages);
16184 vm_stat_account(mm, mpnt->vm_flags, mpnt->vm_file,
16187 @@ -351,8 +360,8 @@ static struct mm_struct * mm_init(struct
16188 : MMF_DUMP_FILTER_DEFAULT;
16189 mm->core_waiters = 0;
16191 - set_mm_counter(mm, file_rss, 0);
16192 - set_mm_counter(mm, anon_rss, 0);
16193 + __set_mm_counter(mm, file_rss, 0);
16194 + __set_mm_counter(mm, anon_rss, 0);
16195 spin_lock_init(&mm->page_table_lock);
16196 rwlock_init(&mm->ioctx_list_lock);
16197 mm->ioctx_list = NULL;
16198 @@ -362,6 +371,7 @@ static struct mm_struct * mm_init(struct
16200 if (likely(!mm_alloc_pgd(mm))) {
16202 + set_vx_info(&mm->mm_vx_info, p->vx_info);
16206 @@ -395,6 +405,7 @@ void __mmdrop(struct mm_struct *mm)
16207 BUG_ON(mm == &init_mm);
16209 destroy_context(mm);
16210 + clr_vx_info(&mm->mm_vx_info);
16213 EXPORT_SYMBOL_GPL(__mmdrop);
16214 @@ -511,6 +522,7 @@ static struct mm_struct *dup_mm(struct t
16217 memcpy(mm, oldmm, sizeof(*mm));
16218 + mm->mm_vx_info = NULL;
16220 /* Initializing for Swap token stuff */
16221 mm->token_priority = 0;
16222 @@ -542,6 +554,7 @@ fail_nocontext:
16223 * If init_new_context() failed, we cannot use mmput() to free the mm
16224 * because it calls destroy_context()
16226 + clr_vx_info(&mm->mm_vx_info);
16230 @@ -612,6 +625,7 @@ static struct fs_struct *__copy_fs_struc
16231 fs->altroot.dentry = NULL;
16233 read_unlock(&old->lock);
16234 + atomic_inc(&vs_global_fs);
16238 @@ -730,6 +744,8 @@ static struct files_struct *dup_fd(struc
16239 struct file *f = *old_fds++;
16242 + /* TODO: sum it first for check and performance */
16243 + vx_openfd_inc(open_files - i);
16246 * The fd may be claimed in the fd bitmap but not yet
16247 @@ -1011,6 +1027,8 @@ static struct task_struct *copy_process(
16249 struct task_struct *p;
16250 int cgroup_callbacks_done = 0;
16251 + struct vx_info *vxi;
16252 + struct nx_info *nxi;
16254 if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS))
16255 return ERR_PTR(-EINVAL);
16256 @@ -1045,12 +1063,28 @@ static struct task_struct *copy_process(
16257 DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled);
16258 DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
16260 + init_vx_info(&p->vx_info, current->vx_info);
16261 + init_nx_info(&p->nx_info, current->nx_info);
16263 + /* check vserver memory */
16264 + if (p->mm && !(clone_flags & CLONE_VM)) {
16265 + if (vx_vmpages_avail(p->mm, p->mm->total_vm))
16266 + vx_pages_add(p->vx_info, RLIMIT_AS, p->mm->total_vm);
16268 + goto bad_fork_free;
16270 + if (p->mm && vx_flags(VXF_FORK_RSS, 0)) {
16271 + if (!vx_rss_avail(p->mm, get_mm_counter(p->mm, file_rss)))
16272 + goto bad_fork_cleanup_vm;
16275 + if (!vx_nproc_avail(1))
16276 + goto bad_fork_cleanup_vm;
16277 if (atomic_read(&p->user->processes) >=
16278 p->signal->rlim[RLIMIT_NPROC].rlim_cur) {
16279 if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&
16280 p->user != current->nsproxy->user_ns->root_user)
16281 - goto bad_fork_free;
16282 + goto bad_fork_cleanup_vm;
16285 atomic_inc(&p->user->__count);
16286 @@ -1352,6 +1386,18 @@ static struct task_struct *copy_process(
16289 spin_unlock(¤t->sighand->siglock);
16291 + /* p is copy of current */
16292 + vxi = p->vx_info;
16294 + claim_vx_info(vxi, p);
16295 + atomic_inc(&vxi->cvirt.nr_threads);
16296 + atomic_inc(&vxi->cvirt.total_forks);
16299 + nxi = p->nx_info;
16301 + claim_nx_info(nxi, p);
16302 write_unlock_irq(&tasklist_lock);
16303 proc_fork_connector(p);
16304 cgroup_post_fork(p);
16305 @@ -1398,6 +1444,9 @@ bad_fork_cleanup_count:
16306 put_group_info(p->group_info);
16307 atomic_dec(&p->user->processes);
16309 +bad_fork_cleanup_vm:
16310 + if (p->mm && !(clone_flags & CLONE_VM))
16311 + vx_pages_sub(p->vx_info, RLIMIT_AS, p->mm->total_vm);
16315 diff -NurpP --minimal linux-2.6.25/kernel/kthread.c linux-2.6.25-vs2.3.0.34.9/kernel/kthread.c
16316 --- linux-2.6.25/kernel/kthread.c 2008-04-17 12:05:44.000000000 -0400
16317 +++ linux-2.6.25-vs2.3.0.34.9/kernel/kthread.c 2008-04-19 15:14:52.000000000 -0400
16319 #include <linux/file.h>
16320 #include <linux/module.h>
16321 #include <linux/mutex.h>
16322 +#include <linux/vs_pid.h>
16323 #include <asm/semaphore.h>
16325 #define KTHREAD_NICE_LEVEL (-5)
16326 @@ -99,7 +100,7 @@ static void create_kthread(struct kthrea
16327 struct sched_param param = { .sched_priority = 0 };
16328 wait_for_completion(&create->started);
16329 read_lock(&tasklist_lock);
16330 - create->result = find_task_by_pid(pid);
16331 + create->result = find_task_by_real_pid(pid);
16332 read_unlock(&tasklist_lock);
16334 * root may have changed our (kthreadd's) priority or CPU mask.
16335 diff -NurpP --minimal linux-2.6.25/kernel/Makefile linux-2.6.25-vs2.3.0.34.9/kernel/Makefile
16336 --- linux-2.6.25/kernel/Makefile 2008-04-17 12:05:44.000000000 -0400
16337 +++ linux-2.6.25-vs2.3.0.34.9/kernel/Makefile 2008-04-19 15:14:52.000000000 -0400
16338 @@ -11,6 +11,8 @@ obj-y = sched.o fork.o exec_domain.o
16339 hrtimer.o rwsem.o nsproxy.o srcu.o \
16340 notifier.o ksysfs.o pm_qos_params.o
16344 obj-$(CONFIG_SYSCTL) += sysctl_check.o
16345 obj-$(CONFIG_STACKTRACE) += stacktrace.o
16347 diff -NurpP --minimal linux-2.6.25/kernel/nsproxy.c linux-2.6.25-vs2.3.0.34.9/kernel/nsproxy.c
16348 --- linux-2.6.25/kernel/nsproxy.c 2008-04-17 12:05:44.000000000 -0400
16349 +++ linux-2.6.25-vs2.3.0.34.9/kernel/nsproxy.c 2008-04-19 15:14:52.000000000 -0400
16351 #include <linux/mnt_namespace.h>
16352 #include <linux/utsname.h>
16353 #include <linux/pid_namespace.h>
16354 +#include <linux/vserver/global.h>
16355 +#include <linux/vserver/debug.h>
16356 #include <net/net_namespace.h>
16357 #include <linux/ipc_namespace.h>
16359 @@ -38,6 +40,9 @@ static inline struct nsproxy *clone_nspr
16361 memcpy(ns, orig, sizeof(struct nsproxy));
16362 atomic_set(&ns->count, 1);
16363 + vxdprintk(VXD_CBIT(space, 2), "clone_nsproxy(%p[%u] = %p[1]",
16364 + orig, atomic_read(&orig->count), ns);
16365 + atomic_inc(&vs_global_nsproxy);
16369 @@ -47,47 +52,51 @@ static inline struct nsproxy *clone_nspr
16370 * Return the newly created nsproxy. Do not attach this to the task,
16371 * leave it to the caller to do proper locking and attach it to task.
16373 -static struct nsproxy *create_new_namespaces(unsigned long flags,
16374 - struct task_struct *tsk, struct fs_struct *new_fs)
16375 +static struct nsproxy *unshare_namespaces(unsigned long flags,
16376 + struct nsproxy *orig, struct fs_struct *new_fs)
16378 struct nsproxy *new_nsp;
16381 - new_nsp = clone_nsproxy(tsk->nsproxy);
16382 + vxdprintk(VXD_CBIT(space, 4),
16383 + "unshare_namespaces(0x%08lx,%p,%p)",
16384 + flags, orig, new_fs);
16386 + new_nsp = clone_nsproxy(orig);
16388 return ERR_PTR(-ENOMEM);
16390 - new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
16391 + new_nsp->mnt_ns = copy_mnt_ns(flags, orig->mnt_ns, new_fs);
16392 if (IS_ERR(new_nsp->mnt_ns)) {
16393 err = PTR_ERR(new_nsp->mnt_ns);
16397 - new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns);
16398 + new_nsp->uts_ns = copy_utsname(flags, orig->uts_ns);
16399 if (IS_ERR(new_nsp->uts_ns)) {
16400 err = PTR_ERR(new_nsp->uts_ns);
16404 - new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns);
16405 + new_nsp->ipc_ns = copy_ipcs(flags, orig->ipc_ns);
16406 if (IS_ERR(new_nsp->ipc_ns)) {
16407 err = PTR_ERR(new_nsp->ipc_ns);
16411 - new_nsp->pid_ns = copy_pid_ns(flags, task_active_pid_ns(tsk));
16412 + new_nsp->pid_ns = copy_pid_ns(flags, orig->pid_ns);
16413 if (IS_ERR(new_nsp->pid_ns)) {
16414 err = PTR_ERR(new_nsp->pid_ns);
16418 - new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns);
16419 + new_nsp->user_ns = copy_user_ns(flags, orig->user_ns);
16420 if (IS_ERR(new_nsp->user_ns)) {
16421 err = PTR_ERR(new_nsp->user_ns);
16425 - new_nsp->net_ns = copy_net_ns(flags, tsk->nsproxy->net_ns);
16426 + new_nsp->net_ns = copy_net_ns(flags, orig->net_ns);
16427 if (IS_ERR(new_nsp->net_ns)) {
16428 err = PTR_ERR(new_nsp->net_ns);
16430 @@ -115,6 +124,37 @@ out_ns:
16431 return ERR_PTR(err);
16434 +static struct nsproxy *create_new_namespaces(int flags, struct task_struct *tsk,
16435 + struct fs_struct *new_fs)
16437 + return unshare_namespaces(flags, tsk->nsproxy, new_fs);
16441 + * copies the nsproxy, setting refcount to 1, and grabbing a
16442 + * reference to all contained namespaces.
16444 +struct nsproxy *copy_nsproxy(struct nsproxy *orig)
16446 + struct nsproxy *ns = clone_nsproxy(orig);
16450 + get_mnt_ns(ns->mnt_ns);
16452 + get_uts_ns(ns->uts_ns);
16454 + get_ipc_ns(ns->ipc_ns);
16456 + get_pid_ns(ns->pid_ns);
16458 + get_user_ns(ns->user_ns);
16460 + get_net(ns->net_ns);
16466 * called from clone. This now handles copy for nsproxy and all
16467 * namespaces therein.
16468 @@ -122,9 +162,12 @@ out_ns:
16469 int copy_namespaces(unsigned long flags, struct task_struct *tsk)
16471 struct nsproxy *old_ns = tsk->nsproxy;
16472 - struct nsproxy *new_ns;
16473 + struct nsproxy *new_ns = NULL;
16476 + vxdprintk(VXD_CBIT(space, 7), "copy_namespaces(0x%08lx,%p[%p])",
16477 + flags, tsk, old_ns);
16482 @@ -155,6 +198,9 @@ int copy_namespaces(unsigned long flags,
16485 put_nsproxy(old_ns);
16486 + vxdprintk(VXD_CBIT(space, 3),
16487 + "copy_namespaces(0x%08lx,%p[%p]) = %d [%p]",
16488 + flags, tsk, old_ns, err, new_ns);
16492 @@ -171,6 +217,7 @@ void free_nsproxy(struct nsproxy *ns)
16494 put_user_ns(ns->user_ns);
16495 put_net(ns->net_ns);
16496 + atomic_dec(&vs_global_nsproxy);
16497 kmem_cache_free(nsproxy_cachep, ns);
16500 @@ -183,6 +230,10 @@ int unshare_nsproxy_namespaces(unsigned
16504 + vxdprintk(VXD_CBIT(space, 4),
16505 + "unshare_nsproxy_namespaces(0x%08lx,[%p])",
16506 + unshare_flags, current->nsproxy);
16508 if (!(unshare_flags & (CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC |
16509 CLONE_NEWUSER | CLONE_NEWNET)))
16511 diff -NurpP --minimal linux-2.6.25/kernel/pid.c linux-2.6.25-vs2.3.0.34.9/kernel/pid.c
16512 --- linux-2.6.25/kernel/pid.c 2008-04-17 12:05:44.000000000 -0400
16513 +++ linux-2.6.25-vs2.3.0.34.9/kernel/pid.c 2008-04-29 17:56:00.000000000 -0400
16515 #include <linux/pid_namespace.h>
16516 #include <linux/init_task.h>
16517 #include <linux/syscalls.h>
16518 +#include <linux/vs_pid.h>
16519 +#include <linux/vserver/global.h>
16521 #define pid_hashfn(nr, ns) \
16522 hash_long((unsigned long)nr + (unsigned long)ns, pidhash_shift)
16523 @@ -303,7 +305,7 @@ EXPORT_SYMBOL_GPL(find_pid_ns);
16525 struct pid *find_vpid(int nr)
16527 - return find_pid_ns(nr, current->nsproxy->pid_ns);
16528 + return find_pid_ns(vx_rmap_pid(nr), current->nsproxy->pid_ns);
16530 EXPORT_SYMBOL_GPL(find_vpid);
16532 @@ -359,6 +361,9 @@ void transfer_pid(struct task_struct *ol
16533 struct task_struct *pid_task(struct pid *pid, enum pid_type type)
16535 struct task_struct *result = NULL;
16537 + if (type == PIDTYPE_REALPID)
16538 + type = PIDTYPE_PID;
16540 struct hlist_node *first;
16541 first = rcu_dereference(pid->tasks[type].first);
16542 @@ -388,14 +393,14 @@ EXPORT_SYMBOL(find_task_by_pid);
16544 struct task_struct *find_task_by_vpid(pid_t vnr)
16546 - return find_task_by_pid_type_ns(PIDTYPE_PID, vnr,
16547 + return find_task_by_pid_type_ns(PIDTYPE_PID, vx_rmap_pid(vnr),
16548 current->nsproxy->pid_ns);
16550 EXPORT_SYMBOL(find_task_by_vpid);
16552 struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns)
16554 - return find_task_by_pid_type_ns(PIDTYPE_PID, nr, ns);
16555 + return find_task_by_pid_type_ns(PIDTYPE_PID, vx_rmap_pid(nr), ns);
16557 EXPORT_SYMBOL(find_task_by_pid_ns);
16559 @@ -430,7 +435,7 @@ struct pid *find_get_pid(pid_t nr)
16563 -pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns)
16564 +pid_t pid_unmapped_nr_ns(struct pid *pid, struct pid_namespace *ns)
16568 @@ -443,6 +448,11 @@ pid_t pid_nr_ns(struct pid *pid, struct
16572 +pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns)
16574 + return vx_map_pid(pid_unmapped_nr_ns(pid, ns));
16577 pid_t pid_vnr(struct pid *pid)
16579 return pid_nr_ns(pid, current->nsproxy->pid_ns);
16580 diff -NurpP --minimal linux-2.6.25/kernel/pid_namespace.c linux-2.6.25-vs2.3.0.34.9/kernel/pid_namespace.c
16581 --- linux-2.6.25/kernel/pid_namespace.c 2008-04-17 12:05:44.000000000 -0400
16582 +++ linux-2.6.25-vs2.3.0.34.9/kernel/pid_namespace.c 2008-04-23 11:52:08.000000000 -0400
16584 #include <linux/pid_namespace.h>
16585 #include <linux/syscalls.h>
16586 #include <linux/err.h>
16587 +#include <linux/vserver/global.h>
16589 #define BITS_PER_PAGE (PAGE_SIZE*8)
16591 @@ -84,6 +85,7 @@ static struct pid_namespace *create_pid_
16594 kref_init(&ns->kref);
16595 + atomic_inc(&vs_global_pid_ns);
16597 ns->child_reaper = NULL;
16599 @@ -112,6 +114,7 @@ static void destroy_pid_namespace(struct
16601 for (i = 0; i < PIDMAP_ENTRIES; i++)
16602 kfree(ns->pidmap[i].page);
16603 + atomic_dec(&vs_global_pid_ns);
16604 kmem_cache_free(pid_ns_cachep, ns);
16607 diff -NurpP --minimal linux-2.6.25/kernel/posix-timers.c linux-2.6.25-vs2.3.0.34.9/kernel/posix-timers.c
16608 --- linux-2.6.25/kernel/posix-timers.c 2008-04-17 12:05:44.000000000 -0400
16609 +++ linux-2.6.25-vs2.3.0.34.9/kernel/posix-timers.c 2008-04-19 15:14:52.000000000 -0400
16611 #include <linux/wait.h>
16612 #include <linux/workqueue.h>
16613 #include <linux/module.h>
16614 +#include <linux/vs_context.h>
16617 * Management arrays for POSIX timers. Timers are kept in slab memory
16618 @@ -299,6 +300,12 @@ void do_schedule_next_timer(struct sigin
16620 int posix_timer_event(struct k_itimer *timr,int si_private)
16622 + struct vx_info_save vxis;
16623 + struct vx_info *vxi;
16626 + vxi = task_get_vx_info(timr->it_process);
16627 + enter_vx_info(vxi, &vxis);
16628 memset(&timr->sigq->info, 0, sizeof(siginfo_t));
16629 timr->sigq->info.si_sys_private = si_private;
16630 /* Send signal to the process that owns this timer.*/
16631 @@ -311,11 +318,11 @@ int posix_timer_event(struct k_itimer *t
16633 if (timr->it_sigev_notify & SIGEV_THREAD_ID) {
16634 struct task_struct *leader;
16635 - int ret = send_sigqueue(timr->it_sigev_signo, timr->sigq,
16636 - timr->it_process);
16638 + ret = send_sigqueue(timr->it_sigev_signo, timr->sigq,
16639 + timr->it_process);
16640 if (likely(ret >= 0))
16644 timr->it_sigev_notify = SIGEV_SIGNAL;
16645 leader = timr->it_process->group_leader;
16646 @@ -323,8 +330,12 @@ int posix_timer_event(struct k_itimer *t
16647 timr->it_process = leader;
16650 - return send_group_sigqueue(timr->it_sigev_signo, timr->sigq,
16651 + ret = send_group_sigqueue(timr->it_sigev_signo, timr->sigq,
16654 + leave_vx_info(&vxis);
16655 + put_vx_info(vxi);
16658 EXPORT_SYMBOL_GPL(posix_timer_event);
16660 diff -NurpP --minimal linux-2.6.25/kernel/printk.c linux-2.6.25-vs2.3.0.34.9/kernel/printk.c
16661 --- linux-2.6.25/kernel/printk.c 2008-04-17 12:05:44.000000000 -0400
16662 +++ linux-2.6.25-vs2.3.0.34.9/kernel/printk.c 2008-04-21 10:59:28.000000000 -0400
16664 #include <linux/security.h>
16665 #include <linux/bootmem.h>
16666 #include <linux/syscalls.h>
16667 +#include <linux/vs_cvirt.h>
16669 #include <asm/uaccess.h>
16671 @@ -297,18 +298,13 @@ int do_syslog(int type, char __user *buf
16672 unsigned i, j, limit, count;
16678 error = security_syslog(type);
16683 - case 0: /* Close log */
16685 - case 1: /* Open log */
16687 - case 2: /* Read from log */
16688 + if ((type >= 2) && (type <= 4)) {
16690 if (!buf || len < 0)
16692 @@ -319,6 +315,16 @@ int do_syslog(int type, char __user *buf
16697 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
16698 + return vx_do_syslog(type, buf, len);
16701 + case 0: /* Close log */
16703 + case 1: /* Open log */
16705 + case 2: /* Read from log */
16706 error = wait_event_interruptible(log_wait,
16707 (log_start - log_end));
16709 @@ -343,16 +349,6 @@ int do_syslog(int type, char __user *buf
16712 case 3: /* Read last kernel messages */
16714 - if (!buf || len < 0)
16719 - if (!access_ok(VERIFY_WRITE, buf, len)) {
16724 if (count > log_buf_len)
16725 count = log_buf_len;
16726 diff -NurpP --minimal linux-2.6.25/kernel/ptrace.c linux-2.6.25-vs2.3.0.34.9/kernel/ptrace.c
16727 --- linux-2.6.25/kernel/ptrace.c 2008-04-17 12:05:44.000000000 -0400
16728 +++ linux-2.6.25-vs2.3.0.34.9/kernel/ptrace.c 2008-04-21 10:50:28.000000000 -0400
16730 #include <linux/audit.h>
16731 #include <linux/pid_namespace.h>
16732 #include <linux/syscalls.h>
16733 +#include <linux/vs_context.h>
16735 #include <asm/pgtable.h>
16736 #include <asm/uaccess.h>
16737 @@ -147,6 +148,11 @@ int __ptrace_may_attach(struct task_stru
16738 dumpable = get_dumpable(task->mm);
16739 if (!dumpable && !capable(CAP_SYS_PTRACE))
16741 + if (!vx_check(task->xid, VS_ADMIN_P|VS_IDENT))
16743 + if (!vx_check(task->xid, VS_IDENT) &&
16744 + !task_vx_flags(task, VXF_STATE_ADMIN, 0))
16747 return security_ptrace(current, task);
16749 @@ -562,6 +568,10 @@ asmlinkage long sys_ptrace(long request,
16754 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
16755 + goto out_put_task_struct;
16757 if (request == PTRACE_ATTACH) {
16758 ret = ptrace_attach(child);
16760 diff -NurpP --minimal linux-2.6.25/kernel/sched.c linux-2.6.25-vs2.3.0.34.9/kernel/sched.c
16761 --- linux-2.6.25/kernel/sched.c 2008-04-17 12:05:44.000000000 -0400
16762 +++ linux-2.6.25-vs2.3.0.34.9/kernel/sched.c 2008-04-21 10:51:59.000000000 -0400
16764 #include <linux/unistd.h>
16765 #include <linux/pagemap.h>
16766 #include <linux/hrtimer.h>
16767 +#include <linux/vs_sched.h>
16768 +#include <linux/vs_cvirt.h>
16770 #include <asm/tlb.h>
16771 #include <asm/irq_regs.h>
16772 @@ -375,6 +377,16 @@ struct root_domain {
16773 static struct root_domain def_root_domain;
16776 + unsigned long norm_time;
16777 + unsigned long idle_time;
16778 +#ifdef CONFIG_VSERVER_IDLETIME
16781 +#ifdef CONFIG_VSERVER_HARDCPU
16782 + struct list_head hold_queue;
16783 + unsigned long nr_onhold;
16788 * This is the main, per-CPU runqueue data structure.
16789 @@ -1303,6 +1315,7 @@ static void set_load_weight(struct task_
16791 static void enqueue_task(struct rq *rq, struct task_struct *p, int wakeup)
16793 + // BUG_ON(p->state & TASK_ONHOLD);
16794 sched_info_queued(p);
16795 p->sched_class->enqueue_task(rq, p, wakeup);
16797 @@ -1493,6 +1506,9 @@ struct migration_req {
16798 struct completion done;
16801 +#include "sched_mon.h"
16805 * The task's runqueue lock must be held.
16806 * Returns true if you have to wait for migration thread.
16807 @@ -1502,6 +1518,7 @@ migrate_task(struct task_struct *p, int
16809 struct rq *rq = task_rq(p);
16811 + vxm_migrate_task(p, rq, dest_cpu);
16813 * If the task is not on a runqueue (and not running), then
16814 * it is sufficient to simply update the task's cpu field.
16815 @@ -1863,6 +1880,12 @@ static int try_to_wake_up(struct task_st
16816 /* might preempt at this point */
16817 rq = task_rq_lock(p, &flags);
16818 old_state = p->state;
16820 + /* we need to unhold suspended tasks
16821 + if (old_state & TASK_ONHOLD) {
16822 + vx_unhold_task(p, rq);
16823 + old_state = p->state;
16825 if (!(old_state & state))
16828 @@ -3634,13 +3657,16 @@ unsigned long long task_sched_runtime(st
16829 void account_user_time(struct task_struct *p, cputime_t cputime)
16831 struct cpu_usage_stat *cpustat = &kstat_this_cpu.cpustat;
16832 + struct vx_info *vxi = p->vx_info; /* p is _always_ current */
16834 + int nice = (TASK_NICE(p) > 0);
16836 p->utime = cputime_add(p->utime, cputime);
16837 + vx_account_user(vxi, cputime, nice);
16839 /* Add user time to cpustat. */
16840 tmp = cputime_to_cputime64(cputime);
16841 - if (TASK_NICE(p) > 0)
16843 cpustat->nice = cputime64_add(cpustat->nice, tmp);
16845 cpustat->user = cputime64_add(cpustat->user, tmp);
16846 @@ -3685,6 +3711,7 @@ void account_system_time(struct task_str
16849 struct cpu_usage_stat *cpustat = &kstat_this_cpu.cpustat;
16850 + struct vx_info *vxi = p->vx_info; /* p is _always_ current */
16851 struct rq *rq = this_rq();
16854 @@ -3692,6 +3719,7 @@ void account_system_time(struct task_str
16855 return account_guest_time(p, cputime);
16857 p->stime = cputime_add(p->stime, cputime);
16858 + vx_account_system(vxi, cputime, (p == rq->idle));
16860 /* Add system time to cpustat. */
16861 tmp = cputime_to_cputime64(cputime);
16862 @@ -4437,7 +4465,7 @@ asmlinkage long sys_nice(int increment)
16865 if (increment < 0 && !can_nice(current, nice))
16867 + return vx_flags(VXF_IGNEG_NICE, 0) ? 0 : -EPERM;
16869 retval = security_task_setnice(current, nice);
16871 diff -NurpP --minimal linux-2.6.25/kernel/sched_fair.c linux-2.6.25-vs2.3.0.34.9/kernel/sched_fair.c
16872 --- linux-2.6.25/kernel/sched_fair.c 2008-04-17 12:05:44.000000000 -0400
16873 +++ linux-2.6.25-vs2.3.0.34.9/kernel/sched_fair.c 2008-04-19 15:14:52.000000000 -0400
16874 @@ -537,6 +537,8 @@ enqueue_entity(struct cfs_rq *cfs_rq, st
16875 check_spread(cfs_rq, se);
16876 if (se != cfs_rq->curr)
16877 __enqueue_entity(cfs_rq, se);
16878 + if (entity_is_task(se))
16879 + vx_activate_task(task_of(se));
16880 account_entity_enqueue(cfs_rq, se);
16883 @@ -580,6 +582,8 @@ dequeue_entity(struct cfs_rq *cfs_rq, st
16885 if (se != cfs_rq->curr)
16886 __dequeue_entity(cfs_rq, se);
16887 + if (entity_is_task(se))
16888 + vx_deactivate_task(task_of(se));
16889 account_entity_dequeue(cfs_rq, se);
16892 diff -NurpP --minimal linux-2.6.25/kernel/sched_hard.h linux-2.6.25-vs2.3.0.34.9/kernel/sched_hard.h
16893 --- linux-2.6.25/kernel/sched_hard.h 1969-12-31 19:00:00.000000000 -0500
16894 +++ linux-2.6.25-vs2.3.0.34.9/kernel/sched_hard.h 2008-04-19 15:14:52.000000000 -0400
16897 +#ifdef CONFIG_VSERVER_IDLELIMIT
16900 + * vx_idle_resched - reschedule after maxidle
16903 +void vx_idle_resched(struct rq *rq)
16905 + /* maybe have a better criterion for paused */
16906 + if (!--rq->idle_tokens && !list_empty(&rq->hold_queue))
16907 + set_need_resched();
16910 +#else /* !CONFIG_VSERVER_IDLELIMIT */
16912 +#define vx_idle_resched(rq)
16914 +#endif /* CONFIG_VSERVER_IDLELIMIT */
16918 +#ifdef CONFIG_VSERVER_IDLETIME
16920 +#define vx_set_rq_min_skip(rq, min) \
16921 + (rq)->idle_skip = (min)
16923 +#define vx_save_min_skip(ret, min, val) \
16924 + __vx_save_min_skip(ret, min, val)
16927 +void __vx_save_min_skip(int ret, int *min, int val)
16931 + if ((*min > val) || !*min)
16936 +int vx_try_skip(struct rq *rq, int cpu)
16938 + /* artificially advance time */
16939 + if (rq->idle_skip > 0) {
16940 + vxdprintk(list_empty(&rq->hold_queue),
16941 + "hold queue empty on cpu %d", cpu);
16942 + rq->idle_time += rq->idle_skip;
16943 + vxm_idle_skip(rq, cpu);
16949 +#else /* !CONFIG_VSERVER_IDLETIME */
16951 +#define vx_set_rq_min_skip(rq, min) \
16952 + ({ int dummy = (min); dummy; })
16954 +#define vx_save_min_skip(ret, min, val)
16957 +int vx_try_skip(struct rq *rq, int cpu)
16962 +#endif /* CONFIG_VSERVER_IDLETIME */
16966 +#ifdef CONFIG_VSERVER_HARDCPU
16968 +#define vx_set_rq_max_idle(rq, max) \
16969 + (rq)->idle_tokens = (max)
16971 +#define vx_save_max_idle(ret, min, val) \
16972 + __vx_save_max_idle(ret, min, val)
16975 +void __vx_save_max_idle(int ret, int *min, int val)
16983 + * vx_hold_task - put a task on the hold queue
16986 +void vx_hold_task(struct task_struct *p, struct rq *rq)
16988 + __deactivate_task(p, rq);
16989 + p->state |= TASK_ONHOLD;
16990 + /* a new one on hold */
16992 + vxm_hold_task(p, rq);
16993 + list_add_tail(&p->run_list, &rq->hold_queue);
16997 + * vx_unhold_task - put a task back to the runqueue
17000 +void vx_unhold_task(struct task_struct *p, struct rq *rq)
17002 + list_del(&p->run_list);
17003 + /* one less waiting */
17005 + p->state &= ~TASK_ONHOLD;
17006 + enqueue_task(p, rq->expired);
17007 + inc_nr_running(p, rq);
17008 + vxm_unhold_task(p, rq);
17010 + if (p->static_prio < rq->best_expired_prio)
17011 + rq->best_expired_prio = p->static_prio;
17014 +unsigned long nr_onhold(void)
17016 + unsigned long i, sum = 0;
17018 + for_each_online_cpu(i)
17019 + sum += cpu_rq(i)->nr_onhold;
17027 +int __vx_tokens_avail(struct _vx_sched_pc *sched_pc)
17029 + return sched_pc->tokens;
17033 +void __vx_consume_token(struct _vx_sched_pc *sched_pc)
17035 + sched_pc->tokens--;
17039 +int vx_need_resched(struct task_struct *p, int slice, int cpu)
17041 + struct vx_info *vxi = p->vx_info;
17043 + if (vx_info_flags(vxi, VXF_SCHED_HARD|VXF_SCHED_PRIO, 0)) {
17044 + struct _vx_sched_pc *sched_pc =
17045 + &vx_per_cpu(vxi, sched_pc, cpu);
17048 + /* maybe we can simplify that to decrement
17049 + the token counter unconditional? */
17051 + if ((tokens = __vx_tokens_avail(sched_pc)) > 0)
17052 + __vx_consume_token(sched_pc);
17054 + /* for tokens > 0, one token was consumed */
17058 + vxm_need_resched(p, slice, cpu);
17059 + return (slice == 0);
17063 +#define vx_set_rq_time(rq, time) do { \
17064 + rq->norm_time = time; \
17069 +void vx_try_unhold(struct rq *rq, int cpu)
17071 + struct vx_info *vxi = NULL;
17072 + struct list_head *l, *n;
17073 + int maxidle = HZ;
17076 + /* nothing to do? what about pause? */
17077 + if (list_empty(&rq->hold_queue))
17080 + list_for_each_safe(l, n, &rq->hold_queue) {
17081 + int ret, delta_min[2];
17082 + struct _vx_sched_pc *sched_pc;
17083 + struct task_struct *p;
17085 + p = list_entry(l, struct task_struct, run_list);
17086 + /* don't bother with same context */
17087 + if (vxi == p->vx_info)
17090 + vxi = p->vx_info;
17091 + /* ignore paused contexts */
17092 + if (vx_info_flags(vxi, VXF_SCHED_PAUSE, 0))
17095 + sched_pc = &vx_per_cpu(vxi, sched_pc, cpu);
17097 + /* recalc tokens */
17098 + vxm_sched_info(sched_pc, vxi, cpu);
17099 + ret = vx_tokens_recalc(sched_pc,
17100 + &rq->norm_time, &rq->idle_time, delta_min);
17101 + vxm_tokens_recalc(sched_pc, rq, vxi, cpu);
17104 + /* we found a runable context */
17105 + vx_unhold_task(p, rq);
17108 + vx_save_max_idle(ret, &maxidle, delta_min[0]);
17109 + vx_save_min_skip(ret, &minskip, delta_min[1]);
17111 + vx_set_rq_max_idle(rq, maxidle);
17112 + vx_set_rq_min_skip(rq, minskip);
17113 + vxm_rq_max_min(rq, cpu);
17118 +int vx_schedule(struct task_struct *next, struct rq *rq, int cpu)
17120 + struct vx_info *vxi = next->vx_info;
17121 + struct _vx_sched_pc *sched_pc;
17122 + int delta_min[2];
17128 + flags = vxi->vx_flags;
17130 + if (unlikely(vs_check_flags(flags, VXF_SCHED_PAUSE, 0)))
17131 + goto put_on_hold;
17132 + if (!vs_check_flags(flags, VXF_SCHED_HARD | VXF_SCHED_PRIO, 0))
17135 + sched_pc = &vx_per_cpu(vxi, sched_pc, cpu);
17137 + /* update scheduler params */
17138 + if (cpu_isset(cpu, vxi->sched.update)) {
17139 + vx_update_sched_param(&vxi->sched, sched_pc);
17140 + vxm_update_sched(sched_pc, vxi, cpu);
17141 + cpu_clear(cpu, vxi->sched.update);
17144 + vxm_sched_info(sched_pc, vxi, cpu);
17145 + ret = vx_tokens_recalc(sched_pc,
17146 + &rq->norm_time, &rq->idle_time, delta_min);
17147 + vxm_tokens_recalc(sched_pc, rq, vxi, cpu);
17149 + if (!vs_check_flags(flags, VXF_SCHED_HARD, 0))
17152 + if (unlikely(ret < 0)) {
17153 + vx_save_max_idle(ret, &rq->idle_tokens, delta_min[0]);
17154 + vx_save_min_skip(ret, &rq->idle_skip, delta_min[1]);
17155 + vxm_rq_max_min(rq, cpu);
17157 + vx_hold_task(next, rq);
17164 +#else /* CONFIG_VSERVER_HARDCPU */
17167 +void vx_hold_task(struct task_struct *p, struct rq *rq)
17173 +void vx_unhold_task(struct task_struct *p, struct rq *rq)
17178 +unsigned long nr_onhold(void)
17185 +int vx_need_resched(struct task_struct *p, int slice, int cpu)
17187 + return (slice == 0);
17191 +#define vx_set_rq_time(rq, time)
17194 +void vx_try_unhold(struct rq *rq, int cpu)
17200 +int vx_schedule(struct task_struct *next, struct rq *rq, int cpu)
17202 + struct vx_info *vxi = next->vx_info;
17203 + struct _vx_sched_pc *sched_pc;
17204 + int delta_min[2];
17207 + if (!vx_info_flags(vxi, VXF_SCHED_PRIO, 0))
17210 + sched_pc = &vx_per_cpu(vxi, sched_pc, cpu);
17211 + vxm_sched_info(sched_pc, vxi, cpu);
17212 + ret = vx_tokens_recalc(sched_pc,
17213 + &rq->norm_time, &rq->idle_time, delta_min);
17214 + vxm_tokens_recalc(sched_pc, rq, vxi, cpu);
17218 +#endif /* CONFIG_VSERVER_HARDCPU */
17220 diff -NurpP --minimal linux-2.6.25/kernel/sched_mon.h linux-2.6.25-vs2.3.0.34.9/kernel/sched_mon.h
17221 --- linux-2.6.25/kernel/sched_mon.h 1969-12-31 19:00:00.000000000 -0500
17222 +++ linux-2.6.25-vs2.3.0.34.9/kernel/sched_mon.h 2008-04-19 15:14:52.000000000 -0400
17225 +#include <linux/vserver/monitor.h>
17227 +#ifdef CONFIG_VSERVER_MONITOR
17229 +#ifdef CONFIG_VSERVER_HARDCPU
17230 +#define HARDCPU(x) (x)
17232 +#define HARDCPU(x) (0)
17235 +#ifdef CONFIG_VSERVER_IDLETIME
17236 +#define IDLETIME(x) (x)
17238 +#define IDLETIME(x) (0)
17241 +struct _vx_mon_entry *vxm_advance(int cpu);
17245 +void __vxm_basic(struct _vx_mon_entry *entry, xid_t xid, int type)
17247 + entry->type = type;
17248 + entry->xid = xid;
17252 +void __vxm_sync(int cpu)
17254 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17256 + __vxm_basic(entry, 0, VXM_SYNC);
17257 + entry->ev.sec = xtime.tv_sec;
17258 + entry->ev.nsec = xtime.tv_nsec;
17262 +void __vxm_task(struct task_struct *p, int type)
17264 + struct _vx_mon_entry *entry = vxm_advance(task_cpu(p));
17266 + __vxm_basic(entry, p->xid, type);
17267 + entry->ev.tsk.pid = p->pid;
17268 + entry->ev.tsk.state = p->state;
17272 +void __vxm_sched(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17274 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17276 + __vxm_basic(entry, vxi->vx_id, (VXM_SCHED | s->flags));
17277 + entry->sd.tokens = s->tokens;
17278 + entry->sd.norm_time = s->norm_time;
17279 + entry->sd.idle_time = s->idle_time;
17283 +void __vxm_rqinfo1(struct rq *q, int cpu)
17285 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17287 + entry->type = VXM_RQINFO_1;
17288 + entry->xid = ((unsigned long)q >> 16) & 0xffff;
17289 + entry->q1.running = q->nr_running;
17290 + entry->q1.onhold = HARDCPU(q->nr_onhold);
17291 + entry->q1.iowait = atomic_read(&q->nr_iowait);
17292 + entry->q1.uintr = q->nr_uninterruptible;
17293 + entry->q1.idle_tokens = IDLETIME(q->idle_tokens);
17297 +void __vxm_rqinfo2(struct rq *q, int cpu)
17299 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17301 + entry->type = VXM_RQINFO_2;
17302 + entry->xid = (unsigned long)q & 0xffff;
17303 + entry->q2.norm_time = q->norm_time;
17304 + entry->q2.idle_time = q->idle_time;
17305 + entry->q2.idle_skip = IDLETIME(q->idle_skip);
17309 +void __vxm_update(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17311 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17313 + __vxm_basic(entry, vxi->vx_id, VXM_UPDATE);
17314 + entry->ev.tokens = s->tokens;
17318 +void __vxm_update1(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17320 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17322 + __vxm_basic(entry, vxi->vx_id, VXM_UPDATE_1);
17323 + entry->u1.tokens_max = s->tokens_max;
17324 + entry->u1.fill_rate = s->fill_rate[0];
17325 + entry->u1.interval = s->interval[0];
17329 +void __vxm_update2(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17331 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17333 + __vxm_basic(entry, vxi->vx_id, VXM_UPDATE_2);
17334 + entry->u2.tokens_min = s->tokens_min;
17335 + entry->u2.fill_rate = s->fill_rate[1];
17336 + entry->u2.interval = s->interval[1];
17340 +#define vxm_activate_task(p,q) __vxm_task(p, VXM_ACTIVATE)
17341 +#define vxm_activate_idle(p,q) __vxm_task(p, VXM_IDLE)
17342 +#define vxm_deactivate_task(p,q) __vxm_task(p, VXM_DEACTIVATE)
17343 +#define vxm_hold_task(p,q) __vxm_task(p, VXM_HOLD)
17344 +#define vxm_unhold_task(p,q) __vxm_task(p, VXM_UNHOLD)
17347 +void vxm_migrate_task(struct task_struct *p, struct rq *rq, int dest)
17349 + __vxm_task(p, VXM_MIGRATE);
17350 + __vxm_rqinfo1(rq, task_cpu(p));
17351 + __vxm_rqinfo2(rq, task_cpu(p));
17355 +void vxm_idle_skip(struct rq *rq, int cpu)
17357 + __vxm_rqinfo1(rq, cpu);
17358 + __vxm_rqinfo2(rq, cpu);
17362 +void vxm_need_resched(struct task_struct *p, int slice, int cpu)
17367 + __vxm_task(p, VXM_RESCHED);
17371 +void vxm_sync(unsigned long now, int cpu)
17373 + if (!CONFIG_VSERVER_MONITOR_SYNC ||
17374 + (now % CONFIG_VSERVER_MONITOR_SYNC))
17380 +#define vxm_sched_info(s,v,c) __vxm_sched(s,v,c)
17383 +void vxm_tokens_recalc(struct _vx_sched_pc *s, struct rq *rq,
17384 + struct vx_info *vxi, int cpu)
17386 + __vxm_sched(s, vxi, cpu);
17387 + __vxm_rqinfo2(rq, cpu);
17391 +void vxm_update_sched(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17393 + __vxm_sched(s, vxi, cpu);
17394 + __vxm_update(s, vxi, cpu);
17395 + __vxm_update1(s, vxi, cpu);
17396 + __vxm_update2(s, vxi, cpu);
17400 +void vxm_rq_max_min(struct rq *rq, int cpu)
17402 + __vxm_rqinfo1(rq, cpu);
17403 + __vxm_rqinfo2(rq, cpu);
17406 +#else /* CONFIG_VSERVER_MONITOR */
17408 +#define vxm_activate_task(t,q) do { } while (0)
17409 +#define vxm_activate_idle(t,q) do { } while (0)
17410 +#define vxm_deactivate_task(t,q) do { } while (0)
17411 +#define vxm_hold_task(t,q) do { } while (0)
17412 +#define vxm_unhold_task(t,q) do { } while (0)
17413 +#define vxm_migrate_task(t,q,d) do { } while (0)
17414 +#define vxm_idle_skip(q,c) do { } while (0)
17415 +#define vxm_need_resched(t,s,c) do { } while (0)
17416 +#define vxm_sync(s,c) do { } while (0)
17417 +#define vxm_sched_info(s,v,c) do { } while (0)
17418 +#define vxm_tokens_recalc(s,q,v,c) do { } while (0)
17419 +#define vxm_update_sched(s,v,c) do { } while (0)
17420 +#define vxm_rq_max_min(q,c) do { } while (0)
17422 +#endif /* CONFIG_VSERVER_MONITOR */
17424 diff -NurpP --minimal linux-2.6.25/kernel/signal.c linux-2.6.25-vs2.3.0.34.9/kernel/signal.c
17425 --- linux-2.6.25/kernel/signal.c 2008-04-17 12:05:44.000000000 -0400
17426 +++ linux-2.6.25-vs2.3.0.34.9/kernel/signal.c 2008-04-21 11:51:23.000000000 -0400
17428 #include <linux/freezer.h>
17429 #include <linux/pid_namespace.h>
17430 #include <linux/nsproxy.h>
17431 +#include <linux/vs_context.h>
17432 +#include <linux/vs_pid.h>
17434 #include <asm/param.h>
17435 #include <asm/uaccess.h>
17436 @@ -530,6 +532,14 @@ static int check_kill_permission(int sig
17437 if (!valid_signal(sig))
17440 + if ((info != SEND_SIG_NOINFO) &&
17441 + (is_si_special(info) || !SI_FROMUSER(info)))
17444 + vxdprintk(VXD_CBIT(misc, 7),
17445 + "check_kill_permission(%d,%p,%p[#%u,%u])",
17446 + sig, info, t, vx_task_xid(t), t->pid);
17448 if (info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) {
17449 error = audit_signal_info(sig, t); /* Let audit system see the signal */
17451 @@ -543,6 +553,14 @@ static int check_kill_permission(int sig
17456 + if (!vx_check(vx_task_xid(t), VS_WATCH_P | VS_IDENT)) {
17457 + vxdprintk(current->xid || VXD_CBIT(misc, 7),
17458 + "signal %d[%p] xid mismatch %p[#%u,%u] xid=#%u",
17459 + sig, info, t, vx_task_xid(t), t->pid, current->xid);
17463 return security_task_kill(t, info, sig, 0);
17466 @@ -1088,7 +1106,7 @@ int kill_pid_info_as_uid(int sig, struct
17468 read_lock(&tasklist_lock);
17469 p = pid_task(pid, PIDTYPE_PID);
17471 + if (!p || !vx_check(vx_task_xid(p), VS_IDENT)) {
17475 @@ -1140,7 +1158,9 @@ static int kill_something_info(int sig,
17476 struct task_struct * p;
17478 for_each_process(p) {
17479 - if (p->pid > 1 && !same_thread_group(p, current)) {
17480 + if (vx_check(vx_task_xid(p), VS_ADMIN|VS_IDENT) &&
17481 + p->pid > 1 && !same_thread_group(p, current) &&
17482 + !vx_current_initpid(p->pid)) {
17483 int err = group_send_sig_info(sig, info, p);
17486 @@ -1842,6 +1862,11 @@ relock:
17487 if (is_global_init(current))
17490 + /* virtual init is protected against user signals */
17491 + if ((info->si_code == SI_USER) &&
17492 + vx_current_initpid(current->pid))
17495 if (sig_kernel_stop(signr)) {
17497 * The default action is to stop all threads in
17498 diff -NurpP --minimal linux-2.6.25/kernel/softirq.c linux-2.6.25-vs2.3.0.34.9/kernel/softirq.c
17499 --- linux-2.6.25/kernel/softirq.c 2008-04-17 12:05:44.000000000 -0400
17500 +++ linux-2.6.25-vs2.3.0.34.9/kernel/softirq.c 2008-04-19 15:14:52.000000000 -0400
17502 #include <linux/rcupdate.h>
17503 #include <linux/smp.h>
17504 #include <linux/tick.h>
17505 +#include <linux/vs_context.h>
17507 #include <asm/irq.h>
17509 diff -NurpP --minimal linux-2.6.25/kernel/sys.c linux-2.6.25-vs2.3.0.34.9/kernel/sys.c
17510 --- linux-2.6.25/kernel/sys.c 2008-04-17 12:05:44.000000000 -0400
17511 +++ linux-2.6.25-vs2.3.0.34.9/kernel/sys.c 2008-04-19 15:14:52.000000000 -0400
17513 #include <linux/syscalls.h>
17514 #include <linux/kprobes.h>
17515 #include <linux/user_namespace.h>
17516 +#include <linux/vs_pid.h>
17518 #include <asm/uaccess.h>
17519 #include <asm/io.h>
17520 @@ -116,7 +117,10 @@ static int set_one_prio(struct task_stru
17523 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
17525 + if (vx_flags(VXF_IGNEG_NICE, 0))
17531 no_nice = security_task_setnice(p, niceval);
17532 @@ -164,6 +168,8 @@ asmlinkage long sys_setpriority(int whic
17534 pgrp = task_pgrp(current);
17535 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
17536 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
17538 error = set_one_prio(p, niceval, error);
17539 } while_each_pid_task(pgrp, PIDTYPE_PGID, p);
17541 @@ -224,6 +230,8 @@ asmlinkage long sys_getpriority(int whic
17543 pgrp = task_pgrp(current);
17544 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
17545 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
17547 niceval = 20 - task_nice(p);
17548 if (niceval > retval)
17550 @@ -353,6 +361,9 @@ void kernel_power_off(void)
17551 machine_power_off();
17553 EXPORT_SYMBOL_GPL(kernel_power_off);
17555 +long vs_reboot(unsigned int, void __user *);
17558 * Reboot system call: for obvious reasons only root may call it,
17559 * and even root needs to set up some magic numbers in the registers
17560 @@ -383,6 +394,9 @@ asmlinkage long sys_reboot(int magic1, i
17561 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
17562 cmd = LINUX_REBOOT_CMD_HALT;
17564 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
17565 + return vs_reboot(cmd, arg);
17569 case LINUX_REBOOT_CMD_RESTART:
17570 @@ -1343,7 +1357,7 @@ asmlinkage long sys_sethostname(char __u
17572 char tmp[__NEW_UTS_LEN];
17574 - if (!capable(CAP_SYS_ADMIN))
17575 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME))
17577 if (len < 0 || len > __NEW_UTS_LEN)
17579 @@ -1388,7 +1402,7 @@ asmlinkage long sys_setdomainname(char _
17581 char tmp[__NEW_UTS_LEN];
17583 - if (!capable(CAP_SYS_ADMIN))
17584 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME))
17586 if (len < 0 || len > __NEW_UTS_LEN)
17588 @@ -1455,7 +1469,7 @@ asmlinkage long sys_setrlimit(unsigned i
17590 old_rlim = current->signal->rlim + resource;
17591 if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
17592 - !capable(CAP_SYS_RESOURCE))
17593 + !vx_capable(CAP_SYS_RESOURCE, VXC_SET_RLIMIT))
17595 if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open)
17597 diff -NurpP --minimal linux-2.6.25/kernel/sysctl.c linux-2.6.25-vs2.3.0.34.9/kernel/sysctl.c
17598 --- linux-2.6.25/kernel/sysctl.c 2008-04-17 12:05:44.000000000 -0400
17599 +++ linux-2.6.25-vs2.3.0.34.9/kernel/sysctl.c 2008-04-19 15:14:52.000000000 -0400
17600 @@ -107,6 +107,7 @@ static int ngroups_max = NGROUPS_MAX;
17602 extern char modprobe_path[];
17604 +extern char vshelper_path[];
17605 #ifdef CONFIG_CHR_DEV_SG
17606 extern int sg_big_buff;
17608 @@ -492,6 +493,15 @@ static struct ctl_table kern_table[] = {
17609 .strategy = &sysctl_string,
17613 + .ctl_name = KERN_VSHELPER,
17614 + .procname = "vshelper",
17615 + .data = &vshelper_path,
17618 + .proc_handler = &proc_dostring,
17619 + .strategy = &sysctl_string,
17621 #ifdef CONFIG_CHR_DEV_SG
17623 .ctl_name = KERN_SG_BIG_BUFF,
17624 diff -NurpP --minimal linux-2.6.25/kernel/sysctl_check.c linux-2.6.25-vs2.3.0.34.9/kernel/sysctl_check.c
17625 --- linux-2.6.25/kernel/sysctl_check.c 2008-04-17 12:05:44.000000000 -0400
17626 +++ linux-2.6.25-vs2.3.0.34.9/kernel/sysctl_check.c 2008-04-21 13:42:56.000000000 -0400
17627 @@ -39,6 +39,7 @@ static const struct trans_ctl_table tran
17629 { KERN_PANIC, "panic" },
17630 { KERN_REALROOTDEV, "real-root-dev" },
17631 + { KERN_VSHELPER, "vshelper", },
17633 { KERN_SPARC_REBOOT, "reboot-cmd" },
17634 { KERN_CTLALTDEL, "ctrl-alt-del" },
17635 @@ -1217,6 +1218,22 @@ static const struct trans_ctl_table tran
17639 +static struct trans_ctl_table trans_vserver_table[] = {
17640 + { 1, "debug_switch" },
17641 + { 2, "debug_xid" },
17642 + { 3, "debug_nid" },
17643 + { 4, "debug_tag" },
17644 + { 5, "debug_net" },
17645 + { 6, "debug_limit" },
17646 + { 7, "debug_cres" },
17647 + { 8, "debug_dlim" },
17648 + { 9, "debug_quota" },
17649 + { 10, "debug_cvirt" },
17650 + { 11, "debug_space" },
17651 + { 12, "debug_misc" },
17655 static const struct trans_ctl_table trans_root_table[] = {
17656 { CTL_KERN, "kernel", trans_kern_table },
17657 { CTL_VM, "vm", trans_vm_table },
17658 @@ -1233,6 +1250,7 @@ static const struct trans_ctl_table tran
17659 { CTL_SUNRPC, "sunrpc", trans_sunrpc_table },
17660 { CTL_PM, "pm", trans_pm_table },
17661 { CTL_FRV, "frv", trans_frv_table },
17662 + { CTL_VSERVER, "vserver", trans_vserver_table },
17666 diff -NurpP --minimal linux-2.6.25/kernel/time.c linux-2.6.25-vs2.3.0.34.9/kernel/time.c
17667 --- linux-2.6.25/kernel/time.c 2008-04-17 12:05:44.000000000 -0400
17668 +++ linux-2.6.25-vs2.3.0.34.9/kernel/time.c 2008-04-19 15:14:52.000000000 -0400
17669 @@ -60,6 +60,7 @@ EXPORT_SYMBOL(sys_tz);
17670 asmlinkage long sys_time(time_t __user * tloc)
17672 time_t i = get_seconds();
17673 +/* FIXME: do_gettimeofday(&tv) -> vx_gettimeofday(&tv) */
17676 if (put_user(i,tloc))
17677 @@ -89,7 +90,7 @@ asmlinkage long sys_stime(time_t __user
17681 - do_settimeofday(&tv);
17682 + vx_settimeofday(&tv);
17686 @@ -100,7 +101,7 @@ asmlinkage long sys_gettimeofday(struct
17688 if (likely(tv != NULL)) {
17689 struct timeval ktv;
17690 - do_gettimeofday(&ktv);
17691 + vx_gettimeofday(&ktv);
17692 if (copy_to_user(tv, &ktv, sizeof(ktv)))
17695 @@ -175,7 +176,7 @@ int do_sys_settimeofday(struct timespec
17696 /* SMP safe, again the code in arch/foo/time.c should
17697 * globally block out interrupts when it runs.
17699 - return do_settimeofday(tv);
17700 + return vx_settimeofday(tv);
17704 @@ -307,7 +308,7 @@ void getnstimeofday(struct timespec *tv)
17708 - do_gettimeofday(&x);
17709 + vx_gettimeofday(&x);
17710 tv->tv_sec = x.tv_sec;
17711 tv->tv_nsec = x.tv_usec * NSEC_PER_USEC;
17713 diff -NurpP --minimal linux-2.6.25/kernel/timer.c linux-2.6.25-vs2.3.0.34.9/kernel/timer.c
17714 --- linux-2.6.25/kernel/timer.c 2008-04-17 12:05:44.000000000 -0400
17715 +++ linux-2.6.25-vs2.3.0.34.9/kernel/timer.c 2008-04-19 15:14:52.000000000 -0400
17717 #include <linux/delay.h>
17718 #include <linux/tick.h>
17719 #include <linux/kallsyms.h>
17720 +#include <linux/vs_base.h>
17721 +#include <linux/vs_cvirt.h>
17722 +#include <linux/vs_pid.h>
17723 +#include <linux/vserver/sched.h>
17725 #include <asm/uaccess.h>
17726 #include <asm/unistd.h>
17727 @@ -955,12 +959,6 @@ asmlinkage unsigned long sys_alarm(unsig
17734 - * The Alpha uses getxpid, getxuid, and getxgid instead. Maybe this
17735 - * should be moved into arch/i386 instead?
17739 * sys_getpid - return the thread group id of the current process
17740 @@ -989,10 +987,23 @@ asmlinkage long sys_getppid(void)
17742 pid = task_tgid_vnr(current->real_parent);
17744 + return vx_map_pid(pid);
17751 + * The Alpha uses getxpid, getxuid, and getxgid instead.
17754 +asmlinkage long do_getxpid(long *ppid)
17756 + *ppid = sys_getppid();
17757 + return sys_getpid();
17760 +#else /* _alpha_ */
17762 asmlinkage long sys_getuid(void)
17764 /* Only we change this so SMP safe */
17765 @@ -1160,6 +1171,8 @@ int do_sysinfo(struct sysinfo *info)
17766 tp.tv_nsec = tp.tv_nsec - NSEC_PER_SEC;
17769 + if (vx_flags(VXF_VIRT_UPTIME, 0))
17770 + vx_vsi_uptime(&tp, NULL);
17771 info->uptime = tp.tv_sec + (tp.tv_nsec ? 1 : 0);
17773 info->loads[0] = avenrun[0] << (SI_LOAD_SHIFT - FSHIFT);
17774 diff -NurpP --minimal linux-2.6.25/kernel/user.c linux-2.6.25-vs2.3.0.34.9/kernel/user.c
17775 --- linux-2.6.25/kernel/user.c 2008-04-17 12:05:44.000000000 -0400
17776 +++ linux-2.6.25-vs2.3.0.34.9/kernel/user.c 2008-04-23 16:24:56.000000000 -0400
17777 @@ -219,14 +219,15 @@ static struct kobj_type uids_ktype = {
17780 /* create /sys/kernel/uids/<uid>/cpu_share file for this user */
17781 -static int uids_user_create(struct user_struct *up)
17782 +static int uids_user_create(struct user_namespace *ns, struct user_struct *up)
17784 struct kobject *kobj = &up->kobj;
17787 memset(kobj, 0, sizeof(struct kobject));
17788 kobj->kset = uids_kset;
17789 - error = kobject_init_and_add(kobj, &uids_ktype, NULL, "%d", up->uid);
17790 + error = kobject_init_and_add(kobj, &uids_ktype, NULL,
17791 + "%p:%d", ns, up->uid);
17795 @@ -248,7 +249,7 @@ int __init uids_sysfs_init(void)
17799 - return uids_user_create(&root_user);
17800 + return uids_user_create(NULL, &root_user);
17803 /* work function to remove sysfs directory for a user and free up
17804 @@ -308,7 +309,8 @@ static inline void free_user(struct user
17805 #else /* CONFIG_USER_SCHED && CONFIG_SYSFS */
17807 int uids_sysfs_init(void) { return 0; }
17808 -static inline int uids_user_create(struct user_struct *up) { return 0; }
17809 +static inline int uids_user_create(struct user_namespace *ns,
17810 + struct user_struct *up) { return 0; }
17811 static inline void uids_mutex_lock(void) { }
17812 static inline void uids_mutex_unlock(void) { }
17814 @@ -399,7 +401,7 @@ struct user_struct * alloc_uid(struct us
17815 if (sched_create_user(new) < 0)
17818 - if (uids_user_create(new))
17819 + if (uids_user_create(ns, new))
17820 goto out_destoy_sched;
17823 diff -NurpP --minimal linux-2.6.25/kernel/user_namespace.c linux-2.6.25-vs2.3.0.34.9/kernel/user_namespace.c
17824 --- linux-2.6.25/kernel/user_namespace.c 2008-04-17 12:05:44.000000000 -0400
17825 +++ linux-2.6.25-vs2.3.0.34.9/kernel/user_namespace.c 2008-04-19 15:14:52.000000000 -0400
17827 #include <linux/version.h>
17828 #include <linux/nsproxy.h>
17829 #include <linux/user_namespace.h>
17830 +#include <linux/vserver/global.h>
17833 * Clone a new ns copying an original user ns, setting refcount to 1
17834 @@ -26,6 +27,7 @@ static struct user_namespace *clone_user
17835 return ERR_PTR(-ENOMEM);
17837 kref_init(&ns->kref);
17838 + atomic_inc(&vs_global_user_ns);
17840 for (n = 0; n < UIDHASH_SZ; ++n)
17841 INIT_HLIST_HEAD(ns->uidhash_table + n);
17842 @@ -71,5 +73,6 @@ void free_user_ns(struct kref *kref)
17844 ns = container_of(kref, struct user_namespace, kref);
17846 + atomic_dec(&vs_global_user_ns);
17849 diff -NurpP --minimal linux-2.6.25/kernel/utsname.c linux-2.6.25-vs2.3.0.34.9/kernel/utsname.c
17850 --- linux-2.6.25/kernel/utsname.c 2008-04-17 10:37:25.000000000 -0400
17851 +++ linux-2.6.25-vs2.3.0.34.9/kernel/utsname.c 2008-04-19 15:14:52.000000000 -0400
17853 #include <linux/utsname.h>
17854 #include <linux/version.h>
17855 #include <linux/err.h>
17856 +#include <linux/vserver/global.h>
17859 * Clone a new ns copying an original utsname, setting refcount to 1
17860 @@ -32,6 +33,7 @@ static struct uts_namespace *clone_uts_n
17861 memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
17863 kref_init(&ns->kref);
17864 + atomic_inc(&vs_global_uts_ns);
17868 @@ -62,5 +64,6 @@ void free_uts_ns(struct kref *kref)
17869 struct uts_namespace *ns;
17871 ns = container_of(kref, struct uts_namespace, kref);
17872 + atomic_dec(&vs_global_uts_ns);
17875 diff -NurpP --minimal linux-2.6.25/kernel/vserver/cacct.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cacct.c
17876 --- linux-2.6.25/kernel/vserver/cacct.c 1969-12-31 19:00:00.000000000 -0500
17877 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cacct.c 2008-04-19 15:14:52.000000000 -0400
17880 + * linux/kernel/vserver/cacct.c
17882 + * Virtual Server: Context Accounting
17884 + * Copyright (C) 2006-2007 Herbert Pötzl
17886 + * V0.01 added accounting stats
17890 +#include <linux/types.h>
17891 +#include <linux/vs_context.h>
17892 +#include <linux/vserver/cacct_cmd.h>
17893 +#include <linux/vserver/cacct_int.h>
17895 +#include <asm/errno.h>
17896 +#include <asm/uaccess.h>
17899 +int vc_sock_stat(struct vx_info *vxi, void __user *data)
17901 + struct vcmd_sock_stat_v0 vc_data;
17904 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17907 + field = vc_data.field;
17908 + if ((field < 0) || (field >= VXA_SOCK_SIZE))
17911 + for (j = 0; j < 3; j++) {
17912 + vc_data.count[j] = vx_sock_count(&vxi->cacct, field, j);
17913 + vc_data.total[j] = vx_sock_total(&vxi->cacct, field, j);
17916 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17921 diff -NurpP --minimal linux-2.6.25/kernel/vserver/cacct_init.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cacct_init.h
17922 --- linux-2.6.25/kernel/vserver/cacct_init.h 1969-12-31 19:00:00.000000000 -0500
17923 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cacct_init.h 2008-04-19 15:14:52.000000000 -0400
17927 +static inline void vx_info_init_cacct(struct _vx_cacct *cacct)
17932 + for (i = 0; i < VXA_SOCK_SIZE; i++) {
17933 + for (j = 0; j < 3; j++) {
17934 + atomic_set(&cacct->sock[i][j].count, 0);
17935 + atomic_set(&cacct->sock[i][j].total, 0);
17938 + for (i = 0; i < 8; i++)
17939 + atomic_set(&cacct->slab[i], 0);
17940 + for (i = 0; i < 5; i++)
17941 + for (j = 0; j < 4; j++)
17942 + atomic_set(&cacct->page[i][j], 0);
17945 +static inline void vx_info_exit_cacct(struct _vx_cacct *cacct)
17950 diff -NurpP --minimal linux-2.6.25/kernel/vserver/cacct_proc.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cacct_proc.h
17951 --- linux-2.6.25/kernel/vserver/cacct_proc.h 1969-12-31 19:00:00.000000000 -0500
17952 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cacct_proc.h 2008-04-19 15:14:52.000000000 -0400
17954 +#ifndef _VX_CACCT_PROC_H
17955 +#define _VX_CACCT_PROC_H
17957 +#include <linux/vserver/cacct_int.h>
17960 +#define VX_SOCKA_TOP \
17961 + "Type\t recv #/bytes\t\t send #/bytes\t\t fail #/bytes\n"
17963 +static inline int vx_info_proc_cacct(struct _vx_cacct *cacct, char *buffer)
17965 + int i, j, length = 0;
17966 + static char *type[VXA_SOCK_SIZE] = {
17967 + "UNSPEC", "UNIX", "INET", "INET6", "PACKET", "OTHER"
17970 + length += sprintf(buffer + length, VX_SOCKA_TOP);
17971 + for (i = 0; i < VXA_SOCK_SIZE; i++) {
17972 + length += sprintf(buffer + length, "%s:", type[i]);
17973 + for (j = 0; j < 3; j++) {
17974 + length += sprintf(buffer + length,
17975 + "\t%10lu/%-10lu",
17976 + vx_sock_count(cacct, i, j),
17977 + vx_sock_total(cacct, i, j));
17979 + buffer[length++] = '\n';
17982 + length += sprintf(buffer + length, "\n");
17983 + length += sprintf(buffer + length,
17984 + "slab:\t %8u %8u %8u %8u\n",
17985 + atomic_read(&cacct->slab[1]),
17986 + atomic_read(&cacct->slab[4]),
17987 + atomic_read(&cacct->slab[0]),
17988 + atomic_read(&cacct->slab[2]));
17990 + length += sprintf(buffer + length, "\n");
17991 + for (i = 0; i < 5; i++) {
17992 + length += sprintf(buffer + length,
17993 + "page[%d]: %8u %8u %8u %8u\t %8u %8u %8u %8u\n", i,
17994 + atomic_read(&cacct->page[i][0]),
17995 + atomic_read(&cacct->page[i][1]),
17996 + atomic_read(&cacct->page[i][2]),
17997 + atomic_read(&cacct->page[i][3]),
17998 + atomic_read(&cacct->page[i][4]),
17999 + atomic_read(&cacct->page[i][5]),
18000 + atomic_read(&cacct->page[i][6]),
18001 + atomic_read(&cacct->page[i][7]));
18006 +#endif /* _VX_CACCT_PROC_H */
18007 diff -NurpP --minimal linux-2.6.25/kernel/vserver/context.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/context.c
18008 --- linux-2.6.25/kernel/vserver/context.c 1969-12-31 19:00:00.000000000 -0500
18009 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/context.c 2008-04-23 22:26:24.000000000 -0400
18012 + * linux/kernel/vserver/context.c
18014 + * Virtual Server: Context Support
18016 + * Copyright (C) 2003-2007 Herbert Pötzl
18018 + * V0.01 context helper
18019 + * V0.02 vx_ctx_kill syscall command
18020 + * V0.03 replaced context_info calls
18021 + * V0.04 redesign of struct (de)alloc
18022 + * V0.05 rlimit basic implementation
18023 + * V0.06 task_xid and info commands
18024 + * V0.07 context flags and caps
18025 + * V0.08 switch to RCU based hash
18026 + * V0.09 revert to non RCU for now
18027 + * V0.10 and back to working RCU hash
18028 + * V0.11 and back to locking again
18029 + * V0.12 referenced context store
18030 + * V0.13 separate per cpu data
18031 + * V0.14 changed vcmds to vxi arg
18032 + * V0.15 added context stat
18033 + * V0.16 have __create claim() the vxi
18034 + * V0.17 removed older and legacy stuff
18038 +#include <linux/slab.h>
18039 +#include <linux/types.h>
18040 +#include <linux/security.h>
18041 +#include <linux/pid_namespace.h>
18043 +#include <linux/vserver/context.h>
18044 +#include <linux/vserver/network.h>
18045 +#include <linux/vserver/debug.h>
18046 +#include <linux/vserver/limit.h>
18047 +#include <linux/vserver/limit_int.h>
18048 +#include <linux/vserver/space.h>
18050 +#include <linux/vs_context.h>
18051 +#include <linux/vs_limit.h>
18052 +#include <linux/vs_pid.h>
18053 +#include <linux/vserver/context_cmd.h>
18055 +#include "cvirt_init.h"
18056 +#include "cacct_init.h"
18057 +#include "limit_init.h"
18058 +#include "sched_init.h"
18061 +atomic_t vx_global_ctotal = ATOMIC_INIT(0);
18062 +atomic_t vx_global_cactive = ATOMIC_INIT(0);
18065 +/* now inactive context structures */
18067 +static struct hlist_head vx_info_inactive = HLIST_HEAD_INIT;
18069 +static spinlock_t vx_info_inactive_lock = SPIN_LOCK_UNLOCKED;
18072 +/* __alloc_vx_info()
18074 + * allocate an initialized vx_info struct
18075 + * doesn't make it visible (hash) */
18077 +static struct vx_info *__alloc_vx_info(xid_t xid)
18079 + struct vx_info *new = NULL;
18082 + vxdprintk(VXD_CBIT(xid, 0), "alloc_vx_info(%d)*", xid);
18084 + /* would this benefit from a slab cache? */
18085 + new = kmalloc(sizeof(struct vx_info), GFP_KERNEL);
18089 + memset(new, 0, sizeof(struct vx_info));
18091 + new->ptr_pc = alloc_percpu(struct _vx_info_pc);
18092 + if (!new->ptr_pc)
18095 + new->vx_id = xid;
18096 + INIT_HLIST_NODE(&new->vx_hlist);
18097 + atomic_set(&new->vx_usecnt, 0);
18098 + atomic_set(&new->vx_tasks, 0);
18099 + new->vx_parent = NULL;
18100 + new->vx_state = 0;
18101 + init_waitqueue_head(&new->vx_wait);
18103 + /* prepare reaper */
18104 + get_task_struct(init_pid_ns.child_reaper);
18105 + new->vx_reaper = init_pid_ns.child_reaper;
18106 + new->vx_badness_bias = 0;
18108 + /* rest of init goes here */
18109 + vx_info_init_limit(&new->limit);
18110 + vx_info_init_sched(&new->sched);
18111 + vx_info_init_cvirt(&new->cvirt);
18112 + vx_info_init_cacct(&new->cacct);
18114 + /* per cpu data structures */
18115 + for_each_possible_cpu(cpu) {
18116 + vx_info_init_sched_pc(
18117 + &vx_per_cpu(new, sched_pc, cpu), cpu);
18118 + vx_info_init_cvirt_pc(
18119 + &vx_per_cpu(new, cvirt_pc, cpu), cpu);
18122 + new->vx_flags = VXF_INIT_SET;
18123 + cap_set_init_eff(new->vx_bcaps);
18124 + new->vx_ccaps = 0;
18125 + // new->vx_cap_bset = current->cap_bset;
18127 + new->reboot_cmd = 0;
18128 + new->exit_code = 0;
18130 + vxdprintk(VXD_CBIT(xid, 0),
18131 + "alloc_vx_info(%d) = %p", xid, new);
18132 + vxh_alloc_vx_info(new);
18133 + atomic_inc(&vx_global_ctotal);
18142 +/* __dealloc_vx_info()
18144 + * final disposal of vx_info */
18146 +static void __dealloc_vx_info(struct vx_info *vxi)
18150 + vxdprintk(VXD_CBIT(xid, 0),
18151 + "dealloc_vx_info(%p)", vxi);
18152 + vxh_dealloc_vx_info(vxi);
18156 + vx_info_exit_limit(&vxi->limit);
18157 + vx_info_exit_sched(&vxi->sched);
18158 + vx_info_exit_cvirt(&vxi->cvirt);
18159 + vx_info_exit_cacct(&vxi->cacct);
18161 + for_each_possible_cpu(cpu) {
18162 + vx_info_exit_sched_pc(
18163 + &vx_per_cpu(vxi, sched_pc, cpu), cpu);
18164 + vx_info_exit_cvirt_pc(
18165 + &vx_per_cpu(vxi, cvirt_pc, cpu), cpu);
18168 + vxi->vx_state |= VXS_RELEASED;
18171 + free_percpu(vxi->ptr_pc);
18174 + atomic_dec(&vx_global_ctotal);
18177 +static void __shutdown_vx_info(struct vx_info *vxi)
18179 + struct nsproxy *nsproxy;
18180 + struct fs_struct *fs;
18184 + vxi->vx_state |= VXS_SHUTDOWN;
18185 + vs_state_change(vxi, VSC_SHUTDOWN);
18187 + nsproxy = xchg(&vxi->vx_nsproxy, NULL);
18188 + fs = xchg(&vxi->vx_fs, NULL);
18191 + put_nsproxy(nsproxy);
18193 + put_fs_struct(fs);
18196 +/* exported stuff */
18198 +void free_vx_info(struct vx_info *vxi)
18200 + unsigned long flags;
18202 + /* check for reference counts first */
18203 + BUG_ON(atomic_read(&vxi->vx_usecnt));
18204 + BUG_ON(atomic_read(&vxi->vx_tasks));
18206 + /* context must not be hashed */
18207 + BUG_ON(vx_info_state(vxi, VXS_HASHED));
18209 + /* context shutdown is mandatory */
18210 + BUG_ON(!vx_info_state(vxi, VXS_SHUTDOWN));
18212 + BUG_ON(vxi->vx_nsproxy);
18213 + BUG_ON(vxi->vx_fs);
18215 + spin_lock_irqsave(&vx_info_inactive_lock, flags);
18216 + hlist_del(&vxi->vx_hlist);
18217 + spin_unlock_irqrestore(&vx_info_inactive_lock, flags);
18219 + __dealloc_vx_info(vxi);
18223 +/* hash table for vx_info hash */
18225 +#define VX_HASH_SIZE 13
18227 +static struct hlist_head vx_info_hash[VX_HASH_SIZE] =
18228 + { [0 ... VX_HASH_SIZE-1] = HLIST_HEAD_INIT };
18230 +static spinlock_t vx_info_hash_lock = SPIN_LOCK_UNLOCKED;
18233 +static inline unsigned int __hashval(xid_t xid)
18235 + return (xid % VX_HASH_SIZE);
18240 +/* __hash_vx_info()
18242 + * add the vxi to the global hash table
18243 + * requires the hash_lock to be held */
18245 +static inline void __hash_vx_info(struct vx_info *vxi)
18247 + struct hlist_head *head;
18249 + vxd_assert_lock(&vx_info_hash_lock);
18250 + vxdprintk(VXD_CBIT(xid, 4),
18251 + "__hash_vx_info: %p[#%d]", vxi, vxi->vx_id);
18252 + vxh_hash_vx_info(vxi);
18254 + /* context must not be hashed */
18255 + BUG_ON(vx_info_state(vxi, VXS_HASHED));
18257 + vxi->vx_state |= VXS_HASHED;
18258 + head = &vx_info_hash[__hashval(vxi->vx_id)];
18259 + hlist_add_head(&vxi->vx_hlist, head);
18260 + atomic_inc(&vx_global_cactive);
18263 +/* __unhash_vx_info()
18265 + * remove the vxi from the global hash table
18266 + * requires the hash_lock to be held */
18268 +static inline void __unhash_vx_info(struct vx_info *vxi)
18270 + unsigned long flags;
18272 + vxd_assert_lock(&vx_info_hash_lock);
18273 + vxdprintk(VXD_CBIT(xid, 4),
18274 + "__unhash_vx_info: %p[#%d.%d.%d]", vxi, vxi->vx_id,
18275 + atomic_read(&vxi->vx_usecnt), atomic_read(&vxi->vx_tasks));
18276 + vxh_unhash_vx_info(vxi);
18278 + /* context must be hashed */
18279 + BUG_ON(!vx_info_state(vxi, VXS_HASHED));
18280 + /* but without tasks */
18281 + BUG_ON(atomic_read(&vxi->vx_tasks));
18283 + vxi->vx_state &= ~VXS_HASHED;
18284 + hlist_del_init(&vxi->vx_hlist);
18285 + spin_lock_irqsave(&vx_info_inactive_lock, flags);
18286 + hlist_add_head(&vxi->vx_hlist, &vx_info_inactive);
18287 + spin_unlock_irqrestore(&vx_info_inactive_lock, flags);
18288 + atomic_dec(&vx_global_cactive);
18292 +/* __lookup_vx_info()
18294 + * requires the hash_lock to be held
18295 + * doesn't increment the vx_refcnt */
18297 +static inline struct vx_info *__lookup_vx_info(xid_t xid)
18299 + struct hlist_head *head = &vx_info_hash[__hashval(xid)];
18300 + struct hlist_node *pos;
18301 + struct vx_info *vxi;
18303 + vxd_assert_lock(&vx_info_hash_lock);
18304 + hlist_for_each(pos, head) {
18305 + vxi = hlist_entry(pos, struct vx_info, vx_hlist);
18307 + if (vxi->vx_id == xid)
18312 + vxdprintk(VXD_CBIT(xid, 0),
18313 + "__lookup_vx_info(#%u): %p[#%u]",
18314 + xid, vxi, vxi ? vxi->vx_id : 0);
18315 + vxh_lookup_vx_info(vxi, xid);
18320 +/* __create_vx_info()
18322 + * create the requested context
18323 + * get(), claim() and hash it */
18325 +static struct vx_info *__create_vx_info(int id)
18327 + struct vx_info *new, *vxi = NULL;
18329 + vxdprintk(VXD_CBIT(xid, 1), "create_vx_info(%d)*", id);
18331 + if (!(new = __alloc_vx_info(id)))
18332 + return ERR_PTR(-ENOMEM);
18334 + /* required to make dynamic xids unique */
18335 + spin_lock(&vx_info_hash_lock);
18337 + /* static context requested */
18338 + if ((vxi = __lookup_vx_info(id))) {
18339 + vxdprintk(VXD_CBIT(xid, 0),
18340 + "create_vx_info(%d) = %p (already there)", id, vxi);
18341 + if (vx_info_flags(vxi, VXF_STATE_SETUP, 0))
18342 + vxi = ERR_PTR(-EBUSY);
18344 + vxi = ERR_PTR(-EEXIST);
18347 + /* new context */
18348 + vxdprintk(VXD_CBIT(xid, 0),
18349 + "create_vx_info(%d) = %p (new)", id, new);
18350 + claim_vx_info(new, NULL);
18351 + __hash_vx_info(get_vx_info(new));
18352 + vxi = new, new = NULL;
18355 + spin_unlock(&vx_info_hash_lock);
18356 + vxh_create_vx_info(IS_ERR(vxi) ? NULL : vxi, id);
18358 + __dealloc_vx_info(new);
18363 +/* exported stuff */
18366 +void unhash_vx_info(struct vx_info *vxi)
18368 + __shutdown_vx_info(vxi);
18369 + spin_lock(&vx_info_hash_lock);
18370 + __unhash_vx_info(vxi);
18371 + spin_unlock(&vx_info_hash_lock);
18372 + __wakeup_vx_info(vxi);
18376 +/* lookup_vx_info()
18378 + * search for a vx_info and get() it
18379 + * negative id means current */
18381 +struct vx_info *lookup_vx_info(int id)
18383 + struct vx_info *vxi = NULL;
18386 + vxi = get_vx_info(current->vx_info);
18387 + } else if (id > 1) {
18388 + spin_lock(&vx_info_hash_lock);
18389 + vxi = get_vx_info(__lookup_vx_info(id));
18390 + spin_unlock(&vx_info_hash_lock);
18395 +/* xid_is_hashed()
18397 + * verify that xid is still hashed */
18399 +int xid_is_hashed(xid_t xid)
18403 + spin_lock(&vx_info_hash_lock);
18404 + hashed = (__lookup_vx_info(xid) != NULL);
18405 + spin_unlock(&vx_info_hash_lock);
18409 +#ifdef CONFIG_PROC_FS
18413 + * get a subset of hashed xids for proc
18414 + * assumes size is at least one */
18416 +int get_xid_list(int index, unsigned int *xids, int size)
18418 + int hindex, nr_xids = 0;
18420 + /* only show current and children */
18421 + if (!vx_check(0, VS_ADMIN | VS_WATCH)) {
18424 + xids[nr_xids] = vx_current_xid();
18428 + for (hindex = 0; hindex < VX_HASH_SIZE; hindex++) {
18429 + struct hlist_head *head = &vx_info_hash[hindex];
18430 + struct hlist_node *pos;
18432 + spin_lock(&vx_info_hash_lock);
18433 + hlist_for_each(pos, head) {
18434 + struct vx_info *vxi;
18439 + vxi = hlist_entry(pos, struct vx_info, vx_hlist);
18440 + xids[nr_xids] = vxi->vx_id;
18441 + if (++nr_xids >= size) {
18442 + spin_unlock(&vx_info_hash_lock);
18446 + /* keep the lock time short */
18447 + spin_unlock(&vx_info_hash_lock);
18454 +#ifdef CONFIG_VSERVER_DEBUG
18456 +void dump_vx_info_inactive(int level)
18458 + struct hlist_node *entry, *next;
18460 + hlist_for_each_safe(entry, next, &vx_info_inactive) {
18461 + struct vx_info *vxi =
18462 + list_entry(entry, struct vx_info, vx_hlist);
18464 + dump_vx_info(vxi, level);
18471 +int vx_migrate_user(struct task_struct *p, struct vx_info *vxi)
18473 + struct user_struct *new_user, *old_user;
18478 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
18481 + new_user = alloc_uid(vxi->vx_id, p->uid);
18485 + old_user = p->user;
18486 + if (new_user != old_user) {
18487 + atomic_inc(&new_user->processes);
18488 + atomic_dec(&old_user->processes);
18489 + p->user = new_user;
18491 + free_uid(old_user);
18497 +void vx_mask_cap_bset(struct vx_info *vxi, struct task_struct *p)
18499 + // p->cap_effective &= vxi->vx_cap_bset;
18500 + p->cap_effective =
18501 + cap_intersect(p->cap_effective, vxi->cap_bset);
18502 + // p->cap_inheritable &= vxi->vx_cap_bset;
18503 + p->cap_inheritable =
18504 + cap_intersect(p->cap_inheritable, vxi->cap_bset);
18505 + // p->cap_permitted &= vxi->vx_cap_bset;
18506 + p->cap_permitted =
18507 + cap_intersect(p->cap_permitted, vxi->cap_bset);
18512 +#include <linux/file.h>
18514 +static int vx_openfd_task(struct task_struct *tsk)
18516 + struct files_struct *files = tsk->files;
18517 + struct fdtable *fdt;
18518 + const unsigned long *bptr;
18519 + int count, total;
18521 + /* no rcu_read_lock() because of spin_lock() */
18522 + spin_lock(&files->file_lock);
18523 + fdt = files_fdtable(files);
18524 + bptr = fdt->open_fds->fds_bits;
18525 + count = fdt->max_fds / (sizeof(unsigned long) * 8);
18526 + for (total = 0; count > 0; count--) {
18528 + total += hweight_long(*bptr);
18531 + spin_unlock(&files->file_lock);
18536 +/* for *space compatibility */
18538 +asmlinkage long sys_unshare(unsigned long);
18541 + * migrate task to new context
18542 + * gets vxi, puts old_vxi on change
18543 + * optionally unshares namespaces (hack)
18546 +int vx_migrate_task(struct task_struct *p, struct vx_info *vxi, int unshare)
18548 + struct vx_info *old_vxi;
18554 + vxdprintk(VXD_CBIT(xid, 5),
18555 + "vx_migrate_task(%p,%p[#%d.%d])", p, vxi,
18556 + vxi->vx_id, atomic_read(&vxi->vx_usecnt));
18558 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0) &&
18559 + !vx_info_flags(vxi, VXF_STATE_SETUP, 0))
18562 + if (vx_info_state(vxi, VXS_SHUTDOWN))
18565 + old_vxi = task_get_vx_info(p);
18566 + if (old_vxi == vxi)
18569 +// if (!(ret = vx_migrate_user(p, vxi))) {
18574 + openfd = vx_openfd_task(p);
18577 + atomic_dec(&old_vxi->cvirt.nr_threads);
18578 + atomic_dec(&old_vxi->cvirt.nr_running);
18579 + __rlim_dec(&old_vxi->limit, RLIMIT_NPROC);
18580 + /* FIXME: what about the struct files here? */
18581 + __rlim_sub(&old_vxi->limit, VLIMIT_OPENFD, openfd);
18582 + /* account for the executable */
18583 + __rlim_dec(&old_vxi->limit, VLIMIT_DENTRY);
18585 + atomic_inc(&vxi->cvirt.nr_threads);
18586 + atomic_inc(&vxi->cvirt.nr_running);
18587 + __rlim_inc(&vxi->limit, RLIMIT_NPROC);
18588 + /* FIXME: what about the struct files here? */
18589 + __rlim_add(&vxi->limit, VLIMIT_OPENFD, openfd);
18590 + /* account for the executable */
18591 + __rlim_inc(&vxi->limit, VLIMIT_DENTRY);
18594 + release_vx_info(old_vxi, p);
18595 + clr_vx_info(&p->vx_info);
18597 + claim_vx_info(vxi, p);
18598 + set_vx_info(&p->vx_info, vxi);
18599 + p->xid = vxi->vx_id;
18601 + vxdprintk(VXD_CBIT(xid, 5),
18602 + "moved task %p into vxi:%p[#%d]",
18603 + p, vxi, vxi->vx_id);
18605 + // vx_mask_cap_bset(vxi, p);
18608 + /* hack for *spaces to provide compatibility */
18610 + struct nsproxy *old_nsp, *new_nsp;
18612 + ret = unshare_nsproxy_namespaces(
18613 + CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWUSER,
18618 + old_nsp = xchg(&p->nsproxy, new_nsp);
18619 + vx_set_space(vxi, CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWUSER);
18620 + put_nsproxy(old_nsp);
18624 + put_vx_info(old_vxi);
18628 +int vx_set_reaper(struct vx_info *vxi, struct task_struct *p)
18630 + struct task_struct *old_reaper;
18635 + vxdprintk(VXD_CBIT(xid, 6),
18636 + "vx_set_reaper(%p[#%d],%p[#%d,%d])",
18637 + vxi, vxi->vx_id, p, p->xid, p->pid);
18639 + old_reaper = vxi->vx_reaper;
18640 + if (old_reaper == p)
18643 + /* set new child reaper */
18644 + get_task_struct(p);
18645 + vxi->vx_reaper = p;
18646 + put_task_struct(old_reaper);
18650 +int vx_set_init(struct vx_info *vxi, struct task_struct *p)
18655 + vxdprintk(VXD_CBIT(xid, 6),
18656 + "vx_set_init(%p[#%d],%p[#%d,%d,%d])",
18657 + vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid);
18659 + vxi->vx_flags &= ~VXF_STATE_INIT;
18660 + vxi->vx_initpid = p->tgid;
18664 +void vx_exit_init(struct vx_info *vxi, struct task_struct *p, int code)
18666 + vxdprintk(VXD_CBIT(xid, 6),
18667 + "vx_exit_init(%p[#%d],%p[#%d,%d,%d])",
18668 + vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid);
18670 + vxi->exit_code = code;
18671 + vxi->vx_initpid = 0;
18675 +void vx_set_persistent(struct vx_info *vxi)
18677 + vxdprintk(VXD_CBIT(xid, 6),
18678 + "vx_set_persistent(%p[#%d])", vxi, vxi->vx_id);
18680 + get_vx_info(vxi);
18681 + claim_vx_info(vxi, NULL);
18684 +void vx_clear_persistent(struct vx_info *vxi)
18686 + vxdprintk(VXD_CBIT(xid, 6),
18687 + "vx_clear_persistent(%p[#%d])", vxi, vxi->vx_id);
18689 + release_vx_info(vxi, NULL);
18690 + put_vx_info(vxi);
18693 +void vx_update_persistent(struct vx_info *vxi)
18695 + if (vx_info_flags(vxi, VXF_PERSISTENT, 0))
18696 + vx_set_persistent(vxi);
18698 + vx_clear_persistent(vxi);
18702 +/* task must be current or locked */
18704 +void exit_vx_info(struct task_struct *p, int code)
18706 + struct vx_info *vxi = p->vx_info;
18709 + atomic_dec(&vxi->cvirt.nr_threads);
18712 + vxi->exit_code = code;
18713 + release_vx_info(vxi, p);
18717 +void exit_vx_info_early(struct task_struct *p, int code)
18719 + struct vx_info *vxi = p->vx_info;
18722 + if (vxi->vx_initpid == p->tgid)
18723 + vx_exit_init(vxi, p, code);
18724 + if (vxi->vx_reaper == p)
18725 + vx_set_reaper(vxi, init_pid_ns.child_reaper);
18730 +/* vserver syscall commands below here */
18732 +/* taks xid and vx_info functions */
18734 +#include <asm/uaccess.h>
18737 +int vc_task_xid(uint32_t id)
18742 + struct task_struct *tsk;
18744 + read_lock(&tasklist_lock);
18745 + tsk = find_task_by_real_pid(id);
18746 + xid = (tsk) ? tsk->xid : -ESRCH;
18747 + read_unlock(&tasklist_lock);
18749 + xid = vx_current_xid();
18754 +int vc_vx_info(struct vx_info *vxi, void __user *data)
18756 + struct vcmd_vx_info_v0 vc_data;
18758 + vc_data.xid = vxi->vx_id;
18759 + vc_data.initpid = vxi->vx_initpid;
18761 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18767 +int vc_ctx_stat(struct vx_info *vxi, void __user *data)
18769 + struct vcmd_ctx_stat_v0 vc_data;
18771 + vc_data.usecnt = atomic_read(&vxi->vx_usecnt);
18772 + vc_data.tasks = atomic_read(&vxi->vx_tasks);
18774 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18780 +/* context functions */
18782 +int vc_ctx_create(uint32_t xid, void __user *data)
18784 + struct vcmd_ctx_create vc_data = { .flagword = VXF_INIT_SET };
18785 + struct vx_info *new_vxi;
18788 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
18791 + if ((xid > MAX_S_CONTEXT) || (xid < 2))
18794 + new_vxi = __create_vx_info(xid);
18795 + if (IS_ERR(new_vxi))
18796 + return PTR_ERR(new_vxi);
18798 + /* initial flags */
18799 + new_vxi->vx_flags = vc_data.flagword;
18802 + if (vs_state_change(new_vxi, VSC_STARTUP))
18805 + ret = vx_migrate_task(current, new_vxi, (!data));
18809 + /* return context id on success */
18810 + ret = new_vxi->vx_id;
18812 + /* get a reference for persistent contexts */
18813 + if ((vc_data.flagword & VXF_PERSISTENT))
18814 + vx_set_persistent(new_vxi);
18816 + release_vx_info(new_vxi, NULL);
18817 + put_vx_info(new_vxi);
18822 +int vc_ctx_migrate(struct vx_info *vxi, void __user *data)
18824 + struct vcmd_ctx_migrate vc_data = { .flagword = 0 };
18827 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
18830 + ret = vx_migrate_task(current, vxi, 0);
18833 + if (vc_data.flagword & VXM_SET_INIT)
18834 + ret = vx_set_init(vxi, current);
18837 + if (vc_data.flagword & VXM_SET_REAPER)
18838 + ret = vx_set_reaper(vxi, current);
18843 +int vc_get_cflags(struct vx_info *vxi, void __user *data)
18845 + struct vcmd_ctx_flags_v0 vc_data;
18847 + vc_data.flagword = vxi->vx_flags;
18849 + /* special STATE flag handling */
18850 + vc_data.mask = vs_mask_flags(~0ULL, vxi->vx_flags, VXF_ONE_TIME);
18852 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18857 +int vc_set_cflags(struct vx_info *vxi, void __user *data)
18859 + struct vcmd_ctx_flags_v0 vc_data;
18860 + uint64_t mask, trigger;
18862 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18865 + /* special STATE flag handling */
18866 + mask = vs_mask_mask(vc_data.mask, vxi->vx_flags, VXF_ONE_TIME);
18867 + trigger = (mask & vxi->vx_flags) ^ (mask & vc_data.flagword);
18869 + if (vxi == current->vx_info) {
18870 + /* if (trigger & VXF_STATE_SETUP)
18871 + vx_mask_cap_bset(vxi, current); */
18872 + if (trigger & VXF_STATE_INIT) {
18875 + ret = vx_set_init(vxi, current);
18878 + ret = vx_set_reaper(vxi, current);
18884 + vxi->vx_flags = vs_mask_flags(vxi->vx_flags,
18885 + vc_data.flagword, mask);
18886 + if (trigger & VXF_PERSISTENT)
18887 + vx_update_persistent(vxi);
18893 +static inline uint64_t caps_from_cap_t(kernel_cap_t c)
18895 + uint64_t v = c.cap[0] | ((uint64_t)c.cap[1] << 32);
18897 + // printk("caps_from_cap_t(%08x:%08x) = %016llx\n", c.cap[1], c.cap[0], v);
18901 +static inline kernel_cap_t cap_t_from_caps(uint64_t v)
18903 + kernel_cap_t c = __cap_empty_set;
18905 + c.cap[0] = v & 0xFFFFFFFF;
18906 + c.cap[1] = (v >> 32) & 0xFFFFFFFF;
18908 + // printk("cap_t_from_caps(%016llx) = %08x:%08x\n", v, c.cap[1], c.cap[0]);
18913 +static int do_get_caps(struct vx_info *vxi, uint64_t *bcaps, uint64_t *ccaps)
18916 + *bcaps = caps_from_cap_t(vxi->vx_bcaps);
18918 + *ccaps = vxi->vx_ccaps;
18923 +int vc_get_ccaps(struct vx_info *vxi, void __user *data)
18925 + struct vcmd_ctx_caps_v1 vc_data;
18928 + ret = do_get_caps(vxi, NULL, &vc_data.ccaps);
18931 + vc_data.cmask = ~0ULL;
18933 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18938 +static int do_set_caps(struct vx_info *vxi,
18939 + uint64_t bcaps, uint64_t bmask, uint64_t ccaps, uint64_t cmask)
18941 + uint64_t bcold = caps_from_cap_t(vxi->vx_bcaps);
18944 + printk("do_set_caps(%16llx, %16llx, %16llx, %16llx)\n",
18945 + bcaps, bmask, ccaps, cmask);
18947 + vxi->vx_bcaps = cap_t_from_caps(
18948 + vs_mask_flags(bcold, bcaps, bmask));
18949 + vxi->vx_ccaps = vs_mask_flags(vxi->vx_ccaps, ccaps, cmask);
18954 +int vc_set_ccaps(struct vx_info *vxi, void __user *data)
18956 + struct vcmd_ctx_caps_v1 vc_data;
18958 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18961 + return do_set_caps(vxi, 0, 0, vc_data.ccaps, vc_data.cmask);
18964 +int vc_get_bcaps(struct vx_info *vxi, void __user *data)
18966 + struct vcmd_bcaps vc_data;
18969 + ret = do_get_caps(vxi, &vc_data.bcaps, NULL);
18972 + vc_data.bmask = ~0ULL;
18974 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18979 +int vc_set_bcaps(struct vx_info *vxi, void __user *data)
18981 + struct vcmd_bcaps vc_data;
18983 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18986 + return do_set_caps(vxi, vc_data.bcaps, vc_data.bmask, 0, 0);
18990 +int vc_get_badness(struct vx_info *vxi, void __user *data)
18992 + struct vcmd_badness_v0 vc_data;
18994 + vc_data.bias = vxi->vx_badness_bias;
18996 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19001 +int vc_set_badness(struct vx_info *vxi, void __user *data)
19003 + struct vcmd_badness_v0 vc_data;
19005 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19008 + vxi->vx_badness_bias = vc_data.bias;
19012 +#include <linux/module.h>
19014 +EXPORT_SYMBOL_GPL(free_vx_info);
19016 diff -NurpP --minimal linux-2.6.25/kernel/vserver/cvirt.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cvirt.c
19017 --- linux-2.6.25/kernel/vserver/cvirt.c 1969-12-31 19:00:00.000000000 -0500
19018 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cvirt.c 2008-04-19 15:14:52.000000000 -0400
19021 + * linux/kernel/vserver/cvirt.c
19023 + * Virtual Server: Context Virtualization
19025 + * Copyright (C) 2004-2007 Herbert Pötzl
19027 + * V0.01 broken out from limit.c
19028 + * V0.02 added utsname stuff
19029 + * V0.03 changed vcmds to vxi arg
19033 +#include <linux/types.h>
19034 +#include <linux/utsname.h>
19035 +#include <linux/vs_cvirt.h>
19036 +#include <linux/vserver/switch.h>
19037 +#include <linux/vserver/cvirt_cmd.h>
19039 +#include <asm/uaccess.h>
19042 +void vx_vsi_uptime(struct timespec *uptime, struct timespec *idle)
19044 + struct vx_info *vxi = current->vx_info;
19046 + set_normalized_timespec(uptime,
19047 + uptime->tv_sec - vxi->cvirt.bias_uptime.tv_sec,
19048 + uptime->tv_nsec - vxi->cvirt.bias_uptime.tv_nsec);
19051 + set_normalized_timespec(idle,
19052 + idle->tv_sec - vxi->cvirt.bias_idle.tv_sec,
19053 + idle->tv_nsec - vxi->cvirt.bias_idle.tv_nsec);
19057 +uint64_t vx_idle_jiffies(void)
19059 + return init_task.utime + init_task.stime;
19064 +static inline uint32_t __update_loadavg(uint32_t load,
19065 + int wsize, int delta, int n)
19067 + unsigned long long calc, prev;
19069 + /* just set it to n */
19070 + if (unlikely(delta >= wsize))
19071 + return (n << FSHIFT);
19073 + calc = delta * n;
19075 + prev = (wsize - delta);
19078 + do_div(calc, wsize);
19083 +void vx_update_load(struct vx_info *vxi)
19085 + uint32_t now, last, delta;
19086 + unsigned int nr_running, nr_uninterruptible;
19087 + unsigned int total;
19088 + unsigned long flags;
19090 + spin_lock_irqsave(&vxi->cvirt.load_lock, flags);
19093 + last = vxi->cvirt.load_last;
19094 + delta = now - last;
19096 + if (delta < 5*HZ)
19099 + nr_running = atomic_read(&vxi->cvirt.nr_running);
19100 + nr_uninterruptible = atomic_read(&vxi->cvirt.nr_uninterruptible);
19101 + total = nr_running + nr_uninterruptible;
19103 + vxi->cvirt.load[0] = __update_loadavg(vxi->cvirt.load[0],
19104 + 60*HZ, delta, total);
19105 + vxi->cvirt.load[1] = __update_loadavg(vxi->cvirt.load[1],
19106 + 5*60*HZ, delta, total);
19107 + vxi->cvirt.load[2] = __update_loadavg(vxi->cvirt.load[2],
19108 + 15*60*HZ, delta, total);
19110 + vxi->cvirt.load_last = now;
19112 + atomic_inc(&vxi->cvirt.load_updates);
19113 + spin_unlock_irqrestore(&vxi->cvirt.load_lock, flags);
19118 + * Commands to do_syslog:
19120 + * 0 -- Close the log. Currently a NOP.
19121 + * 1 -- Open the log. Currently a NOP.
19122 + * 2 -- Read from the log.
19123 + * 3 -- Read all messages remaining in the ring buffer.
19124 + * 4 -- Read and clear all messages remaining in the ring buffer
19125 + * 5 -- Clear ring buffer.
19126 + * 6 -- Disable printk's to console
19127 + * 7 -- Enable printk's to console
19128 + * 8 -- Set level of messages printed to console
19129 + * 9 -- Return number of unread characters in the log buffer
19130 + * 10 -- Return size of the log buffer
19132 +int vx_do_syslog(int type, char __user *buf, int len)
19135 + int do_clear = 0;
19136 + struct vx_info *vxi = current->vx_info;
19137 + struct _vx_syslog *log;
19141 + log = &vxi->cvirt.syslog;
19144 + case 0: /* Close log */
19145 + case 1: /* Open log */
19147 + case 2: /* Read from log */
19148 + error = wait_event_interruptible(log->log_wait,
19149 + (log->log_start - log->log_end));
19152 + spin_lock_irq(&log->logbuf_lock);
19153 + spin_unlock_irq(&log->logbuf_lock);
19155 + case 4: /* Read/clear last kernel messages */
19157 + /* fall through */
19158 + case 3: /* Read last kernel messages */
19161 + case 5: /* Clear ring buffer */
19164 + case 6: /* Disable logging to console */
19165 + case 7: /* Enable logging to console */
19166 + case 8: /* Set level of messages printed to console */
19169 + case 9: /* Number of chars in the log buffer */
19171 + case 10: /* Size of the log buffer */
19181 +/* virtual host info names */
19183 +static char *vx_vhi_name(struct vx_info *vxi, int id)
19185 + struct nsproxy *nsproxy;
19186 + struct uts_namespace *uts;
19189 + if (id == VHIN_CONTEXT)
19190 + return vxi->vx_name;
19192 + nsproxy = vxi->vx_nsproxy;
19196 + uts = nsproxy->uts_ns;
19201 + case VHIN_SYSNAME:
19202 + return uts->name.sysname;
19203 + case VHIN_NODENAME:
19204 + return uts->name.nodename;
19205 + case VHIN_RELEASE:
19206 + return uts->name.release;
19207 + case VHIN_VERSION:
19208 + return uts->name.version;
19209 + case VHIN_MACHINE:
19210 + return uts->name.machine;
19211 + case VHIN_DOMAINNAME:
19212 + return uts->name.domainname;
19219 +int vc_set_vhi_name(struct vx_info *vxi, void __user *data)
19221 + struct vcmd_vhi_name_v0 vc_data;
19224 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19227 + name = vx_vhi_name(vxi, vc_data.field);
19231 + memcpy(name, vc_data.name, 65);
19235 +int vc_get_vhi_name(struct vx_info *vxi, void __user *data)
19237 + struct vcmd_vhi_name_v0 vc_data;
19240 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19243 + name = vx_vhi_name(vxi, vc_data.field);
19247 + memcpy(vc_data.name, name, 65);
19248 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19254 +int vc_virt_stat(struct vx_info *vxi, void __user *data)
19256 + struct vcmd_virt_stat_v0 vc_data;
19257 + struct _vx_cvirt *cvirt = &vxi->cvirt;
19258 + struct timespec uptime;
19260 + do_posix_clock_monotonic_gettime(&uptime);
19261 + set_normalized_timespec(&uptime,
19262 + uptime.tv_sec - cvirt->bias_uptime.tv_sec,
19263 + uptime.tv_nsec - cvirt->bias_uptime.tv_nsec);
19265 + vc_data.offset = timeval_to_ns(&cvirt->bias_tv);
19266 + vc_data.uptime = timespec_to_ns(&uptime);
19267 + vc_data.nr_threads = atomic_read(&cvirt->nr_threads);
19268 + vc_data.nr_running = atomic_read(&cvirt->nr_running);
19269 + vc_data.nr_uninterruptible = atomic_read(&cvirt->nr_uninterruptible);
19270 + vc_data.nr_onhold = atomic_read(&cvirt->nr_onhold);
19271 + vc_data.nr_forks = atomic_read(&cvirt->total_forks);
19272 + vc_data.load[0] = cvirt->load[0];
19273 + vc_data.load[1] = cvirt->load[1];
19274 + vc_data.load[2] = cvirt->load[2];
19276 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19282 +#ifdef CONFIG_VSERVER_VTIME
19284 +/* virtualized time base */
19286 +void vx_gettimeofday(struct timeval *tv)
19288 + do_gettimeofday(tv);
19289 + if (!vx_flags(VXF_VIRT_TIME, 0))
19292 + tv->tv_sec += current->vx_info->cvirt.bias_tv.tv_sec;
19293 + tv->tv_usec += current->vx_info->cvirt.bias_tv.tv_usec;
19295 + if (tv->tv_usec >= USEC_PER_SEC) {
19297 + tv->tv_usec -= USEC_PER_SEC;
19298 + } else if (tv->tv_usec < 0) {
19300 + tv->tv_usec += USEC_PER_SEC;
19304 +int vx_settimeofday(struct timespec *ts)
19306 + struct timeval tv;
19308 + if (!vx_flags(VXF_VIRT_TIME, 0))
19309 + return do_settimeofday(ts);
19311 + do_gettimeofday(&tv);
19312 + current->vx_info->cvirt.bias_tv.tv_sec =
19313 + ts->tv_sec - tv.tv_sec;
19314 + current->vx_info->cvirt.bias_tv.tv_usec =
19315 + (ts->tv_nsec/NSEC_PER_USEC) - tv.tv_usec;
19321 diff -NurpP --minimal linux-2.6.25/kernel/vserver/cvirt_init.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cvirt_init.h
19322 --- linux-2.6.25/kernel/vserver/cvirt_init.h 1969-12-31 19:00:00.000000000 -0500
19323 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cvirt_init.h 2008-04-19 15:14:52.000000000 -0400
19327 +extern uint64_t vx_idle_jiffies(void);
19329 +static inline void vx_info_init_cvirt(struct _vx_cvirt *cvirt)
19331 + uint64_t idle_jiffies = vx_idle_jiffies();
19332 + uint64_t nsuptime;
19334 + do_posix_clock_monotonic_gettime(&cvirt->bias_uptime);
19335 + nsuptime = (unsigned long long)cvirt->bias_uptime.tv_sec
19336 + * NSEC_PER_SEC + cvirt->bias_uptime.tv_nsec;
19337 + cvirt->bias_clock = nsec_to_clock_t(nsuptime);
19338 + cvirt->bias_tv.tv_sec = 0;
19339 + cvirt->bias_tv.tv_usec = 0;
19341 + jiffies_to_timespec(idle_jiffies, &cvirt->bias_idle);
19342 + atomic_set(&cvirt->nr_threads, 0);
19343 + atomic_set(&cvirt->nr_running, 0);
19344 + atomic_set(&cvirt->nr_uninterruptible, 0);
19345 + atomic_set(&cvirt->nr_onhold, 0);
19347 + spin_lock_init(&cvirt->load_lock);
19348 + cvirt->load_last = jiffies;
19349 + atomic_set(&cvirt->load_updates, 0);
19350 + cvirt->load[0] = 0;
19351 + cvirt->load[1] = 0;
19352 + cvirt->load[2] = 0;
19353 + atomic_set(&cvirt->total_forks, 0);
19355 + spin_lock_init(&cvirt->syslog.logbuf_lock);
19356 + init_waitqueue_head(&cvirt->syslog.log_wait);
19357 + cvirt->syslog.log_start = 0;
19358 + cvirt->syslog.log_end = 0;
19359 + cvirt->syslog.con_start = 0;
19360 + cvirt->syslog.logged_chars = 0;
19364 +void vx_info_init_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc, int cpu)
19366 + // cvirt_pc->cpustat = { 0 };
19369 +static inline void vx_info_exit_cvirt(struct _vx_cvirt *cvirt)
19373 + vxwprintk_xid((value = atomic_read(&cvirt->nr_threads)),
19374 + "!!! cvirt: %p[nr_threads] = %d on exit.",
19376 + vxwprintk_xid((value = atomic_read(&cvirt->nr_running)),
19377 + "!!! cvirt: %p[nr_running] = %d on exit.",
19379 + vxwprintk_xid((value = atomic_read(&cvirt->nr_uninterruptible)),
19380 + "!!! cvirt: %p[nr_uninterruptible] = %d on exit.",
19382 + vxwprintk_xid((value = atomic_read(&cvirt->nr_onhold)),
19383 + "!!! cvirt: %p[nr_onhold] = %d on exit.",
19389 +void vx_info_exit_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc, int cpu)
19394 diff -NurpP --minimal linux-2.6.25/kernel/vserver/cvirt_proc.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cvirt_proc.h
19395 --- linux-2.6.25/kernel/vserver/cvirt_proc.h 1969-12-31 19:00:00.000000000 -0500
19396 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/cvirt_proc.h 2008-04-21 13:01:29.000000000 -0400
19398 +#ifndef _VX_CVIRT_PROC_H
19399 +#define _VX_CVIRT_PROC_H
19401 +#include <linux/nsproxy.h>
19402 +#include <linux/mnt_namespace.h>
19403 +#include <linux/ipc_namespace.h>
19404 +#include <linux/utsname.h>
19405 +#include <linux/ipc.h>
19409 +int vx_info_proc_nsproxy(struct nsproxy *nsproxy, char *buffer)
19411 + struct mnt_namespace *ns;
19412 + struct uts_namespace *uts;
19413 + struct ipc_namespace *ipc;
19414 + struct path path;
19415 + char *pstr, *root;
19421 + length += sprintf(buffer + length,
19422 + "NSProxy:\t%p [%p,%p,%p]\n",
19423 + nsproxy, nsproxy->mnt_ns,
19424 + nsproxy->uts_ns, nsproxy->ipc_ns);
19426 + ns = nsproxy->mnt_ns;
19430 + pstr = kmalloc(PATH_MAX, GFP_KERNEL);
19434 + path.mnt = ns->root;
19435 + path.dentry = ns->root->mnt_root;
19436 + root = d_path(&path, pstr, PATH_MAX - 2);
19437 + length += sprintf(buffer + length,
19438 + "Namespace:\t%p [#%u]\n"
19439 + "RootPath:\t%s\n",
19440 + ns, atomic_read(&ns->count),
19445 + uts = nsproxy->uts_ns;
19449 + length += sprintf(buffer + length,
19450 + "SysName:\t%.*s\n"
19451 + "NodeName:\t%.*s\n"
19452 + "Release:\t%.*s\n"
19453 + "Version:\t%.*s\n"
19454 + "Machine:\t%.*s\n"
19455 + "DomainName:\t%.*s\n",
19456 + __NEW_UTS_LEN, uts->name.sysname,
19457 + __NEW_UTS_LEN, uts->name.nodename,
19458 + __NEW_UTS_LEN, uts->name.release,
19459 + __NEW_UTS_LEN, uts->name.version,
19460 + __NEW_UTS_LEN, uts->name.machine,
19461 + __NEW_UTS_LEN, uts->name.domainname);
19464 + ipc = nsproxy->ipc_ns;
19468 + length += sprintf(buffer + length,
19469 + "SEMS:\t\t%d %d %d %d %d\n"
19470 + "MSG:\t\t%d %d %d\n"
19471 + "SHM:\t\t%lu %lu %d %d\n",
19472 + ipc->sem_ctls[0], ipc->sem_ctls[1],
19473 + ipc->sem_ctls[2], ipc->sem_ctls[3],
19475 + ipc->msg_ctlmax, ipc->msg_ctlmnb, ipc->msg_ctlmni,
19476 + (unsigned long)ipc->shm_ctlmax,
19477 + (unsigned long)ipc->shm_ctlall,
19478 + ipc->shm_ctlmni, ipc->shm_tot);
19485 +#include <linux/sched.h>
19487 +#define LOAD_INT(x) ((x) >> FSHIFT)
19488 +#define LOAD_FRAC(x) LOAD_INT(((x) & (FIXED_1 - 1)) * 100)
19491 +int vx_info_proc_cvirt(struct _vx_cvirt *cvirt, char *buffer)
19496 + length += sprintf(buffer + length,
19497 + "BiasUptime:\t%lu.%02lu\n",
19498 + (unsigned long)cvirt->bias_uptime.tv_sec,
19499 + (cvirt->bias_uptime.tv_nsec / (NSEC_PER_SEC / 100)));
19501 + a = cvirt->load[0] + (FIXED_1 / 200);
19502 + b = cvirt->load[1] + (FIXED_1 / 200);
19503 + c = cvirt->load[2] + (FIXED_1 / 200);
19504 + length += sprintf(buffer + length,
19505 + "nr_threads:\t%d\n"
19506 + "nr_running:\t%d\n"
19507 + "nr_unintr:\t%d\n"
19508 + "nr_onhold:\t%d\n"
19509 + "load_updates:\t%d\n"
19510 + "loadavg:\t%d.%02d %d.%02d %d.%02d\n"
19511 + "total_forks:\t%d\n",
19512 + atomic_read(&cvirt->nr_threads),
19513 + atomic_read(&cvirt->nr_running),
19514 + atomic_read(&cvirt->nr_uninterruptible),
19515 + atomic_read(&cvirt->nr_onhold),
19516 + atomic_read(&cvirt->load_updates),
19517 + LOAD_INT(a), LOAD_FRAC(a),
19518 + LOAD_INT(b), LOAD_FRAC(b),
19519 + LOAD_INT(c), LOAD_FRAC(c),
19520 + atomic_read(&cvirt->total_forks));
19525 +int vx_info_proc_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc,
19526 + char *buffer, int cpu)
19532 +#endif /* _VX_CVIRT_PROC_H */
19533 diff -NurpP --minimal linux-2.6.25/kernel/vserver/debug.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/debug.c
19534 --- linux-2.6.25/kernel/vserver/debug.c 1969-12-31 19:00:00.000000000 -0500
19535 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/debug.c 2008-04-19 15:14:52.000000000 -0400
19538 + * kernel/vserver/debug.c
19540 + * Copyright (C) 2005-2007 Herbert Pötzl
19542 + * V0.01 vx_info dump support
19546 +#include <linux/module.h>
19548 +#include <linux/vserver/context.h>
19551 +void dump_vx_info(struct vx_info *vxi, int level)
19553 + printk("vx_info %p[#%d, %d.%d, %4x]\n", vxi, vxi->vx_id,
19554 + atomic_read(&vxi->vx_usecnt),
19555 + atomic_read(&vxi->vx_tasks),
19558 + __dump_vx_limit(&vxi->limit);
19559 + __dump_vx_sched(&vxi->sched);
19560 + __dump_vx_cvirt(&vxi->cvirt);
19561 + __dump_vx_cacct(&vxi->cacct);
19567 +EXPORT_SYMBOL_GPL(dump_vx_info);
19569 diff -NurpP --minimal linux-2.6.25/kernel/vserver/device.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/device.c
19570 --- linux-2.6.25/kernel/vserver/device.c 1969-12-31 19:00:00.000000000 -0500
19571 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/device.c 2008-04-21 12:35:24.000000000 -0400
19574 + * linux/kernel/vserver/device.c
19576 + * Linux-VServer: Device Support
19578 + * Copyright (C) 2006 Herbert Pötzl
19579 + * Copyright (C) 2007 Daniel Hokka Zakrisson
19581 + * V0.01 device mapping basics
19582 + * V0.02 added defaults
19586 +#include <linux/slab.h>
19587 +#include <linux/rcupdate.h>
19588 +#include <linux/fs.h>
19589 +#include <linux/namei.h>
19590 +#include <linux/hash.h>
19592 +#include <asm/errno.h>
19593 +#include <asm/uaccess.h>
19594 +#include <linux/vserver/base.h>
19595 +#include <linux/vserver/debug.h>
19596 +#include <linux/vserver/context.h>
19597 +#include <linux/vserver/device.h>
19598 +#include <linux/vserver/device_cmd.h>
19601 +#define DMAP_HASH_BITS 4
19604 +struct vs_mapping {
19606 + struct hlist_node hlist;
19607 + struct list_head list;
19609 +#define dm_hlist u.hlist
19610 +#define dm_list u.list
19613 + struct vx_dmap_target target;
19617 +static struct hlist_head dmap_main_hash[1 << DMAP_HASH_BITS];
19619 +static spinlock_t dmap_main_hash_lock = SPIN_LOCK_UNLOCKED;
19621 +static struct vx_dmap_target dmap_defaults[2] = {
19622 + { .flags = DATTR_OPEN },
19623 + { .flags = DATTR_OPEN },
19627 +struct kmem_cache *dmap_cachep __read_mostly;
19629 +int __init dmap_cache_init(void)
19631 + dmap_cachep = kmem_cache_create("dmap_cache",
19632 + sizeof(struct vs_mapping), 0,
19633 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
19637 +__initcall(dmap_cache_init);
19640 +static inline unsigned int __hashval(dev_t dev, int bits)
19642 + return hash_long((unsigned long)dev, bits);
19646 +/* __hash_mapping()
19647 + * add the mapping to the hash table
19649 +static inline void __hash_mapping(struct vx_info *vxi, struct vs_mapping *vdm)
19651 + spinlock_t *hash_lock = &dmap_main_hash_lock;
19652 + struct hlist_head *head, *hash = dmap_main_hash;
19653 + int device = vdm->device;
19655 + spin_lock(hash_lock);
19656 + vxdprintk(VXD_CBIT(misc, 8), "__hash_mapping: %p[#%d] %08x:%08x",
19657 + vxi, vxi ? vxi->vx_id : 0, device, vdm->target.target);
19659 + head = &hash[__hashval(device, DMAP_HASH_BITS)];
19660 + hlist_add_head(&vdm->dm_hlist, head);
19661 + spin_unlock(hash_lock);
19665 +static inline int __mode_to_default(umode_t mode)
19678 +/* __set_default()
19681 +static inline void __set_default(struct vx_info *vxi, umode_t mode,
19682 + struct vx_dmap_target *vdmt)
19684 + spinlock_t *hash_lock = &dmap_main_hash_lock;
19685 + spin_lock(hash_lock);
19688 + vxi->dmap.targets[__mode_to_default(mode)] = *vdmt;
19690 + dmap_defaults[__mode_to_default(mode)] = *vdmt;
19693 + spin_unlock(hash_lock);
19695 + vxdprintk(VXD_CBIT(misc, 8), "__set_default: %p[#%u] %08x %04x",
19696 + vxi, vxi ? vxi->vx_id : 0, vdmt->target, vdmt->flags);
19700 +/* __remove_default()
19701 + * remove a default
19703 +static inline int __remove_default(struct vx_info *vxi, umode_t mode)
19705 + spinlock_t *hash_lock = &dmap_main_hash_lock;
19706 + spin_lock(hash_lock);
19709 + vxi->dmap.targets[__mode_to_default(mode)].flags = 0;
19710 + else /* remove == reset */
19711 + dmap_defaults[__mode_to_default(mode)].flags = DATTR_OPEN | mode;
19713 + spin_unlock(hash_lock);
19718 +/* __find_mapping()
19719 + * find a mapping in the hash table
19721 + * caller must hold hash_lock
19723 +static inline int __find_mapping(xid_t xid, dev_t device, umode_t mode,
19724 + struct vs_mapping **local, struct vs_mapping **global)
19726 + struct hlist_head *hash = dmap_main_hash;
19727 + struct hlist_head *head = &hash[__hashval(device, DMAP_HASH_BITS)];
19728 + struct hlist_node *pos;
19729 + struct vs_mapping *vdm;
19735 + hlist_for_each(pos, head) {
19736 + vdm = hlist_entry(pos, struct vs_mapping, dm_hlist);
19738 + if ((vdm->device == device) &&
19739 + !((vdm->target.flags ^ mode) & S_IFMT)) {
19740 + if (vdm->xid == xid) {
19743 + } else if (global && vdm->xid == 0)
19748 + if (global && *global)
19755 +/* __lookup_mapping()
19756 + * find a mapping and store the result in target and flags
19758 +static inline int __lookup_mapping(struct vx_info *vxi,
19759 + dev_t device, dev_t *target, int *flags, umode_t mode)
19761 + spinlock_t *hash_lock = &dmap_main_hash_lock;
19762 + struct vs_mapping *vdm, *global;
19763 + struct vx_dmap_target *vdmt;
19765 + xid_t xid = vxi->vx_id;
19768 + spin_lock(hash_lock);
19769 + if (__find_mapping(xid, device, mode, &vdm, &global) > 0) {
19771 + vdmt = &vdm->target;
19775 + index = __mode_to_default(mode);
19776 + if (vxi && vxi->dmap.targets[index].flags) {
19778 + vdmt = &vxi->dmap.targets[index];
19779 + } else if (global) {
19781 + vdmt = &global->target;
19785 + vdmt = &dmap_defaults[index];
19789 + if (target && (vdmt->flags & DATTR_REMAP))
19790 + *target = vdmt->target;
19792 + *target = device;
19794 + *flags = vdmt->flags;
19796 + spin_unlock(hash_lock);
19802 +/* __remove_mapping()
19803 + * remove a mapping from the hash table
19805 +static inline int __remove_mapping(struct vx_info *vxi, dev_t device,
19808 + spinlock_t *hash_lock = &dmap_main_hash_lock;
19809 + struct vs_mapping *vdm = NULL;
19812 + spin_lock(hash_lock);
19814 + ret = __find_mapping((vxi ? vxi->vx_id : 0), device, mode, &vdm,
19816 + vxdprintk(VXD_CBIT(misc, 8), "__remove_mapping: %p[#%d] %08x %04x",
19817 + vxi, vxi ? vxi->vx_id : 0, device, mode);
19820 + hlist_del(&vdm->dm_hlist);
19823 + spin_unlock(hash_lock);
19825 + kmem_cache_free(dmap_cachep, vdm);
19831 +int vs_map_device(struct vx_info *vxi,
19832 + dev_t device, dev_t *target, umode_t mode)
19834 + int ret, flags = DATTR_MASK;
19838 + *target = device;
19841 + ret = __lookup_mapping(vxi, device, target, &flags, mode);
19842 + vxdprintk(VXD_CBIT(misc, 8), "vs_map_device: %08x target: %08x flags: %04x mode: %04x mapped=%d",
19843 + device, target ? *target : 0, flags, mode, ret);
19845 + return (flags & DATTR_MASK);
19850 +static int do_set_mapping(struct vx_info *vxi,
19851 + dev_t device, dev_t target, int flags, umode_t mode)
19854 + struct vs_mapping *new;
19856 + new = kmem_cache_alloc(dmap_cachep, GFP_KERNEL);
19860 + INIT_HLIST_NODE(&new->dm_hlist);
19861 + new->device = device;
19862 + new->target.target = target;
19863 + new->target.flags = flags | mode;
19864 + new->xid = (vxi ? vxi->vx_id : 0);
19866 + vxdprintk(VXD_CBIT(misc, 8), "do_set_mapping: %08x target: %08x flags: %04x", device, target, flags);
19867 + __hash_mapping(vxi, new);
19869 + struct vx_dmap_target new = {
19870 + .target = target,
19871 + .flags = flags | mode,
19873 + __set_default(vxi, mode, &new);
19879 +static int do_unset_mapping(struct vx_info *vxi,
19880 + dev_t device, dev_t target, int flags, umode_t mode)
19882 + int ret = -EINVAL;
19885 + ret = __remove_mapping(vxi, device, mode);
19889 + ret = __remove_default(vxi, mode);
19899 +static inline int __user_device(const char __user *name, dev_t *dev,
19902 + struct nameidata nd;
19909 + ret = user_path_walk_link(name, &nd);
19912 + if (nd.path.dentry->d_inode) {
19913 + *dev = nd.path.dentry->d_inode->i_rdev;
19914 + *mode = nd.path.dentry->d_inode->i_mode;
19916 + path_put(&nd.path);
19920 +static inline int __mapping_mode(dev_t device, dev_t target,
19921 + umode_t device_mode, umode_t target_mode, umode_t *mode)
19924 + *mode = device_mode & S_IFMT;
19926 + *mode = target_mode & S_IFMT;
19930 + /* if both given, device and target mode have to match */
19931 + if (device && target &&
19932 + ((device_mode ^ target_mode) & S_IFMT))
19938 +static inline int do_mapping(struct vx_info *vxi, const char __user *device_path,
19939 + const char __user *target_path, int flags, int set)
19941 + dev_t device = ~0, target = ~0;
19942 + umode_t device_mode = 0, target_mode = 0, mode;
19945 + ret = __user_device(device_path, &device, &device_mode);
19948 + ret = __user_device(target_path, &target, &target_mode);
19952 + ret = __mapping_mode(device, target,
19953 + device_mode, target_mode, &mode);
19958 + return do_set_mapping(vxi, device, target,
19961 + return do_unset_mapping(vxi, device, target,
19966 +int vc_set_mapping(struct vx_info *vxi, void __user *data)
19968 + struct vcmd_set_mapping_v0 vc_data;
19970 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19973 + return do_mapping(vxi, vc_data.device, vc_data.target,
19974 + vc_data.flags, 1);
19977 +int vc_unset_mapping(struct vx_info *vxi, void __user *data)
19979 + struct vcmd_set_mapping_v0 vc_data;
19981 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19984 + return do_mapping(vxi, vc_data.device, vc_data.target,
19985 + vc_data.flags, 0);
19989 +#ifdef CONFIG_COMPAT
19991 +int vc_set_mapping_x32(struct vx_info *vxi, void __user *data)
19993 + struct vcmd_set_mapping_v0_x32 vc_data;
19995 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19998 + return do_mapping(vxi, compat_ptr(vc_data.device_ptr),
19999 + compat_ptr(vc_data.target_ptr), vc_data.flags, 1);
20002 +int vc_unset_mapping_x32(struct vx_info *vxi, void __user *data)
20004 + struct vcmd_set_mapping_v0_x32 vc_data;
20006 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20009 + return do_mapping(vxi, compat_ptr(vc_data.device_ptr),
20010 + compat_ptr(vc_data.target_ptr), vc_data.flags, 0);
20013 +#endif /* CONFIG_COMPAT */
20016 diff -NurpP --minimal linux-2.6.25/kernel/vserver/dlimit.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/dlimit.c
20017 --- linux-2.6.25/kernel/vserver/dlimit.c 1969-12-31 19:00:00.000000000 -0500
20018 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/dlimit.c 2008-04-21 12:36:09.000000000 -0400
20021 + * linux/kernel/vserver/dlimit.c
20023 + * Virtual Server: Context Disk Limits
20025 + * Copyright (C) 2004-2007 Herbert Pötzl
20027 + * V0.01 initial version
20028 + * V0.02 compat32 splitup
20032 +#include <linux/statfs.h>
20033 +#include <linux/sched.h>
20034 +#include <linux/vs_tag.h>
20035 +#include <linux/vs_dlimit.h>
20036 +#include <linux/vserver/dlimit_cmd.h>
20038 +#include <asm/uaccess.h>
20040 +/* __alloc_dl_info()
20042 + * allocate an initialized dl_info struct
20043 + * doesn't make it visible (hash) */
20045 +static struct dl_info *__alloc_dl_info(struct super_block *sb, tag_t tag)
20047 + struct dl_info *new = NULL;
20049 + vxdprintk(VXD_CBIT(dlim, 5),
20050 + "alloc_dl_info(%p,%d)*", sb, tag);
20052 + /* would this benefit from a slab cache? */
20053 + new = kmalloc(sizeof(struct dl_info), GFP_KERNEL);
20057 + memset(new, 0, sizeof(struct dl_info));
20058 + new->dl_tag = tag;
20060 + INIT_RCU_HEAD(&new->dl_rcu);
20061 + INIT_HLIST_NODE(&new->dl_hlist);
20062 + spin_lock_init(&new->dl_lock);
20063 + atomic_set(&new->dl_refcnt, 0);
20064 + atomic_set(&new->dl_usecnt, 0);
20066 + /* rest of init goes here */
20068 + vxdprintk(VXD_CBIT(dlim, 4),
20069 + "alloc_dl_info(%p,%d) = %p", sb, tag, new);
20073 +/* __dealloc_dl_info()
20075 + * final disposal of dl_info */
20077 +static void __dealloc_dl_info(struct dl_info *dli)
20079 + vxdprintk(VXD_CBIT(dlim, 4),
20080 + "dealloc_dl_info(%p)", dli);
20082 + dli->dl_hlist.next = LIST_POISON1;
20083 + dli->dl_tag = -1;
20086 + BUG_ON(atomic_read(&dli->dl_usecnt));
20087 + BUG_ON(atomic_read(&dli->dl_refcnt));
20093 +/* hash table for dl_info hash */
20095 +#define DL_HASH_SIZE 13
20097 +struct hlist_head dl_info_hash[DL_HASH_SIZE];
20099 +static spinlock_t dl_info_hash_lock = SPIN_LOCK_UNLOCKED;
20102 +static inline unsigned int __hashval(struct super_block *sb, tag_t tag)
20104 + return ((tag ^ (unsigned long)sb) % DL_HASH_SIZE);
20109 +/* __hash_dl_info()
20111 + * add the dli to the global hash table
20112 + * requires the hash_lock to be held */
20114 +static inline void __hash_dl_info(struct dl_info *dli)
20116 + struct hlist_head *head;
20118 + vxdprintk(VXD_CBIT(dlim, 6),
20119 + "__hash_dl_info: %p[#%d]", dli, dli->dl_tag);
20120 + get_dl_info(dli);
20121 + head = &dl_info_hash[__hashval(dli->dl_sb, dli->dl_tag)];
20122 + hlist_add_head_rcu(&dli->dl_hlist, head);
20125 +/* __unhash_dl_info()
20127 + * remove the dli from the global hash table
20128 + * requires the hash_lock to be held */
20130 +static inline void __unhash_dl_info(struct dl_info *dli)
20132 + vxdprintk(VXD_CBIT(dlim, 6),
20133 + "__unhash_dl_info: %p[#%d]", dli, dli->dl_tag);
20134 + hlist_del_rcu(&dli->dl_hlist);
20135 + put_dl_info(dli);
20139 +/* __lookup_dl_info()
20141 + * requires the rcu_read_lock()
20142 + * doesn't increment the dl_refcnt */
20144 +static inline struct dl_info *__lookup_dl_info(struct super_block *sb, tag_t tag)
20146 + struct hlist_head *head = &dl_info_hash[__hashval(sb, tag)];
20147 + struct hlist_node *pos;
20148 + struct dl_info *dli;
20150 + hlist_for_each_entry_rcu(dli, pos, head, dl_hlist) {
20152 + if (dli->dl_tag == tag && dli->dl_sb == sb) {
20160 +struct dl_info *locate_dl_info(struct super_block *sb, tag_t tag)
20162 + struct dl_info *dli;
20165 + dli = get_dl_info(__lookup_dl_info(sb, tag));
20166 + vxdprintk(VXD_CBIT(dlim, 7),
20167 + "locate_dl_info(%p,#%d) = %p", sb, tag, dli);
20168 + rcu_read_unlock();
20172 +void rcu_free_dl_info(struct rcu_head *head)
20174 + struct dl_info *dli = container_of(head, struct dl_info, dl_rcu);
20175 + int usecnt, refcnt;
20177 + BUG_ON(!dli || !head);
20179 + usecnt = atomic_read(&dli->dl_usecnt);
20180 + BUG_ON(usecnt < 0);
20182 + refcnt = atomic_read(&dli->dl_refcnt);
20183 + BUG_ON(refcnt < 0);
20185 + vxdprintk(VXD_CBIT(dlim, 3),
20186 + "rcu_free_dl_info(%p)", dli);
20188 + __dealloc_dl_info(dli);
20190 + printk("!!! rcu didn't free\n");
20196 +static int do_addrem_dlimit(uint32_t id, const char __user *name,
20197 + uint32_t flags, int add)
20199 + struct nameidata nd;
20202 + ret = user_path_walk_link(name, &nd);
20204 + struct super_block *sb;
20205 + struct dl_info *dli;
20208 + if (!nd.path.dentry->d_inode)
20209 + goto out_release;
20210 + if (!(sb = nd.path.dentry->d_inode->i_sb))
20211 + goto out_release;
20214 + dli = __alloc_dl_info(sb, id);
20215 + spin_lock(&dl_info_hash_lock);
20218 + if (__lookup_dl_info(sb, id))
20220 + __hash_dl_info(dli);
20223 + spin_lock(&dl_info_hash_lock);
20224 + dli = __lookup_dl_info(sb, id);
20229 + __unhash_dl_info(dli);
20233 + spin_unlock(&dl_info_hash_lock);
20235 + __dealloc_dl_info(dli);
20237 + path_put(&nd.path);
20242 +int vc_add_dlimit(uint32_t id, void __user *data)
20244 + struct vcmd_ctx_dlimit_base_v0 vc_data;
20246 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20249 + return do_addrem_dlimit(id, vc_data.name, vc_data.flags, 1);
20252 +int vc_rem_dlimit(uint32_t id, void __user *data)
20254 + struct vcmd_ctx_dlimit_base_v0 vc_data;
20256 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20259 + return do_addrem_dlimit(id, vc_data.name, vc_data.flags, 0);
20262 +#ifdef CONFIG_COMPAT
20264 +int vc_add_dlimit_x32(uint32_t id, void __user *data)
20266 + struct vcmd_ctx_dlimit_base_v0_x32 vc_data;
20268 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20271 + return do_addrem_dlimit(id,
20272 + compat_ptr(vc_data.name_ptr), vc_data.flags, 1);
20275 +int vc_rem_dlimit_x32(uint32_t id, void __user *data)
20277 + struct vcmd_ctx_dlimit_base_v0_x32 vc_data;
20279 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20282 + return do_addrem_dlimit(id,
20283 + compat_ptr(vc_data.name_ptr), vc_data.flags, 0);
20286 +#endif /* CONFIG_COMPAT */
20290 +int do_set_dlimit(uint32_t id, const char __user *name,
20291 + uint32_t space_used, uint32_t space_total,
20292 + uint32_t inodes_used, uint32_t inodes_total,
20293 + uint32_t reserved, uint32_t flags)
20295 + struct nameidata nd;
20298 + ret = user_path_walk_link(name, &nd);
20300 + struct super_block *sb;
20301 + struct dl_info *dli;
20304 + if (!nd.path.dentry->d_inode)
20305 + goto out_release;
20306 + if (!(sb = nd.path.dentry->d_inode->i_sb))
20307 + goto out_release;
20308 + if ((reserved != CDLIM_KEEP &&
20309 + reserved > 100) ||
20310 + (inodes_used != CDLIM_KEEP &&
20311 + inodes_used > inodes_total) ||
20312 + (space_used != CDLIM_KEEP &&
20313 + space_used > space_total))
20314 + goto out_release;
20317 + dli = locate_dl_info(sb, id);
20319 + goto out_release;
20321 + spin_lock(&dli->dl_lock);
20323 + if (inodes_used != CDLIM_KEEP)
20324 + dli->dl_inodes_used = inodes_used;
20325 + if (inodes_total != CDLIM_KEEP)
20326 + dli->dl_inodes_total = inodes_total;
20327 + if (space_used != CDLIM_KEEP) {
20328 + dli->dl_space_used = space_used;
20329 + dli->dl_space_used <<= 10;
20331 + if (space_total == CDLIM_INFINITY)
20332 + dli->dl_space_total = DLIM_INFINITY;
20333 + else if (space_total != CDLIM_KEEP) {
20334 + dli->dl_space_total = space_total;
20335 + dli->dl_space_total <<= 10;
20337 + if (reserved != CDLIM_KEEP)
20338 + dli->dl_nrlmult = (1 << 10) * (100 - reserved) / 100;
20340 + spin_unlock(&dli->dl_lock);
20342 + put_dl_info(dli);
20346 + path_put(&nd.path);
20351 +int vc_set_dlimit(uint32_t id, void __user *data)
20353 + struct vcmd_ctx_dlimit_v0 vc_data;
20355 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20358 + return do_set_dlimit(id, vc_data.name,
20359 + vc_data.space_used, vc_data.space_total,
20360 + vc_data.inodes_used, vc_data.inodes_total,
20361 + vc_data.reserved, vc_data.flags);
20364 +#ifdef CONFIG_COMPAT
20366 +int vc_set_dlimit_x32(uint32_t id, void __user *data)
20368 + struct vcmd_ctx_dlimit_v0_x32 vc_data;
20370 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20373 + return do_set_dlimit(id, compat_ptr(vc_data.name_ptr),
20374 + vc_data.space_used, vc_data.space_total,
20375 + vc_data.inodes_used, vc_data.inodes_total,
20376 + vc_data.reserved, vc_data.flags);
20379 +#endif /* CONFIG_COMPAT */
20383 +int do_get_dlimit(uint32_t id, const char __user *name,
20384 + uint32_t *space_used, uint32_t *space_total,
20385 + uint32_t *inodes_used, uint32_t *inodes_total,
20386 + uint32_t *reserved, uint32_t *flags)
20388 + struct nameidata nd;
20391 + ret = user_path_walk_link(name, &nd);
20393 + struct super_block *sb;
20394 + struct dl_info *dli;
20397 + if (!nd.path.dentry->d_inode)
20398 + goto out_release;
20399 + if (!(sb = nd.path.dentry->d_inode->i_sb))
20400 + goto out_release;
20403 + dli = locate_dl_info(sb, id);
20405 + goto out_release;
20407 + spin_lock(&dli->dl_lock);
20408 + *inodes_used = dli->dl_inodes_used;
20409 + *inodes_total = dli->dl_inodes_total;
20410 + *space_used = dli->dl_space_used >> 10;
20411 + if (dli->dl_space_total == DLIM_INFINITY)
20412 + *space_total = CDLIM_INFINITY;
20414 + *space_total = dli->dl_space_total >> 10;
20416 + *reserved = 100 - ((dli->dl_nrlmult * 100 + 512) >> 10);
20417 + spin_unlock(&dli->dl_lock);
20419 + put_dl_info(dli);
20424 + path_put(&nd.path);
20430 +int vc_get_dlimit(uint32_t id, void __user *data)
20432 + struct vcmd_ctx_dlimit_v0 vc_data;
20435 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20438 + ret = do_get_dlimit(id, vc_data.name,
20439 + &vc_data.space_used, &vc_data.space_total,
20440 + &vc_data.inodes_used, &vc_data.inodes_total,
20441 + &vc_data.reserved, &vc_data.flags);
20445 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20450 +#ifdef CONFIG_COMPAT
20452 +int vc_get_dlimit_x32(uint32_t id, void __user *data)
20454 + struct vcmd_ctx_dlimit_v0_x32 vc_data;
20457 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20460 + ret = do_get_dlimit(id, compat_ptr(vc_data.name_ptr),
20461 + &vc_data.space_used, &vc_data.space_total,
20462 + &vc_data.inodes_used, &vc_data.inodes_total,
20463 + &vc_data.reserved, &vc_data.flags);
20467 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20472 +#endif /* CONFIG_COMPAT */
20475 +void vx_vsi_statfs(struct super_block *sb, struct kstatfs *buf)
20477 + struct dl_info *dli;
20478 + __u64 blimit, bfree, bavail;
20481 + dli = locate_dl_info(sb, dx_current_tag());
20485 + spin_lock(&dli->dl_lock);
20486 + if (dli->dl_inodes_total == (unsigned long)DLIM_INFINITY)
20489 + /* reduce max inodes available to limit */
20490 + if (buf->f_files > dli->dl_inodes_total)
20491 + buf->f_files = dli->dl_inodes_total;
20493 + ifree = dli->dl_inodes_total - dli->dl_inodes_used;
20494 + /* reduce free inodes to min */
20495 + if (ifree < buf->f_ffree)
20496 + buf->f_ffree = ifree;
20499 + if (dli->dl_space_total == DLIM_INFINITY)
20502 + blimit = dli->dl_space_total >> sb->s_blocksize_bits;
20504 + if (dli->dl_space_total < dli->dl_space_used)
20507 + bfree = (dli->dl_space_total - dli->dl_space_used)
20508 + >> sb->s_blocksize_bits;
20510 + bavail = ((dli->dl_space_total >> 10) * dli->dl_nrlmult);
20511 + if (bavail < dli->dl_space_used)
20514 + bavail = (bavail - dli->dl_space_used)
20515 + >> sb->s_blocksize_bits;
20517 + /* reduce max space available to limit */
20518 + if (buf->f_blocks > blimit)
20519 + buf->f_blocks = blimit;
20521 + /* reduce free space to min */
20522 + if (bfree < buf->f_bfree)
20523 + buf->f_bfree = bfree;
20525 + /* reduce avail space to min */
20526 + if (bavail < buf->f_bavail)
20527 + buf->f_bavail = bavail;
20530 + spin_unlock(&dli->dl_lock);
20531 + put_dl_info(dli);
20536 +#include <linux/module.h>
20538 +EXPORT_SYMBOL_GPL(locate_dl_info);
20539 +EXPORT_SYMBOL_GPL(rcu_free_dl_info);
20541 diff -NurpP --minimal linux-2.6.25/kernel/vserver/helper.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/helper.c
20542 --- linux-2.6.25/kernel/vserver/helper.c 1969-12-31 19:00:00.000000000 -0500
20543 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/helper.c 2008-04-19 15:14:52.000000000 -0400
20546 + * linux/kernel/vserver/helper.c
20548 + * Virtual Context Support
20550 + * Copyright (C) 2004-2007 Herbert Pötzl
20552 + * V0.01 basic helper
20556 +#include <linux/kmod.h>
20557 +#include <linux/reboot.h>
20558 +#include <linux/vs_context.h>
20559 +#include <linux/vs_network.h>
20560 +#include <linux/vserver/signal.h>
20563 +char vshelper_path[255] = "/sbin/vshelper";
20566 +static int do_vshelper(char *name, char *argv[], char *envp[], int sync)
20570 + if ((ret = call_usermodehelper(name, argv, envp, sync))) {
20571 + printk( KERN_WARNING
20572 + "%s: (%s %s) returned %s with %d\n",
20573 + name, argv[1], argv[2],
20574 + sync ? "sync" : "async", ret);
20576 + vxdprintk(VXD_CBIT(switch, 4),
20577 + "%s: (%s %s) returned %s with %d",
20578 + name, argv[1], argv[2], sync ? "sync" : "async", ret);
20583 + * vshelper path is set via /proc/sys
20584 + * invoked by vserver sys_reboot(), with
20585 + * the following arguments
20587 + * argv [0] = vshelper_path;
20588 + * argv [1] = action: "restart", "halt", "poweroff", ...
20589 + * argv [2] = context identifier
20591 + * envp [*] = type-specific parameters
20594 +long vs_reboot_helper(struct vx_info *vxi, int cmd, void __user *arg)
20596 + char id_buf[8], cmd_buf[16];
20597 + char uid_buf[16], pid_buf[16];
20600 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
20601 + char *envp[] = {"HOME=/", "TERM=linux",
20602 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin",
20603 + uid_buf, pid_buf, cmd_buf, 0};
20605 + if (vx_info_state(vxi, VXS_HELPER))
20607 + vxi->vx_state |= VXS_HELPER;
20609 + snprintf(id_buf, sizeof(id_buf)-1, "%d", vxi->vx_id);
20611 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
20612 + snprintf(uid_buf, sizeof(uid_buf)-1, "VS_UID=%d", current->uid);
20613 + snprintf(pid_buf, sizeof(pid_buf)-1, "VS_PID=%d", current->pid);
20616 + case LINUX_REBOOT_CMD_RESTART:
20617 + argv[1] = "restart";
20620 + case LINUX_REBOOT_CMD_HALT:
20621 + argv[1] = "halt";
20624 + case LINUX_REBOOT_CMD_POWER_OFF:
20625 + argv[1] = "poweroff";
20628 + case LINUX_REBOOT_CMD_SW_SUSPEND:
20629 + argv[1] = "swsusp";
20633 + vxi->vx_state &= ~VXS_HELPER;
20637 + ret = do_vshelper(vshelper_path, argv, envp, 0);
20638 + vxi->vx_state &= ~VXS_HELPER;
20639 + __wakeup_vx_info(vxi);
20640 + return (ret) ? -EPERM : 0;
20644 +long vs_reboot(unsigned int cmd, void __user *arg)
20646 + struct vx_info *vxi = current->vx_info;
20649 + vxdprintk(VXD_CBIT(misc, 5),
20650 + "vs_reboot(%p[#%d],%d)",
20651 + vxi, vxi ? vxi->vx_id : 0, cmd);
20653 + ret = vs_reboot_helper(vxi, cmd, arg);
20657 + vxi->reboot_cmd = cmd;
20658 + if (vx_info_flags(vxi, VXF_REBOOT_KILL, 0)) {
20660 + case LINUX_REBOOT_CMD_RESTART:
20661 + case LINUX_REBOOT_CMD_HALT:
20662 + case LINUX_REBOOT_CMD_POWER_OFF:
20663 + vx_info_kill(vxi, 0, SIGKILL);
20664 + vx_info_kill(vxi, 1, SIGKILL);
20674 + * argv [0] = vshelper_path;
20675 + * argv [1] = action: "startup", "shutdown"
20676 + * argv [2] = context identifier
20678 + * envp [*] = type-specific parameters
20681 +long vs_state_change(struct vx_info *vxi, unsigned int cmd)
20683 + char id_buf[8], cmd_buf[16];
20684 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
20685 + char *envp[] = {"HOME=/", "TERM=linux",
20686 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin", cmd_buf, 0};
20688 + if (!vx_info_flags(vxi, VXF_SC_HELPER, 0))
20691 + snprintf(id_buf, sizeof(id_buf)-1, "%d", vxi->vx_id);
20692 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
20695 + case VSC_STARTUP:
20696 + argv[1] = "startup";
20698 + case VSC_SHUTDOWN:
20699 + argv[1] = "shutdown";
20705 + return do_vshelper(vshelper_path, argv, envp, 1);
20710 + * argv [0] = vshelper_path;
20711 + * argv [1] = action: "netup", "netdown"
20712 + * argv [2] = context identifier
20714 + * envp [*] = type-specific parameters
20717 +long vs_net_change(struct nx_info *nxi, unsigned int cmd)
20719 + char id_buf[8], cmd_buf[16];
20720 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
20721 + char *envp[] = {"HOME=/", "TERM=linux",
20722 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin", cmd_buf, 0};
20724 + if (!nx_info_flags(nxi, NXF_SC_HELPER, 0))
20727 + snprintf(id_buf, sizeof(id_buf)-1, "%d", nxi->nx_id);
20728 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
20732 + argv[1] = "netup";
20734 + case VSC_NETDOWN:
20735 + argv[1] = "netdown";
20741 + return do_vshelper(vshelper_path, argv, envp, 1);
20744 diff -NurpP --minimal linux-2.6.25/kernel/vserver/history.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/history.c
20745 --- linux-2.6.25/kernel/vserver/history.c 1969-12-31 19:00:00.000000000 -0500
20746 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/history.c 2008-04-19 15:14:52.000000000 -0400
20749 + * kernel/vserver/history.c
20751 + * Virtual Context History Backtrace
20753 + * Copyright (C) 2004-2007 Herbert Pötzl
20755 + * V0.01 basic structure
20756 + * V0.02 hash/unhash and trace
20757 + * V0.03 preemption fixes
20761 +#include <linux/module.h>
20762 +#include <asm/uaccess.h>
20764 +#include <linux/vserver/context.h>
20765 +#include <linux/vserver/debug.h>
20766 +#include <linux/vserver/debug_cmd.h>
20767 +#include <linux/vserver/history.h>
20770 +#ifdef CONFIG_VSERVER_HISTORY
20771 +#define VXH_SIZE CONFIG_VSERVER_HISTORY_SIZE
20773 +#define VXH_SIZE 64
20776 +struct _vx_history {
20777 + unsigned int counter;
20779 + struct _vx_hist_entry entry[VXH_SIZE + 1];
20783 +DEFINE_PER_CPU(struct _vx_history, vx_history_buffer);
20785 +unsigned volatile int vxh_active = 1;
20787 +static atomic_t sequence = ATOMIC_INIT(0);
20792 + * requires disabled preemption */
20794 +struct _vx_hist_entry *vxh_advance(void *loc)
20796 + unsigned int cpu = smp_processor_id();
20797 + struct _vx_history *hist = &per_cpu(vx_history_buffer, cpu);
20798 + struct _vx_hist_entry *entry;
20799 + unsigned int index;
20801 + index = vxh_active ? (hist->counter++ % VXH_SIZE) : VXH_SIZE;
20802 + entry = &hist->entry[index];
20804 + entry->seq = atomic_inc_return(&sequence);
20805 + entry->loc = loc;
20809 +EXPORT_SYMBOL_GPL(vxh_advance);
20812 +#define VXH_LOC_FMTS "(#%04x,*%d):%p"
20814 +#define VXH_LOC_ARGS(e) (e)->seq, cpu, (e)->loc
20817 +#define VXH_VXI_FMTS "%p[#%d,%d.%d]"
20819 +#define VXH_VXI_ARGS(e) (e)->vxi.ptr, \
20820 + (e)->vxi.ptr ? (e)->vxi.xid : 0, \
20821 + (e)->vxi.ptr ? (e)->vxi.usecnt : 0, \
20822 + (e)->vxi.ptr ? (e)->vxi.tasks : 0
20824 +void vxh_dump_entry(struct _vx_hist_entry *e, unsigned cpu)
20826 + switch (e->type) {
20827 + case VXH_THROW_OOPS:
20828 + printk( VXH_LOC_FMTS " oops \n", VXH_LOC_ARGS(e));
20831 + case VXH_GET_VX_INFO:
20832 + case VXH_PUT_VX_INFO:
20833 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS "\n",
20835 + (e->type == VXH_GET_VX_INFO) ? "get" : "put",
20836 + VXH_VXI_ARGS(e));
20839 + case VXH_INIT_VX_INFO:
20840 + case VXH_SET_VX_INFO:
20841 + case VXH_CLR_VX_INFO:
20842 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS " @%p\n",
20844 + (e->type == VXH_INIT_VX_INFO) ? "init" :
20845 + ((e->type == VXH_SET_VX_INFO) ? "set" : "clr"),
20846 + VXH_VXI_ARGS(e), e->sc.data);
20849 + case VXH_CLAIM_VX_INFO:
20850 + case VXH_RELEASE_VX_INFO:
20851 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS " @%p\n",
20853 + (e->type == VXH_CLAIM_VX_INFO) ? "claim" : "release",
20854 + VXH_VXI_ARGS(e), e->sc.data);
20857 + case VXH_ALLOC_VX_INFO:
20858 + case VXH_DEALLOC_VX_INFO:
20859 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS "\n",
20861 + (e->type == VXH_ALLOC_VX_INFO) ? "alloc" : "dealloc",
20862 + VXH_VXI_ARGS(e));
20865 + case VXH_HASH_VX_INFO:
20866 + case VXH_UNHASH_VX_INFO:
20867 + printk( VXH_LOC_FMTS " __%s_vx_info " VXH_VXI_FMTS "\n",
20869 + (e->type == VXH_HASH_VX_INFO) ? "hash" : "unhash",
20870 + VXH_VXI_ARGS(e));
20873 + case VXH_LOC_VX_INFO:
20874 + case VXH_LOOKUP_VX_INFO:
20875 + case VXH_CREATE_VX_INFO:
20876 + printk( VXH_LOC_FMTS " __%s_vx_info [#%d] -> " VXH_VXI_FMTS "\n",
20878 + (e->type == VXH_CREATE_VX_INFO) ? "create" :
20879 + ((e->type == VXH_LOC_VX_INFO) ? "loc" : "lookup"),
20880 + e->ll.arg, VXH_VXI_ARGS(e));
20885 +static void __vxh_dump_history(void)
20887 + unsigned int i, cpu;
20889 + printk("History:\tSEQ: %8x\tNR_CPUS: %d\n",
20890 + atomic_read(&sequence), NR_CPUS);
20892 + for (i = 0; i < VXH_SIZE; i++) {
20893 + for_each_online_cpu(cpu) {
20894 + struct _vx_history *hist =
20895 + &per_cpu(vx_history_buffer, cpu);
20896 + unsigned int index = (hist->counter - i) % VXH_SIZE;
20897 + struct _vx_hist_entry *entry = &hist->entry[index];
20899 + vxh_dump_entry(entry, cpu);
20904 +void vxh_dump_history(void)
20908 + local_irq_enable();
20910 + local_irq_disable();
20912 + __vxh_dump_history();
20916 +/* vserver syscall commands below here */
20919 +int vc_dump_history(uint32_t id)
20922 + __vxh_dump_history();
20929 +int do_read_history(struct __user _vx_hist_entry *data,
20930 + int cpu, uint32_t *index, uint32_t *count)
20932 + int pos, ret = 0;
20933 + struct _vx_history *hist = &per_cpu(vx_history_buffer, cpu);
20934 + int end = hist->counter;
20935 + int start = end - VXH_SIZE + 2;
20936 + int idx = *index;
20938 + /* special case: get current pos */
20944 + /* have we lost some data? */
20948 + for (pos = 0; (pos < *count) && (idx < end); pos++, idx++) {
20949 + struct _vx_hist_entry *entry =
20950 + &hist->entry[idx % VXH_SIZE];
20952 + /* send entry to userspace */
20953 + ret = copy_to_user(&data[pos], entry, sizeof(*entry));
20957 + /* save new index and count */
20960 + return ret ? ret : (*index < end);
20963 +int vc_read_history(uint32_t id, void __user *data)
20965 + struct vcmd_read_history_v0 vc_data;
20968 + if (id >= NR_CPUS)
20971 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20974 + ret = do_read_history((struct __user _vx_hist_entry *)vc_data.data,
20975 + id, &vc_data.index, &vc_data.count);
20977 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20982 +#ifdef CONFIG_COMPAT
20984 +int vc_read_history_x32(uint32_t id, void __user *data)
20986 + struct vcmd_read_history_v0_x32 vc_data;
20989 + if (id >= NR_CPUS)
20992 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20995 + ret = do_read_history((struct __user _vx_hist_entry *)
20996 + compat_ptr(vc_data.data_ptr),
20997 + id, &vc_data.index, &vc_data.count);
20999 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21004 +#endif /* CONFIG_COMPAT */
21006 diff -NurpP --minimal linux-2.6.25/kernel/vserver/inet.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/inet.c
21007 --- linux-2.6.25/kernel/vserver/inet.c 1969-12-31 19:00:00.000000000 -0500
21008 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/inet.c 2008-04-21 12:49:53.000000000 -0400
21011 +#include <linux/in.h>
21012 +#include <linux/inetdevice.h>
21013 +#include <linux/vs_inet.h>
21014 +#include <linux/vs_inet6.h>
21015 +#include <linux/vserver/debug.h>
21016 +#include <net/route.h>
21017 +#include <net/addrconf.h>
21020 +int nx_v4_addr_conflict(struct nx_info *nxi1, struct nx_info *nxi2)
21024 + if (!nxi1 || !nxi2 || nxi1 == nxi2)
21027 + struct nx_addr_v4 *ptr;
21029 + for (ptr = &nxi1->v4; ptr; ptr = ptr->next) {
21030 + if (v4_nx_addr_in_nx_info(nxi2, ptr, -1)) {
21037 + vxdprintk(VXD_CBIT(net, 2),
21038 + "nx_v4_addr_conflict(%p,%p): %d",
21039 + nxi1, nxi2, ret);
21045 +#ifdef CONFIG_IPV6
21047 +int nx_v6_addr_conflict(struct nx_info *nxi1, struct nx_info *nxi2)
21051 + if (!nxi1 || !nxi2 || nxi1 == nxi2)
21054 + struct nx_addr_v6 *ptr;
21056 + for (ptr = &nxi1->v6; ptr; ptr = ptr->next) {
21057 + if (v6_nx_addr_in_nx_info(nxi2, ptr, -1)) {
21064 + vxdprintk(VXD_CBIT(net, 2),
21065 + "nx_v6_addr_conflict(%p,%p): %d",
21066 + nxi1, nxi2, ret);
21073 +int v4_dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
21075 + struct in_device *in_dev;
21076 + struct in_ifaddr **ifap;
21077 + struct in_ifaddr *ifa;
21082 + in_dev = in_dev_get(dev);
21086 + for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
21087 + ifap = &ifa->ifa_next) {
21088 + if (v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW)) {
21093 + in_dev_put(in_dev);
21099 +#ifdef CONFIG_IPV6
21101 +int v6_dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
21103 + struct inet6_dev *in_dev;
21104 + struct inet6_ifaddr **ifap;
21105 + struct inet6_ifaddr *ifa;
21110 + in_dev = in6_dev_get(dev);
21114 + for (ifap = &in_dev->addr_list; (ifa = *ifap) != NULL;
21115 + ifap = &ifa->if_next) {
21116 + if (v6_addr_in_nx_info(nxi, &ifa->addr, -1)) {
21121 + in6_dev_put(in_dev);
21128 +int dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
21134 + if (nxi->v4.type && v4_dev_in_nx_info(dev, nxi))
21136 +#ifdef CONFIG_IPV6
21138 + if (nxi->v6.type && v6_dev_in_nx_info(dev, nxi))
21143 + vxdprintk(VXD_CBIT(net, 3),
21144 + "dev_in_nx_info(%p,%p[#%d]) = %d",
21145 + dev, nxi, nxi ? nxi->nx_id : 0, ret);
21149 +int ip_v4_find_src(struct net *net, struct nx_info *nxi,
21150 + struct rtable **rp, struct flowi *fl)
21155 + /* FIXME: handle lback only case */
21156 + if (!NX_IPV4(nxi))
21159 + vxdprintk(VXD_CBIT(net, 4),
21160 + "ip_v4_find_src(%p[#%u]) " NIPQUAD_FMT " -> " NIPQUAD_FMT,
21161 + nxi, nxi ? nxi->nx_id : 0,
21162 + NIPQUAD(fl->fl4_src), NIPQUAD(fl->fl4_dst));
21164 + /* single IP is unconditional */
21165 + if (nx_info_flags(nxi, NXF_SINGLE_IP, 0) &&
21166 + (fl->fl4_src == INADDR_ANY))
21167 + fl->fl4_src = nxi->v4.ip[0].s_addr;
21169 + if (fl->fl4_src == INADDR_ANY) {
21170 + struct nx_addr_v4 *ptr;
21171 + __be32 found = 0;
21174 + err = __ip_route_output_key(net, rp, fl);
21176 + found = (*rp)->rt_src;
21178 + vxdprintk(VXD_CBIT(net, 4),
21179 + "ip_v4_find_src(%p[#%u]) rok[%u]: " NIPQUAD_FMT,
21180 + nxi, nxi ? nxi->nx_id : 0, fl->oif, NIPQUAD(found));
21181 + if (v4_addr_in_nx_info(nxi, found, NXA_MASK_BIND))
21185 + for (ptr = &nxi->v4; ptr; ptr = ptr->next) {
21186 + __be32 primary = ptr->ip[0].s_addr;
21187 + __be32 mask = ptr->mask.s_addr;
21188 + __be32 neta = primary & mask;
21190 + vxdprintk(VXD_CBIT(net, 4), "ip_v4_find_src(%p[#%u]) chk: "
21191 + NIPQUAD_FMT "/" NIPQUAD_FMT "/" NIPQUAD_FMT,
21192 + nxi, nxi ? nxi->nx_id : 0, NIPQUAD(primary),
21193 + NIPQUAD(mask), NIPQUAD(neta));
21194 + if ((found & mask) != neta)
21197 + fl->fl4_src = primary;
21198 + err = __ip_route_output_key(net, rp, fl);
21199 + vxdprintk(VXD_CBIT(net, 4),
21200 + "ip_v4_find_src(%p[#%u]) rok[%u]: " NIPQUAD_FMT,
21201 + nxi, nxi ? nxi->nx_id : 0, fl->oif, NIPQUAD(primary));
21203 + found = (*rp)->rt_src;
21205 + if (found == primary)
21209 + /* still no source ip? */
21210 + found = IN_LOOPBACK(fl->fl4_dst)
21211 + ? IPI_LOOPBACK : nxi->v4.ip[0].s_addr;
21213 + /* assign src ip to flow */
21214 + fl->fl4_src = found;
21217 + if (!v4_addr_in_nx_info(nxi, fl->fl4_src, NXA_MASK_BIND))
21221 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0)) {
21222 + if (IN_LOOPBACK(fl->fl4_dst))
21223 + fl->fl4_dst = nxi->v4_lback.s_addr;
21224 + if (IN_LOOPBACK(fl->fl4_src))
21225 + fl->fl4_src = nxi->v4_lback.s_addr;
21226 + } else if (IN_LOOPBACK(fl->fl4_dst) &&
21227 + !nx_info_flags(nxi, NXF_LBACK_ALLOW, 0))
21233 +EXPORT_SYMBOL_GPL(ip_v4_find_src);
21235 diff -NurpP --minimal linux-2.6.25/kernel/vserver/init.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/init.c
21236 --- linux-2.6.25/kernel/vserver/init.c 1969-12-31 19:00:00.000000000 -0500
21237 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/init.c 2008-04-19 15:14:52.000000000 -0400
21240 + * linux/kernel/init.c
21242 + * Virtual Server Init
21244 + * Copyright (C) 2004-2007 Herbert Pötzl
21246 + * V0.01 basic structure
21250 +#include <linux/init.h>
21252 +int vserver_register_sysctl(void);
21253 +void vserver_unregister_sysctl(void);
21256 +static int __init init_vserver(void)
21260 +#ifdef CONFIG_VSERVER_DEBUG
21261 + vserver_register_sysctl();
21267 +static void __exit exit_vserver(void)
21270 +#ifdef CONFIG_VSERVER_DEBUG
21271 + vserver_unregister_sysctl();
21276 +/* FIXME: GFP_ZONETYPES gone
21277 +long vx_slab[GFP_ZONETYPES]; */
21281 +module_init(init_vserver);
21282 +module_exit(exit_vserver);
21284 diff -NurpP --minimal linux-2.6.25/kernel/vserver/inode.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/inode.c
21285 --- linux-2.6.25/kernel/vserver/inode.c 1969-12-31 19:00:00.000000000 -0500
21286 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/inode.c 2008-04-21 16:52:16.000000000 -0400
21289 + * linux/kernel/vserver/inode.c
21291 + * Virtual Server: File System Support
21293 + * Copyright (C) 2004-2007 Herbert Pötzl
21295 + * V0.01 separated from vcontext V0.05
21296 + * V0.02 moved to tag (instead of xid)
21300 +#include <linux/tty.h>
21301 +#include <linux/proc_fs.h>
21302 +#include <linux/devpts_fs.h>
21303 +#include <linux/fs.h>
21304 +#include <linux/file.h>
21305 +#include <linux/mount.h>
21306 +#include <linux/parser.h>
21307 +#include <linux/vserver/inode.h>
21308 +#include <linux/vserver/inode_cmd.h>
21309 +#include <linux/vs_base.h>
21310 +#include <linux/vs_tag.h>
21312 +#include <asm/uaccess.h>
21315 +static int __vc_get_iattr(struct inode *in, uint32_t *tag, uint32_t *flags, uint32_t *mask)
21317 + struct proc_dir_entry *entry;
21319 + if (!in || !in->i_sb)
21322 + *flags = IATTR_TAG
21323 + | (IS_BARRIER(in) ? IATTR_BARRIER : 0)
21324 + | (IS_IUNLINK(in) ? IATTR_IUNLINK : 0)
21325 + | (IS_IMMUTABLE(in) ? IATTR_IMMUTABLE : 0);
21326 + *mask = IATTR_IUNLINK | IATTR_IMMUTABLE;
21328 + if (S_ISDIR(in->i_mode))
21329 + *mask |= IATTR_BARRIER;
21331 + if (IS_TAGGED(in)) {
21332 + *tag = in->i_tag;
21333 + *mask |= IATTR_TAG;
21336 + switch (in->i_sb->s_magic) {
21337 + case PROC_SUPER_MAGIC:
21338 + entry = PROC_I(in)->pde;
21340 + /* check for specific inodes? */
21342 + *mask |= IATTR_FLAGS;
21344 + *flags |= (entry->vx_flags & IATTR_FLAGS);
21346 + *flags |= (PROC_I(in)->vx_flags & IATTR_FLAGS);
21349 + case DEVPTS_SUPER_MAGIC:
21350 + *tag = in->i_tag;
21351 + *mask |= IATTR_TAG;
21360 +int vc_get_iattr(void __user *data)
21362 + struct nameidata nd;
21363 + struct vcmd_ctx_iattr_v1 vc_data = { .tag = -1 };
21366 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21369 + ret = user_path_walk_link(vc_data.name, &nd);
21371 + ret = __vc_get_iattr(nd.path.dentry->d_inode,
21372 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21373 + path_put(&nd.path);
21378 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21383 +#ifdef CONFIG_COMPAT
21385 +int vc_get_iattr_x32(void __user *data)
21387 + struct nameidata nd;
21388 + struct vcmd_ctx_iattr_v1_x32 vc_data = { .tag = -1 };
21391 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21394 + ret = user_path_walk_link(compat_ptr(vc_data.name_ptr), &nd);
21396 + ret = __vc_get_iattr(nd.path.dentry->d_inode,
21397 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21398 + path_put(&nd.path);
21403 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21408 +#endif /* CONFIG_COMPAT */
21411 +int vc_fget_iattr(uint32_t fd, void __user *data)
21413 + struct file *filp;
21414 + struct vcmd_ctx_fiattr_v0 vc_data = { .tag = -1 };
21417 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21421 + if (!filp || !filp->f_dentry || !filp->f_dentry->d_inode)
21424 + ret = __vc_get_iattr(filp->f_dentry->d_inode,
21425 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21429 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21435 +static int __vc_set_iattr(struct dentry *de, uint32_t *tag, uint32_t *flags, uint32_t *mask)
21437 + struct inode *in = de->d_inode;
21438 + int error = 0, is_proc = 0, has_tag = 0;
21439 + struct iattr attr = { 0 };
21441 + if (!in || !in->i_sb)
21444 + is_proc = (in->i_sb->s_magic == PROC_SUPER_MAGIC);
21445 + if ((*mask & IATTR_FLAGS) && !is_proc)
21448 + has_tag = IS_TAGGED(in) ||
21449 + (in->i_sb->s_magic == DEVPTS_SUPER_MAGIC);
21450 + if ((*mask & IATTR_TAG) && !has_tag)
21453 + mutex_lock(&in->i_mutex);
21454 + if (*mask & IATTR_TAG) {
21455 + attr.ia_tag = *tag;
21456 + attr.ia_valid |= ATTR_TAG;
21459 + if (*mask & IATTR_FLAGS) {
21460 + struct proc_dir_entry *entry = PROC_I(in)->pde;
21461 + unsigned int iflags = PROC_I(in)->vx_flags;
21463 + iflags = (iflags & ~(*mask & IATTR_FLAGS))
21464 + | (*flags & IATTR_FLAGS);
21465 + PROC_I(in)->vx_flags = iflags;
21467 + entry->vx_flags = iflags;
21470 + if (*mask & (IATTR_BARRIER | IATTR_IUNLINK | IATTR_IMMUTABLE)) {
21471 + if (*mask & IATTR_IMMUTABLE) {
21472 + if (*flags & IATTR_IMMUTABLE)
21473 + in->i_flags |= S_IMMUTABLE;
21475 + in->i_flags &= ~S_IMMUTABLE;
21477 + if (*mask & IATTR_IUNLINK) {
21478 + if (*flags & IATTR_IUNLINK)
21479 + in->i_flags |= S_IUNLINK;
21481 + in->i_flags &= ~S_IUNLINK;
21483 + if (S_ISDIR(in->i_mode) && (*mask & IATTR_BARRIER)) {
21484 + if (*flags & IATTR_BARRIER)
21485 + in->i_flags |= S_BARRIER;
21487 + in->i_flags &= ~S_BARRIER;
21489 + if (in->i_op && in->i_op->sync_flags) {
21490 + error = in->i_op->sync_flags(in);
21496 + if (attr.ia_valid) {
21497 + if (in->i_op && in->i_op->setattr)
21498 + error = in->i_op->setattr(de, &attr);
21500 + error = inode_change_ok(in, &attr);
21502 + error = inode_setattr(in, &attr);
21507 + mutex_unlock(&in->i_mutex);
21511 +int vc_set_iattr(void __user *data)
21513 + struct nameidata nd;
21514 + struct vcmd_ctx_iattr_v1 vc_data;
21517 + if (!capable(CAP_LINUX_IMMUTABLE))
21519 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21522 + ret = user_path_walk_link(vc_data.name, &nd);
21524 + ret = __vc_set_iattr(nd.path.dentry,
21525 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21526 + path_put(&nd.path);
21529 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21534 +#ifdef CONFIG_COMPAT
21536 +int vc_set_iattr_x32(void __user *data)
21538 + struct nameidata nd;
21539 + struct vcmd_ctx_iattr_v1_x32 vc_data;
21542 + if (!capable(CAP_LINUX_IMMUTABLE))
21544 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21547 + ret = user_path_walk_link(compat_ptr(vc_data.name_ptr), &nd);
21549 + ret = __vc_set_iattr(nd.path.dentry,
21550 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21551 + path_put(&nd.path);
21554 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21559 +#endif /* CONFIG_COMPAT */
21561 +int vc_fset_iattr(uint32_t fd, void __user *data)
21563 + struct file *filp;
21564 + struct vcmd_ctx_fiattr_v0 vc_data;
21567 + if (!capable(CAP_LINUX_IMMUTABLE))
21569 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21573 + if (!filp || !filp->f_dentry || !filp->f_dentry->d_inode)
21576 + ret = __vc_set_iattr(filp->f_dentry, &vc_data.tag,
21577 + &vc_data.flags, &vc_data.mask);
21581 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21587 +enum { Opt_notagcheck, Opt_tag, Opt_notag, Opt_tagid, Opt_err };
21589 +static match_table_t tokens = {
21590 + {Opt_notagcheck, "notagcheck"},
21591 +#ifdef CONFIG_PROPAGATE
21592 + {Opt_notag, "notag"},
21593 + {Opt_tag, "tag"},
21594 + {Opt_tagid, "tagid=%u"},
21600 +static void __dx_parse_remove(char *string, char *opt)
21602 + char *p = strstr(string, opt);
21606 + while (*q != '\0' && *q != ',')
21616 +int __dx_parse_tag(char *string, tag_t *tag, int remove)
21618 + substring_t args[MAX_OPT_ARGS];
21619 + int token, option = 0;
21624 + token = match_token(string, tokens, args);
21626 + vxdprintk(VXD_CBIT(tag, 7),
21627 + "dx_parse_tag(»%s«): %d:#%d",
21628 + string, token, option);
21635 + __dx_parse_remove(string, "tag");
21636 + return MNT_TAGID;
21639 + __dx_parse_remove(string, "notag");
21640 + return MNT_NOTAG;
21641 + case Opt_notagcheck:
21643 + __dx_parse_remove(string, "notagcheck");
21644 + return MNT_NOTAGCHECK;
21646 + if (tag && !match_int(args, &option))
21649 + __dx_parse_remove(string, "tagid");
21650 + return MNT_TAGID;
21655 +int dx_parse_tag(char *string, tag_t *tag, int remove)
21657 + int retval, flags = 0;
21659 + while ((retval = __dx_parse_tag(string, tag, remove)))
21664 +#ifdef CONFIG_PROPAGATE
21666 +void __dx_propagate_tag(struct nameidata *nd, struct inode *inode)
21668 + tag_t new_tag = 0;
21669 + struct vfsmount *mnt;
21674 + mnt = nd->path.mnt;
21678 + propagate = (mnt->mnt_flags & MNT_TAGID);
21680 + new_tag = mnt->mnt_tag;
21682 + vxdprintk(VXD_CBIT(tag, 7),
21683 + "dx_propagate_tag(%p[#%lu.%d]): %d,%d",
21684 + inode, inode->i_ino, inode->i_tag,
21685 + new_tag, (propagate) ? 1 : 0);
21688 + inode->i_tag = new_tag;
21691 +#include <linux/module.h>
21693 +EXPORT_SYMBOL_GPL(__dx_propagate_tag);
21695 +#endif /* CONFIG_PROPAGATE */
21697 diff -NurpP --minimal linux-2.6.25/kernel/vserver/Kconfig linux-2.6.25-vs2.3.0.34.9/kernel/vserver/Kconfig
21698 --- linux-2.6.25/kernel/vserver/Kconfig 1969-12-31 19:00:00.000000000 -0500
21699 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/Kconfig 2008-04-23 16:33:22.000000000 -0400
21702 +# Linux VServer configuration
21705 +menu "Linux VServer"
21707 +config VSERVER_AUTO_LBACK
21708 + bool "Automatically Assign Loopback IP"
21711 + Automatically assign a guest specific loopback
21712 + IP and add it to the kernel network stack on
21715 +config VSERVER_AUTO_SINGLE
21716 + bool "Automatic Single IP Special Casing"
21717 + depends on EXPERIMENTAL
21720 + This allows network contexts with a single IP to
21721 + automatically remap 0.0.0.0 bindings to that IP,
21722 + avoiding further network checks and improving
21725 + (note: such guests do not allow to change the ip
21726 + on the fly and do not show loopback addresses)
21728 +config VSERVER_COWBL
21729 + bool "Enable COW Immutable Link Breaking"
21732 + This enables the COW (Copy-On-Write) link break code.
21733 + It allows you to treat unified files like normal files
21734 + when writing to them (which will implicitely break the
21735 + link and create a copy of the unified file)
21737 +config VSERVER_VTIME
21738 + bool "Enable Virtualized Guest Time"
21739 + depends on EXPERIMENTAL
21742 + This enables per guest time offsets to allow for
21743 + adjusting the system clock individually per guest.
21744 + this adds some overhead to the time functions and
21745 + therefore should not be enabled without good reason.
21747 +config VSERVER_DEVICE
21748 + bool "Enable Guest Device Mapping"
21749 + depends on EXPERIMENTAL
21752 + This enables generic device remapping.
21754 +config VSERVER_PROC_SECURE
21755 + bool "Enable Proc Security"
21756 + depends on PROC_FS
21759 + This configures ProcFS security to initially hide
21760 + non-process entries for all contexts except the main and
21761 + spectator context (i.e. for all guests), which is a secure
21764 + (note: on 1.2x the entries were visible by default)
21766 +config VSERVER_HARDCPU
21767 + bool "Enable Hard CPU Limits"
21770 + Activate the Hard CPU Limits
21772 + This will compile in code that allows the Token Bucket
21773 + Scheduler to put processes on hold when a context's
21774 + tokens are depleted (provided that its per-context
21775 + sched_hard flag is set).
21777 + Processes belonging to that context will not be able
21778 + to consume CPU resources again until a per-context
21779 + configured minimum of tokens has been reached.
21781 +config VSERVER_IDLETIME
21782 + bool "Avoid idle CPUs by skipping Time"
21783 + depends on VSERVER_HARDCPU
21786 + This option allows the scheduler to artificially
21787 + advance time (per cpu) when otherwise the idle
21788 + task would be scheduled, thus keeping the cpu
21789 + busy and sharing the available resources among
21790 + certain contexts.
21792 +config VSERVER_IDLELIMIT
21793 + bool "Limit the IDLE task"
21794 + depends on VSERVER_HARDCPU
21797 + Limit the idle slices, so the the next context
21798 + will be scheduled as soon as possible.
21800 + This might improve interactivity and latency, but
21801 + will also marginally increase scheduling overhead.
21804 + prompt "Persistent Inode Tagging"
21805 + default TAGGING_ID24
21807 + This adds persistent context information to filesystems
21808 + mounted with the tagxid option. Tagging is a requirement
21809 + for per-context disk limits and per-context quota.
21812 +config TAGGING_NONE
21815 + do not store per-context information in inodes.
21817 +config TAGGING_UID16
21818 + bool "UID16/GID32"
21820 + reduces UID to 16 bit, but leaves GID at 32 bit.
21822 +config TAGGING_GID16
21823 + bool "UID32/GID16"
21825 + reduces GID to 16 bit, but leaves UID at 32 bit.
21827 +config TAGGING_ID24
21828 + bool "UID24/GID24"
21830 + uses the upper 8bit from UID and GID for XID tagging
21831 + which leaves 24bit for UID/GID each, which should be
21832 + more than sufficient for normal use.
21834 +config TAGGING_INTERN
21835 + bool "UID32/GID32"
21837 + this uses otherwise reserved inode fields in the on
21838 + disk representation, which limits the use to a few
21839 + filesystems (currently ext2 and ext3)
21844 + bool "Tag NFSD User Auth and Files"
21847 + Enable this if you do want the in-kernel NFS
21848 + Server to use the tagging specified above.
21849 + (will require patched clients too)
21851 +config VSERVER_PRIVACY
21852 + bool "Honor Privacy Aspects of Guests"
21855 + When enabled, most context checks will disallow
21856 + access to structures assigned to a specific context,
21857 + like ptys or loop devices.
21859 +config VSERVER_CONTEXTS
21860 + int "Maximum number of Contexts (1-65533)" if EMBEDDED
21862 + default "768" if 64BIT
21865 + This setting will optimize certain data structures
21866 + and memory allocations according to the expected
21869 + note: this is not a strict upper limit.
21871 +config VSERVER_WARN
21872 + bool "VServer Warnings"
21875 + This enables various runtime warnings, which will
21876 + notify about potential manipulation attempts or
21877 + resource shortage. It is generally considered to
21878 + be a good idea to have that enabled.
21880 +config VSERVER_DEBUG
21881 + bool "VServer Debugging Code"
21884 + Set this to yes if you want to be able to activate
21885 + debugging output at runtime. It adds a very small
21886 + overhead to all vserver related functions and
21887 + increases the kernel size by about 20k.
21889 +config VSERVER_HISTORY
21890 + bool "VServer History Tracing"
21891 + depends on VSERVER_DEBUG
21894 + Set this to yes if you want to record the history of
21895 + linux-vserver activities, so they can be replayed in
21896 + the event of a kernel panic or oops.
21898 +config VSERVER_HISTORY_SIZE
21899 + int "Per-CPU History Size (32-65536)"
21900 + depends on VSERVER_HISTORY
21904 + This allows you to specify the number of entries in
21905 + the per-CPU history buffer.
21907 +config VSERVER_MONITOR
21908 + bool "VServer Scheduling Monitor"
21909 + depends on VSERVER_DEBUG
21912 + Set this to yes if you want to record the scheduling
21913 + decisions, so that they can be relayed to userspace
21914 + for detailed analysis.
21916 +config VSERVER_MONITOR_SIZE
21917 + int "Per-CPU Monitor Queue Size (32-65536)"
21918 + depends on VSERVER_MONITOR
21922 + This allows you to specify the number of entries in
21923 + the per-CPU scheduling monitor buffer.
21925 +config VSERVER_MONITOR_SYNC
21926 + int "Per-CPU Monitor Sync Interval (0-65536)"
21927 + depends on VSERVER_MONITOR
21931 + This allows you to specify the interval in ticks
21932 + when a time sync entry is inserted.
21940 + select NAMESPACES
21947 +config VSERVER_SECURITY
21949 + depends on SECURITY
21951 + select SECURITY_CAPABILITIES
21953 diff -NurpP --minimal linux-2.6.25/kernel/vserver/limit.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/limit.c
21954 --- linux-2.6.25/kernel/vserver/limit.c 1969-12-31 19:00:00.000000000 -0500
21955 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/limit.c 2008-04-19 15:14:52.000000000 -0400
21958 + * linux/kernel/vserver/limit.c
21960 + * Virtual Server: Context Limits
21962 + * Copyright (C) 2004-2007 Herbert Pötzl
21964 + * V0.01 broken out from vcontext V0.05
21965 + * V0.02 changed vcmds to vxi arg
21969 +#include <linux/sched.h>
21970 +#include <linux/module.h>
21971 +#include <linux/vs_limit.h>
21972 +#include <linux/vserver/limit.h>
21973 +#include <linux/vserver/limit_cmd.h>
21975 +#include <asm/uaccess.h>
21978 +const char *vlimit_name[NUM_LIMITS] = {
21979 + [RLIMIT_CPU] = "CPU",
21980 + [RLIMIT_RSS] = "RSS",
21981 + [RLIMIT_NPROC] = "NPROC",
21982 + [RLIMIT_NOFILE] = "NOFILE",
21983 + [RLIMIT_MEMLOCK] = "VML",
21984 + [RLIMIT_AS] = "VM",
21985 + [RLIMIT_LOCKS] = "LOCKS",
21986 + [RLIMIT_SIGPENDING] = "SIGP",
21987 + [RLIMIT_MSGQUEUE] = "MSGQ",
21989 + [VLIMIT_NSOCK] = "NSOCK",
21990 + [VLIMIT_OPENFD] = "OPENFD",
21991 + [VLIMIT_ANON] = "ANON",
21992 + [VLIMIT_SHMEM] = "SHMEM",
21993 + [VLIMIT_DENTRY] = "DENTRY",
21996 +EXPORT_SYMBOL_GPL(vlimit_name);
21998 +#define MASK_ENTRY(x) (1 << (x))
22000 +const struct vcmd_ctx_rlimit_mask_v0 vlimit_mask = {
22003 + , /* softlimit */
22004 + MASK_ENTRY( RLIMIT_RSS ) |
22005 + MASK_ENTRY( VLIMIT_ANON ) |
22008 + MASK_ENTRY( RLIMIT_RSS ) |
22009 + MASK_ENTRY( RLIMIT_NPROC ) |
22010 + MASK_ENTRY( RLIMIT_NOFILE ) |
22011 + MASK_ENTRY( RLIMIT_MEMLOCK ) |
22012 + MASK_ENTRY( RLIMIT_AS ) |
22013 + MASK_ENTRY( RLIMIT_LOCKS ) |
22014 + MASK_ENTRY( RLIMIT_MSGQUEUE ) |
22016 + MASK_ENTRY( VLIMIT_NSOCK ) |
22017 + MASK_ENTRY( VLIMIT_OPENFD ) |
22018 + MASK_ENTRY( VLIMIT_ANON ) |
22019 + MASK_ENTRY( VLIMIT_SHMEM ) |
22020 + MASK_ENTRY( VLIMIT_DENTRY ) |
22023 + /* accounting only */
22024 +uint32_t account_mask =
22025 + MASK_ENTRY( VLIMIT_SEMARY ) |
22026 + MASK_ENTRY( VLIMIT_NSEMS ) |
22027 + MASK_ENTRY( VLIMIT_MAPPED ) |
22031 +static int is_valid_vlimit(int id)
22033 + uint32_t mask = vlimit_mask.minimum |
22034 + vlimit_mask.softlimit | vlimit_mask.maximum;
22035 + return mask & (1 << id);
22038 +static int is_accounted_vlimit(int id)
22040 + if (is_valid_vlimit(id))
22042 + return account_mask & (1 << id);
22046 +static inline uint64_t vc_get_soft(struct vx_info *vxi, int id)
22048 + rlim_t limit = __rlim_soft(&vxi->limit, id);
22049 + return VX_VLIM(limit);
22052 +static inline uint64_t vc_get_hard(struct vx_info *vxi, int id)
22054 + rlim_t limit = __rlim_hard(&vxi->limit, id);
22055 + return VX_VLIM(limit);
22058 +static int do_get_rlimit(struct vx_info *vxi, uint32_t id,
22059 + uint64_t *minimum, uint64_t *softlimit, uint64_t *maximum)
22061 + if (!is_valid_vlimit(id))
22065 + *minimum = CRLIM_UNSET;
22067 + *softlimit = vc_get_soft(vxi, id);
22069 + *maximum = vc_get_hard(vxi, id);
22073 +int vc_get_rlimit(struct vx_info *vxi, void __user *data)
22075 + struct vcmd_ctx_rlimit_v0 vc_data;
22078 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22081 + ret = do_get_rlimit(vxi, vc_data.id,
22082 + &vc_data.minimum, &vc_data.softlimit, &vc_data.maximum);
22086 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22091 +static int do_set_rlimit(struct vx_info *vxi, uint32_t id,
22092 + uint64_t minimum, uint64_t softlimit, uint64_t maximum)
22094 + if (!is_valid_vlimit(id))
22097 + if (maximum != CRLIM_KEEP)
22098 + __rlim_hard(&vxi->limit, id) = VX_RLIM(maximum);
22099 + if (softlimit != CRLIM_KEEP)
22100 + __rlim_soft(&vxi->limit, id) = VX_RLIM(softlimit);
22102 + /* clamp soft limit */
22103 + if (__rlim_soft(&vxi->limit, id) > __rlim_hard(&vxi->limit, id))
22104 + __rlim_soft(&vxi->limit, id) = __rlim_hard(&vxi->limit, id);
22109 +int vc_set_rlimit(struct vx_info *vxi, void __user *data)
22111 + struct vcmd_ctx_rlimit_v0 vc_data;
22113 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22116 + return do_set_rlimit(vxi, vc_data.id,
22117 + vc_data.minimum, vc_data.softlimit, vc_data.maximum);
22120 +#ifdef CONFIG_IA32_EMULATION
22122 +int vc_set_rlimit_x32(struct vx_info *vxi, void __user *data)
22124 + struct vcmd_ctx_rlimit_v0_x32 vc_data;
22126 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22129 + return do_set_rlimit(vxi, vc_data.id,
22130 + vc_data.minimum, vc_data.softlimit, vc_data.maximum);
22133 +int vc_get_rlimit_x32(struct vx_info *vxi, void __user *data)
22135 + struct vcmd_ctx_rlimit_v0_x32 vc_data;
22138 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22141 + ret = do_get_rlimit(vxi, vc_data.id,
22142 + &vc_data.minimum, &vc_data.softlimit, &vc_data.maximum);
22146 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22151 +#endif /* CONFIG_IA32_EMULATION */
22154 +int vc_get_rlimit_mask(uint32_t id, void __user *data)
22156 + if (copy_to_user(data, &vlimit_mask, sizeof(vlimit_mask)))
22162 +static inline void vx_reset_minmax(struct _vx_limit *limit)
22167 + for (lim = 0; lim < NUM_LIMITS; lim++) {
22168 + value = __rlim_get(limit, lim);
22169 + __rlim_rmax(limit, lim) = value;
22170 + __rlim_rmin(limit, lim) = value;
22175 +int vc_reset_minmax(struct vx_info *vxi, void __user *data)
22177 + vx_reset_minmax(&vxi->limit);
22182 +int vc_rlimit_stat(struct vx_info *vxi, void __user *data)
22184 + struct vcmd_rlimit_stat_v0 vc_data;
22185 + struct _vx_limit *limit = &vxi->limit;
22188 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22192 + if (!is_accounted_vlimit(id))
22195 + vx_limit_fixup(limit, id);
22196 + vc_data.hits = atomic_read(&__rlim_lhit(limit, id));
22197 + vc_data.value = __rlim_get(limit, id);
22198 + vc_data.minimum = __rlim_rmin(limit, id);
22199 + vc_data.maximum = __rlim_rmax(limit, id);
22201 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22207 +void vx_vsi_meminfo(struct sysinfo *val)
22209 + struct vx_info *vxi = current->vx_info;
22210 + unsigned long totalram, freeram;
22213 + /* we blindly accept the max */
22214 + v = __rlim_soft(&vxi->limit, RLIMIT_RSS);
22215 + totalram = (v != RLIM_INFINITY) ? v : val->totalram;
22217 + /* total minus used equals free */
22218 + v = __vx_cres_array_fixup(&vxi->limit, VLA_RSS);
22219 + freeram = (v < totalram) ? totalram - v : 0;
22221 + val->totalram = totalram;
22222 + val->freeram = freeram;
22223 + val->bufferram = 0;
22224 + val->totalhigh = 0;
22225 + val->freehigh = 0;
22229 +void vx_vsi_swapinfo(struct sysinfo *val)
22231 + struct vx_info *vxi = current->vx_info;
22232 + unsigned long totalswap, freeswap;
22235 + v = __rlim_soft(&vxi->limit, RLIMIT_RSS);
22236 + if (v == RLIM_INFINITY) {
22237 + val->freeswap = val->totalswap;
22241 + /* we blindly accept the max */
22242 + w = __rlim_hard(&vxi->limit, RLIMIT_RSS);
22243 + totalswap = (w != RLIM_INFINITY) ? (w - v) : val->totalswap;
22245 + /* currently 'used' swap */
22246 + w = __vx_cres_array_fixup(&vxi->limit, VLA_RSS);
22247 + w -= (w > v) ? v : w;
22249 + /* total minus used equals free */
22250 + freeswap = (w < totalswap) ? totalswap - w : 0;
22252 + val->totalswap = totalswap;
22253 + val->freeswap = freeswap;
22258 +unsigned long vx_badness(struct task_struct *task, struct mm_struct *mm)
22260 + struct vx_info *vxi = mm->mm_vx_info;
22261 + unsigned long points;
22267 + points = vxi->vx_badness_bias;
22269 + v = __vx_cres_array_fixup(&vxi->limit, VLA_RSS);
22270 + w = __rlim_soft(&vxi->limit, RLIMIT_RSS);
22271 + points += (v > w) ? (v - w) : 0;
22276 diff -NurpP --minimal linux-2.6.25/kernel/vserver/limit_init.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/limit_init.h
22277 --- linux-2.6.25/kernel/vserver/limit_init.h 1969-12-31 19:00:00.000000000 -0500
22278 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/limit_init.h 2008-04-19 15:14:52.000000000 -0400
22282 +static inline void vx_info_init_limit(struct _vx_limit *limit)
22286 + for (lim = 0; lim < NUM_LIMITS; lim++) {
22287 + __rlim_soft(limit, lim) = RLIM_INFINITY;
22288 + __rlim_hard(limit, lim) = RLIM_INFINITY;
22289 + __rlim_set(limit, lim, 0);
22290 + atomic_set(&__rlim_lhit(limit, lim), 0);
22291 + __rlim_rmin(limit, lim) = 0;
22292 + __rlim_rmax(limit, lim) = 0;
22296 +static inline void vx_info_exit_limit(struct _vx_limit *limit)
22298 +#ifdef CONFIG_VSERVER_WARN
22302 + for (lim = 0; lim < NUM_LIMITS; lim++) {
22303 + if ((1 << lim) & VLIM_NOCHECK)
22305 + value = __rlim_get(limit, lim);
22306 + vxwprintk_xid(value,
22307 + "!!! limit: %p[%s,%d] = %ld on exit.",
22308 + limit, vlimit_name[lim], lim, (long)value);
22313 diff -NurpP --minimal linux-2.6.25/kernel/vserver/limit_proc.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/limit_proc.h
22314 --- linux-2.6.25/kernel/vserver/limit_proc.h 1969-12-31 19:00:00.000000000 -0500
22315 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/limit_proc.h 2008-04-19 15:14:52.000000000 -0400
22317 +#ifndef _VX_LIMIT_PROC_H
22318 +#define _VX_LIMIT_PROC_H
22320 +#include <linux/vserver/limit_int.h>
22323 +#define VX_LIMIT_FMT ":\t%8ld\t%8ld/%8ld\t%8lld/%8lld\t%6d\n"
22324 +#define VX_LIMIT_TOP \
22325 + "Limit\t current\t min/max\t\t soft/hard\t\thits\n"
22327 +#define VX_LIMIT_ARG(r) \
22328 + (unsigned long)__rlim_get(limit, r), \
22329 + (unsigned long)__rlim_rmin(limit, r), \
22330 + (unsigned long)__rlim_rmax(limit, r), \
22331 + VX_VLIM(__rlim_soft(limit, r)), \
22332 + VX_VLIM(__rlim_hard(limit, r)), \
22333 + atomic_read(&__rlim_lhit(limit, r))
22335 +static inline int vx_info_proc_limit(struct _vx_limit *limit, char *buffer)
22337 + vx_limit_fixup(limit, -1);
22338 + return sprintf(buffer, VX_LIMIT_TOP
22339 + "PROC" VX_LIMIT_FMT
22340 + "VM" VX_LIMIT_FMT
22341 + "VML" VX_LIMIT_FMT
22342 + "RSS" VX_LIMIT_FMT
22343 + "ANON" VX_LIMIT_FMT
22344 + "RMAP" VX_LIMIT_FMT
22345 + "FILES" VX_LIMIT_FMT
22346 + "OFD" VX_LIMIT_FMT
22347 + "LOCKS" VX_LIMIT_FMT
22348 + "SOCK" VX_LIMIT_FMT
22349 + "MSGQ" VX_LIMIT_FMT
22350 + "SHM" VX_LIMIT_FMT
22351 + "SEMA" VX_LIMIT_FMT
22352 + "SEMS" VX_LIMIT_FMT
22353 + "DENT" VX_LIMIT_FMT,
22354 + VX_LIMIT_ARG(RLIMIT_NPROC),
22355 + VX_LIMIT_ARG(RLIMIT_AS),
22356 + VX_LIMIT_ARG(RLIMIT_MEMLOCK),
22357 + VX_LIMIT_ARG(RLIMIT_RSS),
22358 + VX_LIMIT_ARG(VLIMIT_ANON),
22359 + VX_LIMIT_ARG(VLIMIT_MAPPED),
22360 + VX_LIMIT_ARG(RLIMIT_NOFILE),
22361 + VX_LIMIT_ARG(VLIMIT_OPENFD),
22362 + VX_LIMIT_ARG(RLIMIT_LOCKS),
22363 + VX_LIMIT_ARG(VLIMIT_NSOCK),
22364 + VX_LIMIT_ARG(RLIMIT_MSGQUEUE),
22365 + VX_LIMIT_ARG(VLIMIT_SHMEM),
22366 + VX_LIMIT_ARG(VLIMIT_SEMARY),
22367 + VX_LIMIT_ARG(VLIMIT_NSEMS),
22368 + VX_LIMIT_ARG(VLIMIT_DENTRY));
22371 +#endif /* _VX_LIMIT_PROC_H */
22374 diff -NurpP --minimal linux-2.6.25/kernel/vserver/Makefile linux-2.6.25-vs2.3.0.34.9/kernel/vserver/Makefile
22375 --- linux-2.6.25/kernel/vserver/Makefile 1969-12-31 19:00:00.000000000 -0500
22376 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/Makefile 2008-04-19 15:14:52.000000000 -0400
22379 +# Makefile for the Linux vserver routines.
22383 +obj-y += vserver.o
22385 +vserver-y := switch.o context.o space.o sched.o network.o inode.o \
22386 + limit.o cvirt.o cacct.o signal.o helper.o init.o \
22389 +vserver-$(CONFIG_INET) += inet.o
22390 +vserver-$(CONFIG_PROC_FS) += proc.o
22391 +vserver-$(CONFIG_VSERVER_DEBUG) += sysctl.o debug.o
22392 +vserver-$(CONFIG_VSERVER_HISTORY) += history.o
22393 +vserver-$(CONFIG_VSERVER_MONITOR) += monitor.o
22394 +vserver-$(CONFIG_VSERVER_DEVICE) += device.o
22396 diff -NurpP --minimal linux-2.6.25/kernel/vserver/monitor.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/monitor.c
22397 --- linux-2.6.25/kernel/vserver/monitor.c 1969-12-31 19:00:00.000000000 -0500
22398 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/monitor.c 2008-04-19 15:14:52.000000000 -0400
22401 + * kernel/vserver/monitor.c
22403 + * Virtual Context Scheduler Monitor
22405 + * Copyright (C) 2006-2007 Herbert Pötzl
22407 + * V0.01 basic design
22411 +#include <linux/module.h>
22412 +#include <linux/jiffies.h>
22413 +#include <asm/uaccess.h>
22414 +#include <asm/atomic.h>
22416 +#include <linux/vserver/monitor.h>
22417 +#include <linux/vserver/debug_cmd.h>
22420 +#ifdef CONFIG_VSERVER_MONITOR
22421 +#define VXM_SIZE CONFIG_VSERVER_MONITOR_SIZE
22423 +#define VXM_SIZE 64
22426 +struct _vx_monitor {
22427 + unsigned int counter;
22429 + struct _vx_mon_entry entry[VXM_SIZE+1];
22433 +DEFINE_PER_CPU(struct _vx_monitor, vx_monitor_buffer);
22435 +unsigned volatile int vxm_active = 1;
22437 +static atomic_t sequence = ATOMIC_INIT(0);
22442 + * requires disabled preemption */
22444 +struct _vx_mon_entry *vxm_advance(int cpu)
22446 + struct _vx_monitor *mon = &per_cpu(vx_monitor_buffer, cpu);
22447 + struct _vx_mon_entry *entry;
22448 + unsigned int index;
22450 + index = vxm_active ? (mon->counter++ % VXM_SIZE) : VXM_SIZE;
22451 + entry = &mon->entry[index];
22453 + entry->ev.seq = atomic_inc_return(&sequence);
22454 + entry->ev.jif = jiffies;
22458 +EXPORT_SYMBOL_GPL(vxm_advance);
22461 +int do_read_monitor(struct __user _vx_mon_entry *data,
22462 + int cpu, uint32_t *index, uint32_t *count)
22464 + int pos, ret = 0;
22465 + struct _vx_monitor *mon = &per_cpu(vx_monitor_buffer, cpu);
22466 + int end = mon->counter;
22467 + int start = end - VXM_SIZE + 2;
22468 + int idx = *index;
22470 + /* special case: get current pos */
22476 + /* have we lost some data? */
22480 + for (pos = 0; (pos < *count) && (idx < end); pos++, idx++) {
22481 + struct _vx_mon_entry *entry =
22482 + &mon->entry[idx % VXM_SIZE];
22484 + /* send entry to userspace */
22485 + ret = copy_to_user(&data[pos], entry, sizeof(*entry));
22489 + /* save new index and count */
22492 + return ret ? ret : (*index < end);
22495 +int vc_read_monitor(uint32_t id, void __user *data)
22497 + struct vcmd_read_monitor_v0 vc_data;
22500 + if (id >= NR_CPUS)
22503 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22506 + ret = do_read_monitor((struct __user _vx_mon_entry *)vc_data.data,
22507 + id, &vc_data.index, &vc_data.count);
22509 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22514 +#ifdef CONFIG_COMPAT
22516 +int vc_read_monitor_x32(uint32_t id, void __user *data)
22518 + struct vcmd_read_monitor_v0_x32 vc_data;
22521 + if (id >= NR_CPUS)
22524 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22527 + ret = do_read_monitor((struct __user _vx_mon_entry *)
22528 + compat_ptr(vc_data.data_ptr),
22529 + id, &vc_data.index, &vc_data.count);
22531 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22536 +#endif /* CONFIG_COMPAT */
22538 diff -NurpP --minimal linux-2.6.25/kernel/vserver/network.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/network.c
22539 --- linux-2.6.25/kernel/vserver/network.c 1969-12-31 19:00:00.000000000 -0500
22540 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/network.c 2008-04-19 15:14:52.000000000 -0400
22543 + * linux/kernel/vserver/network.c
22545 + * Virtual Server: Network Support
22547 + * Copyright (C) 2003-2007 Herbert Pötzl
22549 + * V0.01 broken out from vcontext V0.05
22550 + * V0.02 cleaned up implementation
22551 + * V0.03 added equiv nx commands
22552 + * V0.04 switch to RCU based hash
22553 + * V0.05 and back to locking again
22554 + * V0.06 changed vcmds to nxi arg
22555 + * V0.07 have __create claim() the nxi
22559 +#include <linux/err.h>
22560 +#include <linux/slab.h>
22561 +#include <linux/rcupdate.h>
22563 +#include <linux/vs_network.h>
22564 +#include <linux/vs_pid.h>
22565 +#include <linux/vserver/network_cmd.h>
22568 +atomic_t nx_global_ctotal = ATOMIC_INIT(0);
22569 +atomic_t nx_global_cactive = ATOMIC_INIT(0);
22571 +static struct kmem_cache *nx_addr_v4_cachep = NULL;
22572 +static struct kmem_cache *nx_addr_v6_cachep = NULL;
22575 +static int __init init_network(void)
22577 + nx_addr_v4_cachep = kmem_cache_create("nx_v4_addr_cache",
22578 + sizeof(struct nx_addr_v4), 0,
22579 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
22580 + nx_addr_v6_cachep = kmem_cache_create("nx_v6_addr_cache",
22581 + sizeof(struct nx_addr_v6), 0,
22582 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
22587 +/* __alloc_nx_addr_v4() */
22589 +static inline struct nx_addr_v4 *__alloc_nx_addr_v4(void)
22591 + struct nx_addr_v4 *nxa = kmem_cache_alloc(
22592 + nx_addr_v4_cachep, GFP_KERNEL);
22594 + if (!IS_ERR(nxa))
22595 + memset(nxa, 0, sizeof(*nxa));
22599 +/* __dealloc_nx_addr_v4() */
22601 +static inline void __dealloc_nx_addr_v4(struct nx_addr_v4 *nxa)
22603 + kmem_cache_free(nx_addr_v4_cachep, nxa);
22606 +/* __dealloc_nx_addr_v4_all() */
22608 +static inline void __dealloc_nx_addr_v4_all(struct nx_addr_v4 *nxa)
22611 + struct nx_addr_v4 *next = nxa->next;
22613 + __dealloc_nx_addr_v4(nxa);
22619 +#ifdef CONFIG_IPV6
22621 +/* __alloc_nx_addr_v6() */
22623 +static inline struct nx_addr_v6 *__alloc_nx_addr_v6(void)
22625 + struct nx_addr_v6 *nxa = kmem_cache_alloc(
22626 + nx_addr_v6_cachep, GFP_KERNEL);
22628 + if (!IS_ERR(nxa))
22629 + memset(nxa, 0, sizeof(*nxa));
22633 +/* __dealloc_nx_addr_v6() */
22635 +static inline void __dealloc_nx_addr_v6(struct nx_addr_v6 *nxa)
22637 + kmem_cache_free(nx_addr_v6_cachep, nxa);
22640 +/* __dealloc_nx_addr_v6_all() */
22642 +static inline void __dealloc_nx_addr_v6_all(struct nx_addr_v6 *nxa)
22645 + struct nx_addr_v6 *next = nxa->next;
22647 + __dealloc_nx_addr_v6(nxa);
22652 +#endif /* CONFIG_IPV6 */
22654 +/* __alloc_nx_info()
22656 + * allocate an initialized nx_info struct
22657 + * doesn't make it visible (hash) */
22659 +static struct nx_info *__alloc_nx_info(nid_t nid)
22661 + struct nx_info *new = NULL;
22663 + vxdprintk(VXD_CBIT(nid, 1), "alloc_nx_info(%d)*", nid);
22665 + /* would this benefit from a slab cache? */
22666 + new = kmalloc(sizeof(struct nx_info), GFP_KERNEL);
22670 + memset(new, 0, sizeof(struct nx_info));
22671 + new->nx_id = nid;
22672 + INIT_HLIST_NODE(&new->nx_hlist);
22673 + atomic_set(&new->nx_usecnt, 0);
22674 + atomic_set(&new->nx_tasks, 0);
22675 + new->nx_state = 0;
22677 + new->nx_flags = NXF_INIT_SET;
22679 + /* rest of init goes here */
22681 + new->v4_lback.s_addr = htonl(INADDR_LOOPBACK);
22682 + new->v4_bcast.s_addr = htonl(INADDR_BROADCAST);
22684 + vxdprintk(VXD_CBIT(nid, 0),
22685 + "alloc_nx_info(%d) = %p", nid, new);
22686 + atomic_inc(&nx_global_ctotal);
22690 +/* __dealloc_nx_info()
22692 + * final disposal of nx_info */
22694 +static void __dealloc_nx_info(struct nx_info *nxi)
22696 + vxdprintk(VXD_CBIT(nid, 0),
22697 + "dealloc_nx_info(%p)", nxi);
22699 + nxi->nx_hlist.next = LIST_POISON1;
22702 + BUG_ON(atomic_read(&nxi->nx_usecnt));
22703 + BUG_ON(atomic_read(&nxi->nx_tasks));
22705 + __dealloc_nx_addr_v4_all(nxi->v4.next);
22707 + nxi->nx_state |= NXS_RELEASED;
22709 + atomic_dec(&nx_global_ctotal);
22712 +static void __shutdown_nx_info(struct nx_info *nxi)
22714 + nxi->nx_state |= NXS_SHUTDOWN;
22715 + vs_net_change(nxi, VSC_NETDOWN);
22718 +/* exported stuff */
22720 +void free_nx_info(struct nx_info *nxi)
22722 + /* context shutdown is mandatory */
22723 + BUG_ON(nxi->nx_state != NXS_SHUTDOWN);
22725 + /* context must not be hashed */
22726 + BUG_ON(nxi->nx_state & NXS_HASHED);
22728 + BUG_ON(atomic_read(&nxi->nx_usecnt));
22729 + BUG_ON(atomic_read(&nxi->nx_tasks));
22731 + __dealloc_nx_info(nxi);
22735 +void __nx_set_lback(struct nx_info *nxi)
22737 + int nid = nxi->nx_id;
22738 + __be32 lback = htonl(INADDR_LOOPBACK ^ ((nid & 0xFFFF) << 8));
22740 + nxi->v4_lback.s_addr = lback;
22743 +extern int __nx_inet_add_lback(__be32 addr);
22744 +extern int __nx_inet_del_lback(__be32 addr);
22747 +/* hash table for nx_info hash */
22749 +#define NX_HASH_SIZE 13
22751 +struct hlist_head nx_info_hash[NX_HASH_SIZE];
22753 +static spinlock_t nx_info_hash_lock = SPIN_LOCK_UNLOCKED;
22756 +static inline unsigned int __hashval(nid_t nid)
22758 + return (nid % NX_HASH_SIZE);
22763 +/* __hash_nx_info()
22765 + * add the nxi to the global hash table
22766 + * requires the hash_lock to be held */
22768 +static inline void __hash_nx_info(struct nx_info *nxi)
22770 + struct hlist_head *head;
22772 + vxd_assert_lock(&nx_info_hash_lock);
22773 + vxdprintk(VXD_CBIT(nid, 4),
22774 + "__hash_nx_info: %p[#%d]", nxi, nxi->nx_id);
22776 + /* context must not be hashed */
22777 + BUG_ON(nx_info_state(nxi, NXS_HASHED));
22779 + nxi->nx_state |= NXS_HASHED;
22780 + head = &nx_info_hash[__hashval(nxi->nx_id)];
22781 + hlist_add_head(&nxi->nx_hlist, head);
22782 + atomic_inc(&nx_global_cactive);
22785 +/* __unhash_nx_info()
22787 + * remove the nxi from the global hash table
22788 + * requires the hash_lock to be held */
22790 +static inline void __unhash_nx_info(struct nx_info *nxi)
22792 + vxd_assert_lock(&nx_info_hash_lock);
22793 + vxdprintk(VXD_CBIT(nid, 4),
22794 + "__unhash_nx_info: %p[#%d.%d.%d]", nxi, nxi->nx_id,
22795 + atomic_read(&nxi->nx_usecnt), atomic_read(&nxi->nx_tasks));
22797 + /* context must be hashed */
22798 + BUG_ON(!nx_info_state(nxi, NXS_HASHED));
22799 + /* but without tasks */
22800 + BUG_ON(atomic_read(&nxi->nx_tasks));
22802 + nxi->nx_state &= ~NXS_HASHED;
22803 + hlist_del(&nxi->nx_hlist);
22804 + atomic_dec(&nx_global_cactive);
22808 +/* __lookup_nx_info()
22810 + * requires the hash_lock to be held
22811 + * doesn't increment the nx_refcnt */
22813 +static inline struct nx_info *__lookup_nx_info(nid_t nid)
22815 + struct hlist_head *head = &nx_info_hash[__hashval(nid)];
22816 + struct hlist_node *pos;
22817 + struct nx_info *nxi;
22819 + vxd_assert_lock(&nx_info_hash_lock);
22820 + hlist_for_each(pos, head) {
22821 + nxi = hlist_entry(pos, struct nx_info, nx_hlist);
22823 + if (nxi->nx_id == nid)
22828 + vxdprintk(VXD_CBIT(nid, 0),
22829 + "__lookup_nx_info(#%u): %p[#%u]",
22830 + nid, nxi, nxi ? nxi->nx_id : 0);
22835 +/* __create_nx_info()
22837 + * create the requested context
22838 + * get(), claim() and hash it */
22840 +static struct nx_info *__create_nx_info(int id)
22842 + struct nx_info *new, *nxi = NULL;
22844 + vxdprintk(VXD_CBIT(nid, 1), "create_nx_info(%d)*", id);
22846 + if (!(new = __alloc_nx_info(id)))
22847 + return ERR_PTR(-ENOMEM);
22849 + /* required to make dynamic xids unique */
22850 + spin_lock(&nx_info_hash_lock);
22852 + /* static context requested */
22853 + if ((nxi = __lookup_nx_info(id))) {
22854 + vxdprintk(VXD_CBIT(nid, 0),
22855 + "create_nx_info(%d) = %p (already there)", id, nxi);
22856 + if (nx_info_flags(nxi, NXF_STATE_SETUP, 0))
22857 + nxi = ERR_PTR(-EBUSY);
22859 + nxi = ERR_PTR(-EEXIST);
22862 + /* new context */
22863 + vxdprintk(VXD_CBIT(nid, 0),
22864 + "create_nx_info(%d) = %p (new)", id, new);
22865 + claim_nx_info(new, NULL);
22866 + __nx_set_lback(new);
22867 + __hash_nx_info(get_nx_info(new));
22868 + nxi = new, new = NULL;
22871 + spin_unlock(&nx_info_hash_lock);
22873 + __dealloc_nx_info(new);
22879 +/* exported stuff */
22882 +void unhash_nx_info(struct nx_info *nxi)
22884 + __shutdown_nx_info(nxi);
22885 + spin_lock(&nx_info_hash_lock);
22886 + __unhash_nx_info(nxi);
22887 + spin_unlock(&nx_info_hash_lock);
22890 +/* lookup_nx_info()
22892 + * search for a nx_info and get() it
22893 + * negative id means current */
22895 +struct nx_info *lookup_nx_info(int id)
22897 + struct nx_info *nxi = NULL;
22900 + nxi = get_nx_info(current->nx_info);
22901 + } else if (id > 1) {
22902 + spin_lock(&nx_info_hash_lock);
22903 + nxi = get_nx_info(__lookup_nx_info(id));
22904 + spin_unlock(&nx_info_hash_lock);
22909 +/* nid_is_hashed()
22911 + * verify that nid is still hashed */
22913 +int nid_is_hashed(nid_t nid)
22917 + spin_lock(&nx_info_hash_lock);
22918 + hashed = (__lookup_nx_info(nid) != NULL);
22919 + spin_unlock(&nx_info_hash_lock);
22924 +#ifdef CONFIG_PROC_FS
22928 + * get a subset of hashed nids for proc
22929 + * assumes size is at least one */
22931 +int get_nid_list(int index, unsigned int *nids, int size)
22933 + int hindex, nr_nids = 0;
22935 + /* only show current and children */
22936 + if (!nx_check(0, VS_ADMIN | VS_WATCH)) {
22939 + nids[nr_nids] = nx_current_nid();
22943 + for (hindex = 0; hindex < NX_HASH_SIZE; hindex++) {
22944 + struct hlist_head *head = &nx_info_hash[hindex];
22945 + struct hlist_node *pos;
22947 + spin_lock(&nx_info_hash_lock);
22948 + hlist_for_each(pos, head) {
22949 + struct nx_info *nxi;
22954 + nxi = hlist_entry(pos, struct nx_info, nx_hlist);
22955 + nids[nr_nids] = nxi->nx_id;
22956 + if (++nr_nids >= size) {
22957 + spin_unlock(&nx_info_hash_lock);
22961 + /* keep the lock time short */
22962 + spin_unlock(&nx_info_hash_lock);
22971 + * migrate task to new network
22972 + * gets nxi, puts old_nxi on change
22975 +int nx_migrate_task(struct task_struct *p, struct nx_info *nxi)
22977 + struct nx_info *old_nxi;
22983 + vxdprintk(VXD_CBIT(nid, 5),
22984 + "nx_migrate_task(%p,%p[#%d.%d.%d])",
22985 + p, nxi, nxi->nx_id,
22986 + atomic_read(&nxi->nx_usecnt),
22987 + atomic_read(&nxi->nx_tasks));
22989 + if (nx_info_flags(nxi, NXF_INFO_PRIVATE, 0) &&
22990 + !nx_info_flags(nxi, NXF_STATE_SETUP, 0))
22993 + if (nx_info_state(nxi, NXS_SHUTDOWN))
22996 + /* maybe disallow this completely? */
22997 + old_nxi = task_get_nx_info(p);
22998 + if (old_nxi == nxi)
23003 + clr_nx_info(&p->nx_info);
23004 + claim_nx_info(nxi, p);
23005 + set_nx_info(&p->nx_info, nxi);
23006 + p->nid = nxi->nx_id;
23009 + vxdprintk(VXD_CBIT(nid, 5),
23010 + "moved task %p into nxi:%p[#%d]",
23011 + p, nxi, nxi->nx_id);
23014 + release_nx_info(old_nxi, p);
23017 + put_nx_info(old_nxi);
23022 +void nx_set_persistent(struct nx_info *nxi)
23024 + vxdprintk(VXD_CBIT(nid, 6),
23025 + "nx_set_persistent(%p[#%d])", nxi, nxi->nx_id);
23027 + get_nx_info(nxi);
23028 + claim_nx_info(nxi, NULL);
23031 +void nx_clear_persistent(struct nx_info *nxi)
23033 + vxdprintk(VXD_CBIT(nid, 6),
23034 + "nx_clear_persistent(%p[#%d])", nxi, nxi->nx_id);
23036 + release_nx_info(nxi, NULL);
23037 + put_nx_info(nxi);
23040 +void nx_update_persistent(struct nx_info *nxi)
23042 + if (nx_info_flags(nxi, NXF_PERSISTENT, 0))
23043 + nx_set_persistent(nxi);
23045 + nx_clear_persistent(nxi);
23048 +/* vserver syscall commands below here */
23050 +/* taks nid and nx_info functions */
23052 +#include <asm/uaccess.h>
23055 +int vc_task_nid(uint32_t id)
23060 + struct task_struct *tsk;
23062 + read_lock(&tasklist_lock);
23063 + tsk = find_task_by_real_pid(id);
23064 + nid = (tsk) ? tsk->nid : -ESRCH;
23065 + read_unlock(&tasklist_lock);
23067 + nid = nx_current_nid();
23072 +int vc_nx_info(struct nx_info *nxi, void __user *data)
23074 + struct vcmd_nx_info_v0 vc_data;
23076 + vc_data.nid = nxi->nx_id;
23078 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23084 +/* network functions */
23086 +int vc_net_create(uint32_t nid, void __user *data)
23088 + struct vcmd_net_create vc_data = { .flagword = NXF_INIT_SET };
23089 + struct nx_info *new_nxi;
23092 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23095 + if ((nid > MAX_S_CONTEXT) || (nid < 2))
23098 + new_nxi = __create_nx_info(nid);
23099 + if (IS_ERR(new_nxi))
23100 + return PTR_ERR(new_nxi);
23102 + /* initial flags */
23103 + new_nxi->nx_flags = vc_data.flagword;
23106 + if (vs_net_change(new_nxi, VSC_NETUP))
23109 + ret = nx_migrate_task(current, new_nxi);
23113 + /* return context id on success */
23114 + ret = new_nxi->nx_id;
23116 + /* get a reference for persistent contexts */
23117 + if ((vc_data.flagword & NXF_PERSISTENT))
23118 + nx_set_persistent(new_nxi);
23120 + release_nx_info(new_nxi, NULL);
23121 + put_nx_info(new_nxi);
23126 +int vc_net_migrate(struct nx_info *nxi, void __user *data)
23128 + return nx_migrate_task(current, nxi);
23133 +int do_add_v4_addr(struct nx_info *nxi, __be32 ip, __be32 ip2, __be32 mask,
23134 + uint16_t type, uint16_t flags)
23136 + struct nx_addr_v4 *nxa = &nxi->v4;
23138 + if (NX_IPV4(nxi)) {
23139 + /* locate last entry */
23140 + for (; nxa->next; nxa = nxa->next);
23141 + nxa->next = __alloc_nx_addr_v4();
23145 + return PTR_ERR(nxa);
23148 + if (nxi->v4.next)
23149 + /* remove single ip for ip list */
23150 + nxi->nx_flags &= ~NXF_SINGLE_IP;
23152 + nxa->ip[0].s_addr = ip;
23153 + nxa->ip[1].s_addr = ip2;
23154 + nxa->mask.s_addr = mask;
23155 + nxa->type = type;
23156 + nxa->flags = flags;
23161 +int vc_net_add(struct nx_info *nxi, void __user *data)
23163 + struct vcmd_net_addr_v0 vc_data;
23164 + int index, ret = 0;
23166 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23169 + switch (vc_data.type) {
23170 + case NXA_TYPE_IPV4:
23171 + if ((vc_data.count < 1) || (vc_data.count > 4))
23175 + while (index < vc_data.count) {
23176 + ret = do_add_v4_addr(nxi, vc_data.ip[index].s_addr, 0,
23177 + vc_data.mask[index].s_addr, NXA_TYPE_ADDR, 0);
23185 + case NXA_TYPE_IPV4|NXA_MOD_BCAST:
23186 + nxi->v4_bcast = vc_data.ip[0];
23190 + case NXA_TYPE_IPV4|NXA_MOD_LBACK:
23191 + nxi->v4_lback = vc_data.ip[0];
23202 +int vc_net_remove(struct nx_info *nxi, void __user *data)
23204 + struct vcmd_net_addr_v0 vc_data;
23206 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23209 + switch (vc_data.type) {
23210 + case NXA_TYPE_ANY:
23211 + __dealloc_nx_addr_v4_all(xchg(&nxi->v4.next, NULL));
23212 + memset(&nxi->v4, 0, sizeof(nxi->v4));
23222 +int vc_net_add_ipv4(struct nx_info *nxi, void __user *data)
23224 + struct vcmd_net_addr_ipv4_v1 vc_data;
23226 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23229 + switch (vc_data.type) {
23230 + case NXA_TYPE_ADDR:
23231 + case NXA_TYPE_RANGE:
23232 + case NXA_TYPE_MASK:
23233 + return do_add_v4_addr(nxi, vc_data.ip.s_addr, 0,
23234 + vc_data.mask.s_addr, vc_data.type, vc_data.flags);
23236 + case NXA_TYPE_ADDR | NXA_MOD_BCAST:
23237 + nxi->v4_bcast = vc_data.ip;
23240 + case NXA_TYPE_ADDR | NXA_MOD_LBACK:
23241 + nxi->v4_lback = vc_data.ip;
23250 +int vc_net_remove_ipv4(struct nx_info *nxi, void __user *data)
23252 + struct vcmd_net_addr_ipv4_v1 vc_data;
23254 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23257 + switch (vc_data.type) {
23258 +/* case NXA_TYPE_ADDR:
23261 + case NXA_TYPE_ANY:
23262 + __dealloc_nx_addr_v4_all(xchg(&nxi->v4.next, NULL));
23263 + memset(&nxi->v4, 0, sizeof(nxi->v4));
23273 +#ifdef CONFIG_IPV6
23275 +int do_add_v6_addr(struct nx_info *nxi,
23276 + struct in6_addr *ip, struct in6_addr *mask,
23277 + uint32_t prefix, uint16_t type, uint16_t flags)
23279 + struct nx_addr_v6 *nxa = &nxi->v6;
23281 + if (NX_IPV6(nxi)) {
23282 + /* locate last entry */
23283 + for (; nxa->next; nxa = nxa->next);
23284 + nxa->next = __alloc_nx_addr_v6();
23288 + return PTR_ERR(nxa);
23292 + nxa->mask = *mask;
23293 + nxa->prefix = prefix;
23294 + nxa->type = type;
23295 + nxa->flags = flags;
23300 +int vc_net_add_ipv6(struct nx_info *nxi, void __user *data)
23302 + struct vcmd_net_addr_ipv6_v1 vc_data;
23304 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23307 + switch (vc_data.type) {
23308 + case NXA_TYPE_ADDR:
23309 + case NXA_TYPE_MASK:
23310 + return do_add_v6_addr(nxi, &vc_data.ip, &vc_data.mask,
23311 + vc_data.prefix, vc_data.type, vc_data.flags);
23318 +int vc_net_remove_ipv6(struct nx_info *nxi, void __user *data)
23320 + struct vcmd_net_addr_ipv6_v1 vc_data;
23322 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23325 + switch (vc_data.type) {
23326 + case NXA_TYPE_ANY:
23327 + __dealloc_nx_addr_v6_all(xchg(&nxi->v6.next, NULL));
23328 + memset(&nxi->v6, 0, sizeof(nxi->v6));
23337 +#endif /* CONFIG_IPV6 */
23340 +int vc_get_nflags(struct nx_info *nxi, void __user *data)
23342 + struct vcmd_net_flags_v0 vc_data;
23344 + vc_data.flagword = nxi->nx_flags;
23346 + /* special STATE flag handling */
23347 + vc_data.mask = vs_mask_flags(~0ULL, nxi->nx_flags, NXF_ONE_TIME);
23349 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23354 +int vc_set_nflags(struct nx_info *nxi, void __user *data)
23356 + struct vcmd_net_flags_v0 vc_data;
23357 + uint64_t mask, trigger;
23359 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
23362 + /* special STATE flag handling */
23363 + mask = vs_mask_mask(vc_data.mask, nxi->nx_flags, NXF_ONE_TIME);
23364 + trigger = (mask & nxi->nx_flags) ^ (mask & vc_data.flagword);
23366 + nxi->nx_flags = vs_mask_flags(nxi->nx_flags,
23367 + vc_data.flagword, mask);
23368 + if (trigger & NXF_PERSISTENT)
23369 + nx_update_persistent(nxi);
23374 +int vc_get_ncaps(struct nx_info *nxi, void __user *data)
23376 + struct vcmd_net_caps_v0 vc_data;
23378 + vc_data.ncaps = nxi->nx_ncaps;
23379 + vc_data.cmask = ~0ULL;
23381 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23386 +int vc_set_ncaps(struct nx_info *nxi, void __user *data)
23388 + struct vcmd_net_caps_v0 vc_data;
23390 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
23393 + nxi->nx_ncaps = vs_mask_flags(nxi->nx_ncaps,
23394 + vc_data.ncaps, vc_data.cmask);
23399 +#include <linux/module.h>
23401 +module_init(init_network);
23403 +EXPORT_SYMBOL_GPL(free_nx_info);
23404 +EXPORT_SYMBOL_GPL(unhash_nx_info);
23406 diff -NurpP --minimal linux-2.6.25/kernel/vserver/proc.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/proc.c
23407 --- linux-2.6.25/kernel/vserver/proc.c 1969-12-31 19:00:00.000000000 -0500
23408 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/proc.c 2008-04-21 13:42:34.000000000 -0400
23411 + * linux/kernel/vserver/proc.c
23413 + * Virtual Context Support
23415 + * Copyright (C) 2003-2007 Herbert Pötzl
23417 + * V0.01 basic structure
23418 + * V0.02 adaptation vs1.3.0
23419 + * V0.03 proc permissions
23420 + * V0.04 locking/generic
23421 + * V0.05 next generation procfs
23422 + * V0.06 inode validation
23423 + * V0.07 generic rewrite vid
23424 + * V0.08 remove inode type
23428 +#include <linux/proc_fs.h>
23429 +#include <asm/unistd.h>
23431 +#include <linux/vs_context.h>
23432 +#include <linux/vs_network.h>
23433 +#include <linux/vs_cvirt.h>
23435 +#include <linux/in.h>
23436 +#include <linux/inetdevice.h>
23437 +#include <linux/vs_inet.h>
23438 +#include <linux/vs_inet6.h>
23440 +#include <linux/vserver/global.h>
23442 +#include "cvirt_proc.h"
23443 +#include "cacct_proc.h"
23444 +#include "limit_proc.h"
23445 +#include "sched_proc.h"
23446 +#include "vci_config.h"
23449 +static inline char *print_cap_t(char *buffer, kernel_cap_t *c)
23453 + CAP_FOR_EACH_U32(__capi) {
23454 + buffer += sprintf(buffer, "%08x",
23455 + c->cap[(_LINUX_CAPABILITY_U32S-1) - __capi]);
23461 +static struct proc_dir_entry *proc_virtual;
23463 +static struct proc_dir_entry *proc_virtnet;
23466 +/* first the actual feeds */
23469 +static int proc_vci(char *buffer)
23471 + return sprintf(buffer,
23472 + "VCIVersion:\t%04x:%04x\n"
23473 + "VCISyscall:\t%d\n"
23474 + "VCIKernel:\t%08x\n",
23475 + VCI_VERSION >> 16,
23476 + VCI_VERSION & 0xFFFF,
23478 + vci_kernel_config());
23481 +static int proc_virtual_info(char *buffer)
23483 + return proc_vci(buffer);
23486 +static int proc_virtual_status(char *buffer)
23488 + return sprintf(buffer,
23490 + "#CActive:\t%d\n"
23491 + "#NSProxy:\t%d\t%d %d %d %d %d %d\n",
23492 + atomic_read(&vx_global_ctotal),
23493 + atomic_read(&vx_global_cactive),
23494 + atomic_read(&vs_global_nsproxy),
23495 + atomic_read(&vs_global_fs),
23496 + atomic_read(&vs_global_mnt_ns),
23497 + atomic_read(&vs_global_uts_ns),
23498 + atomic_read(&vs_global_ipc_ns),
23499 + atomic_read(&vs_global_user_ns),
23500 + atomic_read(&vs_global_pid_ns));
23504 +int proc_vxi_info(struct vx_info *vxi, char *buffer)
23508 + length = sprintf(buffer,
23516 + vxi->vx_badness_bias);
23520 +int proc_vxi_status(struct vx_info *vxi, char *buffer)
23522 + char *orig = buffer;
23524 + buffer += sprintf(buffer,
23527 + "Flags:\t%016llx\n",
23528 + atomic_read(&vxi->vx_usecnt),
23529 + atomic_read(&vxi->vx_tasks),
23530 + (unsigned long long)vxi->vx_flags);
23532 + buffer += sprintf(buffer, "BCaps:\t");
23533 + buffer = print_cap_t(buffer, &vxi->vx_bcaps);
23534 + buffer += sprintf(buffer, "\n");
23536 + buffer += sprintf(buffer,
23537 + "CCaps:\t%016llx\n"
23538 + "Spaces:\t%08lx\n",
23539 + (unsigned long long)vxi->vx_ccaps,
23541 + return buffer - orig;
23544 +int proc_vxi_limit(struct vx_info *vxi, char *buffer)
23546 + return vx_info_proc_limit(&vxi->limit, buffer);
23549 +int proc_vxi_sched(struct vx_info *vxi, char *buffer)
23553 + length = vx_info_proc_sched(&vxi->sched, buffer);
23554 + for_each_online_cpu(cpu) {
23555 + length += vx_info_proc_sched_pc(
23556 + &vx_per_cpu(vxi, sched_pc, cpu),
23557 + buffer + length, cpu);
23562 +int proc_vxi_nsproxy(struct vx_info *vxi, char *buffer)
23564 + return vx_info_proc_nsproxy(vxi->vx_nsproxy, buffer);
23567 +int proc_vxi_cvirt(struct vx_info *vxi, char *buffer)
23571 + vx_update_load(vxi);
23572 + length = vx_info_proc_cvirt(&vxi->cvirt, buffer);
23573 + for_each_online_cpu(cpu) {
23574 + length += vx_info_proc_cvirt_pc(
23575 + &vx_per_cpu(vxi, cvirt_pc, cpu),
23576 + buffer + length, cpu);
23581 +int proc_vxi_cacct(struct vx_info *vxi, char *buffer)
23583 + return vx_info_proc_cacct(&vxi->cacct, buffer);
23587 +static int proc_virtnet_info(char *buffer)
23589 + return proc_vci(buffer);
23592 +static int proc_virtnet_status(char *buffer)
23594 + return sprintf(buffer,
23596 + "#CActive:\t%d\n",
23597 + atomic_read(&nx_global_ctotal),
23598 + atomic_read(&nx_global_cactive));
23601 +int proc_nxi_info(struct nx_info *nxi, char *buffer)
23603 + struct nx_addr_v4 *v4a;
23604 +#ifdef CONFIG_IPV6
23605 + struct nx_addr_v6 *v6a;
23609 + length = sprintf(buffer,
23612 + "Bcast:\t" NIPQUAD_FMT "\n"
23613 + "Lback:\t" NIPQUAD_FMT "\n",
23616 + NIPQUAD(nxi->v4_bcast.s_addr),
23617 + NIPQUAD(nxi->v4_lback.s_addr));
23619 + if (!NX_IPV4(nxi))
23621 + for (i = 0, v4a = &nxi->v4; v4a; i++, v4a = v4a->next)
23622 + length += sprintf(buffer + length, "%d:\t" NXAV4_FMT "\n",
23625 +#ifdef CONFIG_IPV6
23626 + if (!NX_IPV6(nxi))
23628 + for (i = 0, v6a = &nxi->v6; v6a; i++, v6a = v6a->next)
23629 + length += sprintf(buffer + length, "%d:\t" NXAV6_FMT "\n",
23636 +int proc_nxi_status(struct nx_info *nxi, char *buffer)
23640 + length = sprintf(buffer,
23643 + "Flags:\t%016llx\n"
23644 + "NCaps:\t%016llx\n",
23645 + atomic_read(&nxi->nx_usecnt),
23646 + atomic_read(&nxi->nx_tasks),
23647 + (unsigned long long)nxi->nx_flags,
23648 + (unsigned long long)nxi->nx_ncaps);
23654 +/* here the inode helpers */
23660 + struct inode_operations *iop;
23661 + struct file_operations *fop;
23662 + union proc_op op;
23665 +static struct inode *vs_proc_make_inode(struct super_block *sb, struct vs_entry *p)
23667 + struct inode *inode = new_inode(sb);
23672 + inode->i_mode = p->mode;
23674 + inode->i_op = p->iop;
23676 + inode->i_fop = p->fop;
23678 + inode->i_nlink = (p->mode & S_IFDIR) ? 2 : 1;
23679 + inode->i_flags |= S_IMMUTABLE;
23681 + inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
23683 + inode->i_uid = 0;
23684 + inode->i_gid = 0;
23685 + inode->i_tag = 0;
23690 +static struct dentry *vs_proc_instantiate(struct inode *dir,
23691 + struct dentry *dentry, int id, void *ptr)
23693 + struct vs_entry *p = ptr;
23694 + struct inode *inode = vs_proc_make_inode(dir->i_sb, p);
23695 + struct dentry *error = ERR_PTR(-EINVAL);
23700 + PROC_I(inode)->op = p->op;
23701 + PROC_I(inode)->fd = id;
23702 + d_add(dentry, inode);
23710 +typedef struct dentry *instantiate_t(struct inode *, struct dentry *, int, void *);
23713 + * Fill a directory entry.
23715 + * If possible create the dcache entry and derive our inode number and
23716 + * file type from dcache entry.
23718 + * Since all of the proc inode numbers are dynamically generated, the inode
23719 + * numbers do not exist until the inode is cache. This means creating the
23720 + * the dcache entry in readdir is necessary to keep the inode numbers
23721 + * reported by readdir in sync with the inode numbers reported
23724 +static int proc_fill_cache(struct file *filp, void *dirent, filldir_t filldir,
23725 + char *name, int len, instantiate_t instantiate, int id, void *ptr)
23727 + struct dentry *child, *dir = filp->f_dentry;
23728 + struct inode *inode;
23729 + struct qstr qname;
23731 + unsigned type = DT_UNKNOWN;
23733 + qname.name = name;
23735 + qname.hash = full_name_hash(name, len);
23737 + child = d_lookup(dir, &qname);
23739 + struct dentry *new;
23740 + new = d_alloc(dir, &qname);
23742 + child = instantiate(dir->d_inode, new, id, ptr);
23749 + if (!child || IS_ERR(child) || !child->d_inode)
23750 + goto end_instantiate;
23751 + inode = child->d_inode;
23753 + ino = inode->i_ino;
23754 + type = inode->i_mode >> 12;
23759 + ino = find_inode_number(dir, &qname);
23762 + return filldir(dirent, name, len, filp->f_pos, ino, type);
23767 +/* get and revalidate vx_info/xid */
23770 +struct vx_info *get_proc_vx_info(struct inode *inode)
23772 + return lookup_vx_info(PROC_I(inode)->fd);
23775 +static int proc_xid_revalidate(struct dentry *dentry, struct nameidata *nd)
23777 + struct inode *inode = dentry->d_inode;
23778 + xid_t xid = PROC_I(inode)->fd;
23780 + if (!xid || xid_is_hashed(xid))
23787 +/* get and revalidate nx_info/nid */
23789 +static int proc_nid_revalidate(struct dentry *dentry, struct nameidata *nd)
23791 + struct inode *inode = dentry->d_inode;
23792 + nid_t nid = PROC_I(inode)->fd;
23794 + if (!nid || nid_is_hashed(nid))
23802 +#define PROC_BLOCK_SIZE (PAGE_SIZE - 1024)
23804 +static ssize_t proc_vs_info_read(struct file *file, char __user *buf,
23805 + size_t count, loff_t *ppos)
23807 + struct inode *inode = file->f_dentry->d_inode;
23808 + unsigned long page;
23809 + ssize_t length = 0;
23811 + if (count > PROC_BLOCK_SIZE)
23812 + count = PROC_BLOCK_SIZE;
23814 + /* fade that out as soon as stable */
23815 + WARN_ON(PROC_I(inode)->fd);
23817 + if (!(page = __get_free_page(GFP_KERNEL)))
23820 + BUG_ON(!PROC_I(inode)->op.proc_vs_read);
23821 + length = PROC_I(inode)->op.proc_vs_read((char *)page);
23824 + length = simple_read_from_buffer(buf, count, ppos,
23825 + (char *)page, length);
23831 +static ssize_t proc_vx_info_read(struct file *file, char __user *buf,
23832 + size_t count, loff_t *ppos)
23834 + struct inode *inode = file->f_dentry->d_inode;
23835 + struct vx_info *vxi = NULL;
23836 + xid_t xid = PROC_I(inode)->fd;
23837 + unsigned long page;
23838 + ssize_t length = 0;
23840 + if (count > PROC_BLOCK_SIZE)
23841 + count = PROC_BLOCK_SIZE;
23843 + /* fade that out as soon as stable */
23845 + vxi = lookup_vx_info(xid);
23849 + length = -ENOMEM;
23850 + if (!(page = __get_free_page(GFP_KERNEL)))
23853 + BUG_ON(!PROC_I(inode)->op.proc_vxi_read);
23854 + length = PROC_I(inode)->op.proc_vxi_read(vxi, (char *)page);
23857 + length = simple_read_from_buffer(buf, count, ppos,
23858 + (char *)page, length);
23862 + put_vx_info(vxi);
23867 +static ssize_t proc_nx_info_read(struct file *file, char __user *buf,
23868 + size_t count, loff_t *ppos)
23870 + struct inode *inode = file->f_dentry->d_inode;
23871 + struct nx_info *nxi = NULL;
23872 + nid_t nid = PROC_I(inode)->fd;
23873 + unsigned long page;
23874 + ssize_t length = 0;
23876 + if (count > PROC_BLOCK_SIZE)
23877 + count = PROC_BLOCK_SIZE;
23879 + /* fade that out as soon as stable */
23881 + nxi = lookup_nx_info(nid);
23885 + length = -ENOMEM;
23886 + if (!(page = __get_free_page(GFP_KERNEL)))
23889 + BUG_ON(!PROC_I(inode)->op.proc_nxi_read);
23890 + length = PROC_I(inode)->op.proc_nxi_read(nxi, (char *)page);
23893 + length = simple_read_from_buffer(buf, count, ppos,
23894 + (char *)page, length);
23898 + put_nx_info(nxi);
23905 +/* here comes the lower level */
23908 +#define NOD(NAME, MODE, IOP, FOP, OP) { \
23909 + .len = sizeof(NAME) - 1, \
23910 + .name = (NAME), \
23918 +#define DIR(NAME, MODE, OTYPE) \
23919 + NOD(NAME, (S_IFDIR | (MODE)), \
23920 + &proc_ ## OTYPE ## _inode_operations, \
23921 + &proc_ ## OTYPE ## _file_operations, { } )
23923 +#define INF(NAME, MODE, OTYPE) \
23924 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
23925 + &proc_vs_info_file_operations, \
23926 + { .proc_vs_read = &proc_##OTYPE } )
23928 +#define VINF(NAME, MODE, OTYPE) \
23929 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
23930 + &proc_vx_info_file_operations, \
23931 + { .proc_vxi_read = &proc_##OTYPE } )
23933 +#define NINF(NAME, MODE, OTYPE) \
23934 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
23935 + &proc_nx_info_file_operations, \
23936 + { .proc_nxi_read = &proc_##OTYPE } )
23939 +static struct file_operations proc_vs_info_file_operations = {
23940 + .read = proc_vs_info_read,
23943 +static struct file_operations proc_vx_info_file_operations = {
23944 + .read = proc_vx_info_read,
23947 +static struct dentry_operations proc_xid_dentry_operations = {
23948 + .d_revalidate = proc_xid_revalidate,
23951 +static struct vs_entry vx_base_stuff[] = {
23952 + VINF("info", S_IRUGO, vxi_info),
23953 + VINF("status", S_IRUGO, vxi_status),
23954 + VINF("limit", S_IRUGO, vxi_limit),
23955 + VINF("sched", S_IRUGO, vxi_sched),
23956 + VINF("nsproxy", S_IRUGO, vxi_nsproxy),
23957 + VINF("cvirt", S_IRUGO, vxi_cvirt),
23958 + VINF("cacct", S_IRUGO, vxi_cacct),
23965 +static struct dentry *proc_xid_instantiate(struct inode *dir,
23966 + struct dentry *dentry, int id, void *ptr)
23968 + dentry->d_op = &proc_xid_dentry_operations;
23969 + return vs_proc_instantiate(dir, dentry, id, ptr);
23972 +static struct dentry *proc_xid_lookup(struct inode *dir,
23973 + struct dentry *dentry, struct nameidata *nd)
23975 + struct vs_entry *p = vx_base_stuff;
23976 + struct dentry *error = ERR_PTR(-ENOENT);
23978 + for (; p->name; p++) {
23979 + if (p->len != dentry->d_name.len)
23981 + if (!memcmp(dentry->d_name.name, p->name, p->len))
23987 + error = proc_xid_instantiate(dir, dentry, PROC_I(dir)->fd, p);
23992 +static int proc_xid_readdir(struct file *filp,
23993 + void *dirent, filldir_t filldir)
23995 + struct dentry *dentry = filp->f_dentry;
23996 + struct inode *inode = dentry->d_inode;
23997 + struct vs_entry *p = vx_base_stuff;
23998 + int size = sizeof(vx_base_stuff) / sizeof(struct vs_entry);
24002 + pos = filp->f_pos;
24005 + ino = inode->i_ino;
24006 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24009 + /* fall through */
24011 + ino = parent_ino(dentry);
24012 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24015 + /* fall through */
24018 + if (index >= size)
24020 + for (p += index; p->name; p++) {
24021 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24022 + vs_proc_instantiate, PROC_I(inode)->fd, p))
24028 + filp->f_pos = pos;
24034 +static struct file_operations proc_nx_info_file_operations = {
24035 + .read = proc_nx_info_read,
24038 +static struct dentry_operations proc_nid_dentry_operations = {
24039 + .d_revalidate = proc_nid_revalidate,
24042 +static struct vs_entry nx_base_stuff[] = {
24043 + NINF("info", S_IRUGO, nxi_info),
24044 + NINF("status", S_IRUGO, nxi_status),
24049 +static struct dentry *proc_nid_instantiate(struct inode *dir,
24050 + struct dentry *dentry, int id, void *ptr)
24052 + dentry->d_op = &proc_nid_dentry_operations;
24053 + return vs_proc_instantiate(dir, dentry, id, ptr);
24056 +static struct dentry *proc_nid_lookup(struct inode *dir,
24057 + struct dentry *dentry, struct nameidata *nd)
24059 + struct vs_entry *p = nx_base_stuff;
24060 + struct dentry *error = ERR_PTR(-ENOENT);
24062 + for (; p->name; p++) {
24063 + if (p->len != dentry->d_name.len)
24065 + if (!memcmp(dentry->d_name.name, p->name, p->len))
24071 + error = proc_nid_instantiate(dir, dentry, PROC_I(dir)->fd, p);
24076 +static int proc_nid_readdir(struct file *filp,
24077 + void *dirent, filldir_t filldir)
24079 + struct dentry *dentry = filp->f_dentry;
24080 + struct inode *inode = dentry->d_inode;
24081 + struct vs_entry *p = nx_base_stuff;
24082 + int size = sizeof(nx_base_stuff) / sizeof(struct vs_entry);
24086 + pos = filp->f_pos;
24089 + ino = inode->i_ino;
24090 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24093 + /* fall through */
24095 + ino = parent_ino(dentry);
24096 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24099 + /* fall through */
24102 + if (index >= size)
24104 + for (p += index; p->name; p++) {
24105 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24106 + vs_proc_instantiate, PROC_I(inode)->fd, p))
24112 + filp->f_pos = pos;
24117 +#define MAX_MULBY10 ((~0U - 9) / 10)
24119 +static inline int atovid(const char *str, int len)
24124 + while (len-- > 0) {
24129 + if (vid >= MAX_MULBY10)
24139 +/* now the upper level (virtual) */
24142 +static struct file_operations proc_xid_file_operations = {
24143 + .read = generic_read_dir,
24144 + .readdir = proc_xid_readdir,
24147 +static struct inode_operations proc_xid_inode_operations = {
24148 + .lookup = proc_xid_lookup,
24151 +static struct vs_entry vx_virtual_stuff[] = {
24152 + INF("info", S_IRUGO, virtual_info),
24153 + INF("status", S_IRUGO, virtual_status),
24154 + DIR(NULL, S_IRUGO | S_IXUGO, xid),
24158 +static struct dentry *proc_virtual_lookup(struct inode *dir,
24159 + struct dentry *dentry, struct nameidata *nd)
24161 + struct vs_entry *p = vx_virtual_stuff;
24162 + struct dentry *error = ERR_PTR(-ENOENT);
24165 + for (; p->name; p++) {
24166 + if (p->len != dentry->d_name.len)
24168 + if (!memcmp(dentry->d_name.name, p->name, p->len))
24172 + goto instantiate;
24174 + id = atovid(dentry->d_name.name, dentry->d_name.len);
24175 + if ((id < 0) || !xid_is_hashed(id))
24179 + error = proc_xid_instantiate(dir, dentry, id, p);
24184 +static struct file_operations proc_nid_file_operations = {
24185 + .read = generic_read_dir,
24186 + .readdir = proc_nid_readdir,
24189 +static struct inode_operations proc_nid_inode_operations = {
24190 + .lookup = proc_nid_lookup,
24193 +static struct vs_entry nx_virtnet_stuff[] = {
24194 + INF("info", S_IRUGO, virtnet_info),
24195 + INF("status", S_IRUGO, virtnet_status),
24196 + DIR(NULL, S_IRUGO | S_IXUGO, nid),
24200 +static struct dentry *proc_virtnet_lookup(struct inode *dir,
24201 + struct dentry *dentry, struct nameidata *nd)
24203 + struct vs_entry *p = nx_virtnet_stuff;
24204 + struct dentry *error = ERR_PTR(-ENOENT);
24207 + for (; p->name; p++) {
24208 + if (p->len != dentry->d_name.len)
24210 + if (!memcmp(dentry->d_name.name, p->name, p->len))
24214 + goto instantiate;
24216 + id = atovid(dentry->d_name.name, dentry->d_name.len);
24217 + if ((id < 0) || !nid_is_hashed(id))
24221 + error = proc_nid_instantiate(dir, dentry, id, p);
24227 +#define PROC_MAXVIDS 32
24229 +int proc_virtual_readdir(struct file *filp,
24230 + void *dirent, filldir_t filldir)
24232 + struct dentry *dentry = filp->f_dentry;
24233 + struct inode *inode = dentry->d_inode;
24234 + struct vs_entry *p = vx_virtual_stuff;
24235 + int size = sizeof(vx_virtual_stuff) / sizeof(struct vs_entry);
24237 + unsigned int xid_array[PROC_MAXVIDS];
24238 + char buf[PROC_NUMBUF];
24239 + unsigned int nr_xids, i;
24242 + pos = filp->f_pos;
24245 + ino = inode->i_ino;
24246 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24249 + /* fall through */
24251 + ino = parent_ino(dentry);
24252 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24255 + /* fall through */
24258 + if (index >= size)
24260 + for (p += index; p->name; p++) {
24261 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24262 + vs_proc_instantiate, 0, p))
24267 + index = pos - size;
24268 + p = &vx_virtual_stuff[size - 1];
24269 + nr_xids = get_xid_list(index, xid_array, PROC_MAXVIDS);
24270 + for (i = 0; i < nr_xids; i++) {
24271 + int n, xid = xid_array[i];
24272 + unsigned int j = PROC_NUMBUF;
24276 + buf[--j] = '0' + (n % 10);
24279 + if (proc_fill_cache(filp, dirent, filldir,
24280 + buf + j, PROC_NUMBUF - j,
24281 + vs_proc_instantiate, xid, p))
24287 + filp->f_pos = pos;
24291 +static int proc_virtual_getattr(struct vfsmount *mnt,
24292 + struct dentry *dentry, struct kstat *stat)
24294 + struct inode *inode = dentry->d_inode;
24296 + generic_fillattr(inode, stat);
24297 + stat->nlink = 2 + atomic_read(&vx_global_cactive);
24301 +static struct file_operations proc_virtual_dir_operations = {
24302 + .read = generic_read_dir,
24303 + .readdir = proc_virtual_readdir,
24306 +static struct inode_operations proc_virtual_dir_inode_operations = {
24307 + .getattr = proc_virtual_getattr,
24308 + .lookup = proc_virtual_lookup,
24315 +int proc_virtnet_readdir(struct file *filp,
24316 + void *dirent, filldir_t filldir)
24318 + struct dentry *dentry = filp->f_dentry;
24319 + struct inode *inode = dentry->d_inode;
24320 + struct vs_entry *p = nx_virtnet_stuff;
24321 + int size = sizeof(nx_virtnet_stuff) / sizeof(struct vs_entry);
24323 + unsigned int nid_array[PROC_MAXVIDS];
24324 + char buf[PROC_NUMBUF];
24325 + unsigned int nr_nids, i;
24328 + pos = filp->f_pos;
24331 + ino = inode->i_ino;
24332 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24335 + /* fall through */
24337 + ino = parent_ino(dentry);
24338 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24341 + /* fall through */
24344 + if (index >= size)
24346 + for (p += index; p->name; p++) {
24347 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24348 + vs_proc_instantiate, 0, p))
24353 + index = pos - size;
24354 + p = &nx_virtnet_stuff[size - 1];
24355 + nr_nids = get_nid_list(index, nid_array, PROC_MAXVIDS);
24356 + for (i = 0; i < nr_nids; i++) {
24357 + int n, nid = nid_array[i];
24358 + unsigned int j = PROC_NUMBUF;
24362 + buf[--j] = '0' + (n % 10);
24365 + if (proc_fill_cache(filp, dirent, filldir,
24366 + buf + j, PROC_NUMBUF - j,
24367 + vs_proc_instantiate, nid, p))
24373 + filp->f_pos = pos;
24377 +static int proc_virtnet_getattr(struct vfsmount *mnt,
24378 + struct dentry *dentry, struct kstat *stat)
24380 + struct inode *inode = dentry->d_inode;
24382 + generic_fillattr(inode, stat);
24383 + stat->nlink = 2 + atomic_read(&nx_global_cactive);
24387 +static struct file_operations proc_virtnet_dir_operations = {
24388 + .read = generic_read_dir,
24389 + .readdir = proc_virtnet_readdir,
24392 +static struct inode_operations proc_virtnet_dir_inode_operations = {
24393 + .getattr = proc_virtnet_getattr,
24394 + .lookup = proc_virtnet_lookup,
24399 +void proc_vx_init(void)
24401 + struct proc_dir_entry *ent;
24403 + ent = proc_mkdir("virtual", 0);
24405 + ent->proc_fops = &proc_virtual_dir_operations;
24406 + ent->proc_iops = &proc_virtual_dir_inode_operations;
24408 + proc_virtual = ent;
24410 + ent = proc_mkdir("virtnet", 0);
24412 + ent->proc_fops = &proc_virtnet_dir_operations;
24413 + ent->proc_iops = &proc_virtnet_dir_inode_operations;
24415 + proc_virtnet = ent;
24421 +/* per pid info */
24424 +int proc_pid_vx_info(struct task_struct *p, char *buffer)
24426 + struct vx_info *vxi;
24427 + char *orig = buffer;
24429 + buffer += sprintf(buffer, "XID:\t%d\n", vx_task_xid(p));
24431 + vxi = task_get_vx_info(p);
24435 + buffer += sprintf(buffer, "BCaps:\t");
24436 + buffer = print_cap_t(buffer, &vxi->vx_bcaps);
24437 + buffer += sprintf(buffer, "\n");
24438 + buffer += sprintf(buffer, "CCaps:\t%016llx\n",
24439 + (unsigned long long)vxi->vx_ccaps);
24440 + buffer += sprintf(buffer, "CFlags:\t%016llx\n",
24441 + (unsigned long long)vxi->vx_flags);
24442 + buffer += sprintf(buffer, "CIPid:\t%d\n", vxi->vx_initpid);
24444 + put_vx_info(vxi);
24446 + return buffer - orig;
24450 +int proc_pid_nx_info(struct task_struct *p, char *buffer)
24452 + struct nx_info *nxi;
24453 + struct nx_addr_v4 *v4a;
24454 +#ifdef CONFIG_IPV6
24455 + struct nx_addr_v6 *v6a;
24457 + char *orig = buffer;
24460 + buffer += sprintf(buffer, "NID:\t%d\n", nx_task_nid(p));
24462 + nxi = task_get_nx_info(p);
24466 + buffer += sprintf(buffer, "NCaps:\t%016llx\n",
24467 + (unsigned long long)nxi->nx_ncaps);
24468 + buffer += sprintf(buffer, "NFlags:\t%016llx\n",
24469 + (unsigned long long)nxi->nx_flags);
24471 + buffer += sprintf(buffer,
24472 + "V4Root[bcast]:\t" NIPQUAD_FMT "\n",
24473 + NIPQUAD(nxi->v4_bcast.s_addr));
24474 + buffer += sprintf (buffer,
24475 + "V4Root[lback]:\t" NIPQUAD_FMT "\n",
24476 + NIPQUAD(nxi->v4_lback.s_addr));
24477 + if (!NX_IPV4(nxi))
24479 + for (i = 0, v4a = &nxi->v4; v4a; i++, v4a = v4a->next)
24480 + buffer += sprintf(buffer, "V4Root[%d]:\t" NXAV4_FMT "\n",
24483 +#ifdef CONFIG_IPV6
24484 + if (!NX_IPV6(nxi))
24486 + for (i = 0, v6a = &nxi->v6; v6a; i++, v6a = v6a->next)
24487 + buffer += sprintf(buffer, "V6Root[%d]:\t" NXAV6_FMT "\n",
24491 + put_nx_info(nxi);
24493 + return buffer - orig;
24496 diff -NurpP --minimal linux-2.6.25/kernel/vserver/sched.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sched.c
24497 --- linux-2.6.25/kernel/vserver/sched.c 1969-12-31 19:00:00.000000000 -0500
24498 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sched.c 2008-04-29 18:40:09.000000000 -0400
24501 + * linux/kernel/vserver/sched.c
24503 + * Virtual Server: Scheduler Support
24505 + * Copyright (C) 2004-2007 Herbert Pötzl
24507 + * V0.01 adapted Sam Vilains version to 2.6.3
24508 + * V0.02 removed legacy interface
24509 + * V0.03 changed vcmds to vxi arg
24510 + * V0.04 removed older and legacy interfaces
24514 +#include <linux/vs_context.h>
24515 +#include <linux/vs_sched.h>
24516 +#include <linux/vserver/sched_cmd.h>
24518 +#include <asm/uaccess.h>
24521 +#define vxd_check_range(val, min, max) do { \
24522 + vxlprintk((val < min) || (val > max), \
24523 + "check_range(%ld,%ld,%ld)", \
24524 + (long)val, (long)min, (long)max, \
24525 + __FILE__, __LINE__); \
24529 +void vx_update_sched_param(struct _vx_sched *sched,
24530 + struct _vx_sched_pc *sched_pc)
24532 + unsigned int set_mask = sched->update_mask;
24534 + if (set_mask & VXSM_FILL_RATE)
24535 + sched_pc->fill_rate[0] = sched->fill_rate[0];
24536 + if (set_mask & VXSM_INTERVAL)
24537 + sched_pc->interval[0] = sched->interval[0];
24538 + if (set_mask & VXSM_FILL_RATE2)
24539 + sched_pc->fill_rate[1] = sched->fill_rate[1];
24540 + if (set_mask & VXSM_INTERVAL2)
24541 + sched_pc->interval[1] = sched->interval[1];
24542 + if (set_mask & VXSM_TOKENS)
24543 + sched_pc->tokens = sched->tokens;
24544 + if (set_mask & VXSM_TOKENS_MIN)
24545 + sched_pc->tokens_min = sched->tokens_min;
24546 + if (set_mask & VXSM_TOKENS_MAX)
24547 + sched_pc->tokens_max = sched->tokens_max;
24548 + if (set_mask & VXSM_PRIO_BIAS)
24549 + sched_pc->prio_bias = sched->prio_bias;
24551 + if (set_mask & VXSM_IDLE_TIME)
24552 + sched_pc->flags |= VXSF_IDLE_TIME;
24554 + sched_pc->flags &= ~VXSF_IDLE_TIME;
24557 + sched_pc->norm_time = jiffies;
24562 + * recalculate the context's scheduling tokens
24564 + * ret > 0 : number of tokens available
24565 + * ret < 0 : on hold, check delta_min[]
24566 + * -1 only jiffies
24567 + * -2 also idle time
24570 +int vx_tokens_recalc(struct _vx_sched_pc *sched_pc,
24571 + unsigned long *norm_time, unsigned long *idle_time, int delta_min[2])
24575 + int flags = sched_pc->flags;
24577 + /* how much time did pass? */
24578 + delta = *norm_time - sched_pc->norm_time;
24579 + vxd_check_range(delta, 0, INT_MAX);
24581 + if (delta >= sched_pc->interval[0]) {
24582 + long tokens, integral;
24584 + /* calc integral token part */
24585 + tokens = delta / sched_pc->interval[0];
24586 + integral = tokens * sched_pc->interval[0];
24587 + tokens *= sched_pc->fill_rate[0];
24588 +#ifdef CONFIG_VSERVER_HARDCPU
24589 + delta_min[0] = delta - integral;
24590 + vxd_check_range(delta_min[0], 0, sched_pc->interval[0]);
24592 + /* advance time */
24593 + sched_pc->norm_time += delta;
24596 + sched_pc->tokens += tokens;
24597 + sched_pc->token_time += tokens;
24599 + delta_min[0] = delta;
24601 +#ifdef CONFIG_VSERVER_IDLETIME
24602 + if (!(flags & VXSF_IDLE_TIME))
24605 + /* how much was the idle skip? */
24606 + delta = *idle_time - sched_pc->idle_time;
24607 + vxd_check_range(delta, 0, INT_MAX);
24609 + if (delta >= sched_pc->interval[1]) {
24610 + long tokens, integral;
24612 + /* calc fair share token part */
24613 + tokens = delta / sched_pc->interval[1];
24614 + integral = tokens * sched_pc->interval[1];
24615 + tokens *= sched_pc->fill_rate[1];
24616 + delta_min[1] = delta - integral;
24617 + vxd_check_range(delta_min[1], 0, sched_pc->interval[1]);
24619 + /* advance idle time */
24620 + sched_pc->idle_time += integral;
24623 + sched_pc->tokens += tokens;
24624 + sched_pc->token_time += tokens;
24626 + delta_min[1] = delta;
24630 + /* clip at maximum */
24631 + if (sched_pc->tokens > sched_pc->tokens_max)
24632 + sched_pc->tokens = sched_pc->tokens_max;
24633 + tokens = sched_pc->tokens;
24635 + if ((flags & VXSF_ONHOLD)) {
24636 + /* can we unhold? */
24637 + if (tokens >= sched_pc->tokens_min) {
24638 + flags &= ~VXSF_ONHOLD;
24639 + sched_pc->hold_ticks +=
24640 + *norm_time - sched_pc->onhold;
24644 + /* put on hold? */
24645 + if (tokens <= 0) {
24646 + flags |= VXSF_ONHOLD;
24647 + sched_pc->onhold = *norm_time;
24651 + sched_pc->flags = flags;
24655 + tokens = sched_pc->tokens_min - tokens;
24656 + sched_pc->flags = flags;
24657 + BUG_ON(tokens < 0);
24659 +#ifdef CONFIG_VSERVER_HARDCPU
24660 + /* next interval? */
24661 + if (!sched_pc->fill_rate[0])
24662 + delta_min[0] = HZ;
24663 + else if (tokens > sched_pc->fill_rate[0])
24664 + delta_min[0] += sched_pc->interval[0] *
24665 + tokens / sched_pc->fill_rate[0];
24667 + delta_min[0] = sched_pc->interval[0] - delta_min[0];
24668 + vxd_check_range(delta_min[0], 0, INT_MAX);
24670 +#ifdef CONFIG_VSERVER_IDLETIME
24671 + if (!(flags & VXSF_IDLE_TIME))
24674 + /* next interval? */
24675 + if (!sched_pc->fill_rate[1])
24676 + delta_min[1] = HZ;
24677 + else if (tokens > sched_pc->fill_rate[1])
24678 + delta_min[1] += sched_pc->interval[1] *
24679 + tokens / sched_pc->fill_rate[1];
24681 + delta_min[1] = sched_pc->interval[1] - delta_min[1];
24682 + vxd_check_range(delta_min[1], 0, INT_MAX);
24687 +#endif /* CONFIG_VSERVER_IDLETIME */
24690 +#endif /* CONFIG_VSERVER_HARDCPU */
24693 +static inline unsigned long msec_to_ticks(unsigned long msec)
24695 + return msecs_to_jiffies(msec);
24698 +static inline unsigned long ticks_to_msec(unsigned long ticks)
24700 + return jiffies_to_msecs(ticks);
24703 +static inline unsigned long ticks_to_usec(unsigned long ticks)
24705 + return jiffies_to_usecs(ticks);
24709 +static int do_set_sched(struct vx_info *vxi, struct vcmd_sched_v5 *data)
24711 + unsigned int set_mask = data->mask;
24712 + unsigned int update_mask;
24715 + /* Sanity check data values */
24716 + if (data->tokens_max <= 0)
24717 + data->tokens_max = HZ;
24718 + if (data->tokens_min < 0)
24719 + data->tokens_min = HZ / 3;
24720 + if (data->tokens_min >= data->tokens_max)
24721 + data->tokens_min = data->tokens_max;
24723 + if (data->prio_bias > MAX_PRIO_BIAS)
24724 + data->prio_bias = MAX_PRIO_BIAS;
24725 + if (data->prio_bias < MIN_PRIO_BIAS)
24726 + data->prio_bias = MIN_PRIO_BIAS;
24728 + spin_lock(&vxi->sched.tokens_lock);
24730 + /* sync up on delayed updates */
24731 + for_each_cpu_mask(cpu, vxi->sched.update)
24732 + vx_update_sched_param(&vxi->sched,
24733 + &vx_per_cpu(vxi, sched_pc, cpu));
24735 + if (set_mask & VXSM_FILL_RATE)
24736 + vxi->sched.fill_rate[0] = data->fill_rate[0];
24737 + if (set_mask & VXSM_FILL_RATE2)
24738 + vxi->sched.fill_rate[1] = data->fill_rate[1];
24739 + if (set_mask & VXSM_INTERVAL)
24740 + vxi->sched.interval[0] = (set_mask & VXSM_MSEC) ?
24741 + msec_to_ticks(data->interval[0]) : data->interval[0];
24742 + if (set_mask & VXSM_INTERVAL2)
24743 + vxi->sched.interval[1] = (set_mask & VXSM_MSEC) ?
24744 + msec_to_ticks(data->interval[1]) : data->interval[1];
24745 + if (set_mask & VXSM_TOKENS)
24746 + vxi->sched.tokens = data->tokens;
24747 + if (set_mask & VXSM_TOKENS_MIN)
24748 + vxi->sched.tokens_min = data->tokens_min;
24749 + if (set_mask & VXSM_TOKENS_MAX)
24750 + vxi->sched.tokens_max = data->tokens_max;
24751 + if (set_mask & VXSM_PRIO_BIAS)
24752 + vxi->sched.prio_bias = data->prio_bias;
24754 + /* Sanity check rate/interval */
24755 + for (i = 0; i < 2; i++) {
24756 + if (data->fill_rate[i] < 0)
24757 + data->fill_rate[i] = 0;
24758 + if (data->interval[i] <= 0)
24759 + data->interval[i] = HZ;
24762 + update_mask = vxi->sched.update_mask & VXSM_SET_MASK;
24763 + update_mask |= (set_mask & (VXSM_SET_MASK | VXSM_IDLE_TIME));
24764 + vxi->sched.update_mask = update_mask;
24768 + if (set_mask & VXSM_CPU_ID) {
24769 + vxi->sched.update = cpumask_of_cpu(data->cpu_id);
24770 + cpus_and(vxi->sched.update, cpu_online_map,
24771 + vxi->sched.update);
24773 + vxi->sched.update = cpu_online_map;
24775 + /* forced reload? */
24776 + if (set_mask & VXSM_FORCE) {
24777 + for_each_cpu_mask(cpu, vxi->sched.update)
24778 + vx_update_sched_param(&vxi->sched,
24779 + &vx_per_cpu(vxi, sched_pc, cpu));
24780 + vxi->sched.update = CPU_MASK_NONE;
24783 + /* on UP we update immediately */
24784 + vx_update_sched_param(&vxi->sched,
24785 + &vx_per_cpu(vxi, sched_pc, 0));
24788 + spin_unlock(&vxi->sched.tokens_lock);
24793 +#define COPY_IDS(C) C(cpu_id); C(bucket_id)
24794 +#define COPY_PRI(C) C(prio_bias)
24795 +#define COPY_TOK(C) C(tokens); C(tokens_min); C(tokens_max)
24796 +#define COPY_FRI(C) C(fill_rate[0]); C(interval[0]); \
24797 + C(fill_rate[1]); C(interval[1]);
24799 +#define COPY_VALUE(name) vc_data.name = data->name
24801 +static int do_set_sched_v4(struct vx_info *vxi, struct vcmd_set_sched_v4 *data)
24803 + struct vcmd_sched_v5 vc_data;
24805 + vc_data.mask = data->set_mask;
24806 + COPY_IDS(COPY_VALUE);
24807 + COPY_PRI(COPY_VALUE);
24808 + COPY_TOK(COPY_VALUE);
24809 + vc_data.fill_rate[0] = vc_data.fill_rate[1] = data->fill_rate;
24810 + vc_data.interval[0] = vc_data.interval[1] = data->interval;
24811 + return do_set_sched(vxi, &vc_data);
24814 +int vc_set_sched_v4(struct vx_info *vxi, void __user *data)
24816 + struct vcmd_set_sched_v4 vc_data;
24818 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
24821 + return do_set_sched_v4(vxi, &vc_data);
24824 + /* latest interface is v5 */
24826 +int vc_set_sched(struct vx_info *vxi, void __user *data)
24828 + struct vcmd_sched_v5 vc_data;
24830 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
24833 + return do_set_sched(vxi, &vc_data);
24837 +#define COPY_PRI(C) C(prio_bias)
24838 +#define COPY_TOK(C) C(tokens); C(tokens_min); C(tokens_max)
24839 +#define COPY_FRI(C) C(fill_rate[0]); C(interval[0]); \
24840 + C(fill_rate[1]); C(interval[1]);
24842 +#define COPY_VALUE(name) vc_data.name = data->name
24845 +int vc_get_sched(struct vx_info *vxi, void __user *data)
24847 + struct vcmd_sched_v5 vc_data;
24849 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
24852 + if (vc_data.mask & VXSM_CPU_ID) {
24853 + int cpu = vc_data.cpu_id;
24854 + struct _vx_sched_pc *data;
24856 + if (!cpu_possible(cpu))
24859 + data = &vx_per_cpu(vxi, sched_pc, cpu);
24860 + COPY_TOK(COPY_VALUE);
24861 + COPY_PRI(COPY_VALUE);
24862 + COPY_FRI(COPY_VALUE);
24864 + if (data->flags & VXSF_IDLE_TIME)
24865 + vc_data.mask |= VXSM_IDLE_TIME;
24867 + struct _vx_sched *data = &vxi->sched;
24869 + COPY_TOK(COPY_VALUE);
24870 + COPY_PRI(COPY_VALUE);
24871 + COPY_FRI(COPY_VALUE);
24874 + if (vc_data.mask & VXSM_MSEC) {
24875 + vc_data.interval[0] = ticks_to_msec(vc_data.interval[0]);
24876 + vc_data.interval[1] = ticks_to_msec(vc_data.interval[1]);
24879 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
24885 +int vc_sched_info(struct vx_info *vxi, void __user *data)
24887 + struct vcmd_sched_info vc_data;
24890 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
24893 + cpu = vc_data.cpu_id;
24894 + if (!cpu_possible(cpu))
24898 + struct _vx_sched_pc *sched_pc =
24899 + &vx_per_cpu(vxi, sched_pc, cpu);
24901 + vc_data.user_msec = ticks_to_msec(sched_pc->user_ticks);
24902 + vc_data.sys_msec = ticks_to_msec(sched_pc->sys_ticks);
24903 + vc_data.hold_msec = ticks_to_msec(sched_pc->hold_ticks);
24904 + vc_data.vavavoom = sched_pc->vavavoom;
24906 + vc_data.token_usec = ticks_to_usec(1);
24908 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
24913 diff -NurpP --minimal linux-2.6.25/kernel/vserver/sched_init.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sched_init.h
24914 --- linux-2.6.25/kernel/vserver/sched_init.h 1969-12-31 19:00:00.000000000 -0500
24915 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sched_init.h 2008-04-19 15:14:52.000000000 -0400
24918 +static inline void vx_info_init_sched(struct _vx_sched *sched)
24920 + static struct lock_class_key tokens_lock_key;
24922 + /* scheduling; hard code starting values as constants */
24923 + sched->fill_rate[0] = 1;
24924 + sched->interval[0] = 4;
24925 + sched->fill_rate[1] = 1;
24926 + sched->interval[1] = 8;
24927 + sched->tokens = HZ >> 2;
24928 + sched->tokens_min = HZ >> 4;
24929 + sched->tokens_max = HZ >> 1;
24930 + sched->tokens_lock = SPIN_LOCK_UNLOCKED;
24931 + sched->prio_bias = 0;
24933 + lockdep_set_class(&sched->tokens_lock, &tokens_lock_key);
24937 +void vx_info_init_sched_pc(struct _vx_sched_pc *sched_pc, int cpu)
24939 + sched_pc->fill_rate[0] = 1;
24940 + sched_pc->interval[0] = 4;
24941 + sched_pc->fill_rate[1] = 1;
24942 + sched_pc->interval[1] = 8;
24943 + sched_pc->tokens = HZ >> 2;
24944 + sched_pc->tokens_min = HZ >> 4;
24945 + sched_pc->tokens_max = HZ >> 1;
24946 + sched_pc->prio_bias = 0;
24947 + sched_pc->vavavoom = 0;
24948 + sched_pc->token_time = 0;
24949 + sched_pc->idle_time = 0;
24950 + sched_pc->norm_time = jiffies;
24952 + sched_pc->user_ticks = 0;
24953 + sched_pc->sys_ticks = 0;
24954 + sched_pc->hold_ticks = 0;
24957 +static inline void vx_info_exit_sched(struct _vx_sched *sched)
24963 +void vx_info_exit_sched_pc(struct _vx_sched_pc *sched_pc, int cpu)
24967 diff -NurpP --minimal linux-2.6.25/kernel/vserver/sched_proc.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sched_proc.h
24968 --- linux-2.6.25/kernel/vserver/sched_proc.h 1969-12-31 19:00:00.000000000 -0500
24969 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sched_proc.h 2008-04-19 15:14:52.000000000 -0400
24971 +#ifndef _VX_SCHED_PROC_H
24972 +#define _VX_SCHED_PROC_H
24976 +int vx_info_proc_sched(struct _vx_sched *sched, char *buffer)
24980 + length += sprintf(buffer,
24981 + "FillRate:\t%8d,%d\n"
24982 + "Interval:\t%8d,%d\n"
24983 + "TokensMin:\t%8d\n"
24984 + "TokensMax:\t%8d\n"
24985 + "PrioBias:\t%8d\n",
24986 + sched->fill_rate[0],
24987 + sched->fill_rate[1],
24988 + sched->interval[0],
24989 + sched->interval[1],
24990 + sched->tokens_min,
24991 + sched->tokens_max,
24992 + sched->prio_bias);
24997 +int vx_info_proc_sched_pc(struct _vx_sched_pc *sched_pc,
24998 + char *buffer, int cpu)
25002 + length += sprintf(buffer + length,
25003 + "cpu %d: %lld %lld %lld %ld %ld", cpu,
25004 + (unsigned long long)sched_pc->user_ticks,
25005 + (unsigned long long)sched_pc->sys_ticks,
25006 + (unsigned long long)sched_pc->hold_ticks,
25007 + sched_pc->token_time,
25008 + sched_pc->idle_time);
25009 + length += sprintf(buffer + length,
25010 + " %c%c %d %d %d %d/%d %d/%d",
25011 + (sched_pc->flags & VXSF_ONHOLD) ? 'H' : 'R',
25012 + (sched_pc->flags & VXSF_IDLE_TIME) ? 'I' : '-',
25013 + sched_pc->tokens,
25014 + sched_pc->tokens_min,
25015 + sched_pc->tokens_max,
25016 + sched_pc->fill_rate[0],
25017 + sched_pc->interval[0],
25018 + sched_pc->fill_rate[1],
25019 + sched_pc->interval[1]);
25020 + length += sprintf(buffer + length,
25022 + sched_pc->prio_bias,
25023 + sched_pc->vavavoom);
25027 +#endif /* _VX_SCHED_PROC_H */
25028 diff -NurpP --minimal linux-2.6.25/kernel/vserver/signal.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/signal.c
25029 --- linux-2.6.25/kernel/vserver/signal.c 1969-12-31 19:00:00.000000000 -0500
25030 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/signal.c 2008-04-19 15:14:52.000000000 -0400
25033 + * linux/kernel/vserver/signal.c
25035 + * Virtual Server: Signal Support
25037 + * Copyright (C) 2003-2007 Herbert Pötzl
25039 + * V0.01 broken out from vcontext V0.05
25040 + * V0.02 changed vcmds to vxi arg
25041 + * V0.03 adjusted siginfo for kill
25045 +#include <asm/uaccess.h>
25047 +#include <linux/vs_context.h>
25048 +#include <linux/vs_pid.h>
25049 +#include <linux/vserver/signal_cmd.h>
25052 +int vx_info_kill(struct vx_info *vxi, int pid, int sig)
25054 + int retval, count = 0;
25055 + struct task_struct *p;
25056 + struct siginfo *sip = SEND_SIG_PRIV;
25059 + vxdprintk(VXD_CBIT(misc, 4),
25060 + "vx_info_kill(%p[#%d],%d,%d)*",
25061 + vxi, vxi->vx_id, pid, sig);
25062 + read_lock(&tasklist_lock);
25066 + for_each_process(p) {
25069 + if (vx_task_xid(p) != vxi->vx_id || p->pid <= 1 ||
25070 + (pid && vxi->vx_initpid == p->pid))
25073 + err = group_send_sig_info(sig, sip, p);
25075 + if (err != -EPERM)
25081 + if (vxi->vx_initpid) {
25082 + pid = vxi->vx_initpid;
25083 + /* for now, only SIGINT to private init ... */
25084 + if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
25085 + /* ... as long as there are tasks left */
25086 + (atomic_read(&vxi->vx_tasks) > 1))
25089 + /* fallthrough */
25091 + p = find_task_by_real_pid(pid);
25093 + if (vx_task_xid(p) == vxi->vx_id)
25094 + retval = group_send_sig_info(sig, sip, p);
25098 + read_unlock(&tasklist_lock);
25099 + vxdprintk(VXD_CBIT(misc, 4),
25100 + "vx_info_kill(%p[#%d],%d,%d,%ld) = %d",
25101 + vxi, vxi->vx_id, pid, sig, (long)sip, retval);
25105 +int vc_ctx_kill(struct vx_info *vxi, void __user *data)
25107 + struct vcmd_ctx_kill_v0 vc_data;
25109 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
25112 + /* special check to allow guest shutdown */
25113 + if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
25114 + /* forbid killall pid=0 when init is present */
25115 + (((vc_data.pid < 1) && vxi->vx_initpid) ||
25116 + (vc_data.pid > 1)))
25119 + return vx_info_kill(vxi, vc_data.pid, vc_data.sig);
25123 +static int __wait_exit(struct vx_info *vxi)
25125 + DECLARE_WAITQUEUE(wait, current);
25128 + add_wait_queue(&vxi->vx_wait, &wait);
25129 + set_current_state(TASK_INTERRUPTIBLE);
25132 + if (vx_info_state(vxi,
25133 + VXS_SHUTDOWN | VXS_HASHED | VXS_HELPER) == VXS_SHUTDOWN)
25135 + if (signal_pending(current)) {
25136 + ret = -ERESTARTSYS;
25143 + set_current_state(TASK_RUNNING);
25144 + remove_wait_queue(&vxi->vx_wait, &wait);
25150 +int vc_wait_exit(struct vx_info *vxi, void __user *data)
25152 + struct vcmd_wait_exit_v0 vc_data;
25155 + ret = __wait_exit(vxi);
25156 + vc_data.reboot_cmd = vxi->reboot_cmd;
25157 + vc_data.exit_code = vxi->exit_code;
25159 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
25164 diff -NurpP --minimal linux-2.6.25/kernel/vserver/space.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/space.c
25165 --- linux-2.6.25/kernel/vserver/space.c 1969-12-31 19:00:00.000000000 -0500
25166 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/space.c 2008-04-21 12:26:27.000000000 -0400
25169 + * linux/kernel/vserver/space.c
25171 + * Virtual Server: Context Space Support
25173 + * Copyright (C) 2003-2007 Herbert Pötzl
25175 + * V0.01 broken out from context.c 0.07
25176 + * V0.02 added task locking for namespace
25177 + * V0.03 broken out vx_enter_namespace
25178 + * V0.04 added *space support and commands
25182 +#include <linux/utsname.h>
25183 +#include <linux/nsproxy.h>
25184 +#include <linux/err.h>
25185 +#include <asm/uaccess.h>
25187 +#include <linux/vs_context.h>
25188 +#include <linux/vserver/space.h>
25189 +#include <linux/vserver/space_cmd.h>
25191 +atomic_t vs_global_nsproxy = ATOMIC_INIT(0);
25192 +atomic_t vs_global_fs = ATOMIC_INIT(0);
25193 +atomic_t vs_global_mnt_ns = ATOMIC_INIT(0);
25194 +atomic_t vs_global_uts_ns = ATOMIC_INIT(0);
25195 +atomic_t vs_global_ipc_ns = ATOMIC_INIT(0);
25196 +atomic_t vs_global_user_ns = ATOMIC_INIT(0);
25197 +atomic_t vs_global_pid_ns = ATOMIC_INIT(0);
25200 +/* namespace functions */
25202 +#include <linux/mnt_namespace.h>
25203 +#include <linux/user_namespace.h>
25204 +#include <linux/pid_namespace.h>
25205 +#include <linux/ipc_namespace.h>
25207 +const struct vcmd_space_mask space_mask = {
25208 + .mask = CLONE_NEWNS |
25217 + * build a new nsproxy mix
25218 + * assumes that both proxies are 'const'
25219 + * does not touch nsproxy refcounts
25220 + * will hold a reference on the result.
25223 +struct nsproxy *vs_mix_nsproxy(struct nsproxy *old_nsproxy,
25224 + struct nsproxy *new_nsproxy, unsigned long mask)
25226 + struct mnt_namespace *old_ns;
25227 + struct uts_namespace *old_uts;
25228 + struct ipc_namespace *old_ipc;
25229 + struct pid_namespace *old_pid;
25230 + struct user_namespace *old_user;
25231 + struct nsproxy *nsproxy;
25233 + nsproxy = copy_nsproxy(old_nsproxy);
25237 + if (mask & CLONE_NEWNS) {
25238 + old_ns = nsproxy->mnt_ns;
25239 + nsproxy->mnt_ns = new_nsproxy->mnt_ns;
25240 + if (nsproxy->mnt_ns)
25241 + get_mnt_ns(nsproxy->mnt_ns);
25245 + if (mask & CLONE_NEWUTS) {
25246 + old_uts = nsproxy->uts_ns;
25247 + nsproxy->uts_ns = new_nsproxy->uts_ns;
25248 + if (nsproxy->uts_ns)
25249 + get_uts_ns(nsproxy->uts_ns);
25253 + if (mask & CLONE_NEWIPC) {
25254 + old_ipc = nsproxy->ipc_ns;
25255 + nsproxy->ipc_ns = new_nsproxy->ipc_ns;
25256 + if (nsproxy->ipc_ns)
25257 + get_ipc_ns(nsproxy->ipc_ns);
25261 + if (mask & CLONE_NEWUSER) {
25262 + old_user = nsproxy->user_ns;
25263 + nsproxy->user_ns = new_nsproxy->user_ns;
25264 + if (nsproxy->user_ns)
25265 + get_user_ns(nsproxy->user_ns);
25269 + if (mask & CLONE_NEWPID) {
25270 + old_pid = nsproxy->pid_ns;
25271 + nsproxy->pid_ns = new_nsproxy->pid_ns;
25272 + if (nsproxy->pid_ns)
25273 + get_pid_ns(nsproxy->pid_ns);
25278 + put_mnt_ns(old_ns);
25280 + put_uts_ns(old_uts);
25282 + put_ipc_ns(old_ipc);
25284 + put_pid_ns(old_pid);
25286 + put_user_ns(old_user);
25293 + * merge two nsproxy structs into a new one.
25294 + * will hold a reference on the result.
25298 +struct nsproxy *__vs_merge_nsproxy(struct nsproxy *old,
25299 + struct nsproxy *proxy, unsigned long mask)
25301 + struct nsproxy null_proxy = { .mnt_ns = NULL };
25307 + /* vs_mix_nsproxy returns with reference */
25308 + return vs_mix_nsproxy(old ? old : &null_proxy,
25311 + get_nsproxy(proxy);
25316 + * merge two fs structs into a new one.
25317 + * will take a reference on the result.
25321 +struct fs_struct *__vs_merge_fs(struct fs_struct *old,
25322 + struct fs_struct *fs, unsigned long mask)
25324 + if (!(mask & CLONE_FS)) {
25326 + atomic_inc(&old->count);
25333 + return copy_fs_struct(fs);
25337 +int vx_enter_space(struct vx_info *vxi, unsigned long mask)
25339 + struct nsproxy *proxy, *proxy_cur, *proxy_new;
25340 + struct fs_struct *fs, *fs_cur, *fs_new;
25343 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
25347 + mask = vxi->vx_nsmask;
25349 + if ((mask & vxi->vx_nsmask) != mask)
25352 + proxy = vxi->vx_nsproxy;
25355 + task_lock(current);
25356 + fs_cur = current->fs;
25357 + atomic_inc(&fs_cur->count);
25358 + proxy_cur = current->nsproxy;
25359 + get_nsproxy(proxy_cur);
25360 + task_unlock(current);
25362 + fs_new = __vs_merge_fs(fs_cur, fs, mask);
25363 + if (IS_ERR(fs_new)) {
25364 + ret = PTR_ERR(fs_new);
25368 + proxy_new = __vs_merge_nsproxy(proxy_cur, proxy, mask);
25369 + if (IS_ERR(proxy_new)) {
25370 + ret = PTR_ERR(proxy_new);
25374 + fs_new = xchg(¤t->fs, fs_new);
25375 + proxy_new = xchg(¤t->nsproxy, proxy_new);
25379 + put_nsproxy(proxy_new);
25382 + put_fs_struct(fs_new);
25385 + put_nsproxy(proxy_cur);
25387 + put_fs_struct(fs_cur);
25392 +int vx_set_space(struct vx_info *vxi, unsigned long mask)
25394 + struct nsproxy *proxy_vxi, *proxy_cur, *proxy_new;
25395 + struct fs_struct *fs_vxi, *fs_cur, *fs_new;
25399 + mask = space_mask.mask;
25401 + if ((mask & space_mask.mask) != mask)
25404 + proxy_vxi = vxi->vx_nsproxy;
25405 + fs_vxi = vxi->vx_fs;
25407 + task_lock(current);
25408 + fs_cur = current->fs;
25409 + atomic_inc(&fs_cur->count);
25410 + proxy_cur = current->nsproxy;
25411 + get_nsproxy(proxy_cur);
25412 + task_unlock(current);
25414 + fs_new = __vs_merge_fs(fs_vxi, fs_cur, mask);
25415 + if (IS_ERR(fs_new)) {
25416 + ret = PTR_ERR(fs_new);
25420 + proxy_new = __vs_merge_nsproxy(proxy_vxi, proxy_cur, mask);
25421 + if (IS_ERR(proxy_new)) {
25422 + ret = PTR_ERR(proxy_new);
25426 + fs_new = xchg(&vxi->vx_fs, fs_new);
25427 + proxy_new = xchg(&vxi->vx_nsproxy, proxy_new);
25428 + vxi->vx_nsmask |= mask;
25432 + put_nsproxy(proxy_new);
25435 + put_fs_struct(fs_new);
25438 + put_nsproxy(proxy_cur);
25440 + put_fs_struct(fs_cur);
25445 +int vc_enter_space(struct vx_info *vxi, void __user *data)
25447 + struct vcmd_space_mask vc_data = { .mask = 0 };
25449 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
25452 + return vx_enter_space(vxi, vc_data.mask);
25455 +int vc_set_space(struct vx_info *vxi, void __user *data)
25457 + struct vcmd_space_mask vc_data = { .mask = 0 };
25459 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
25462 + return vx_set_space(vxi, vc_data.mask);
25465 +int vc_get_space_mask(struct vx_info *vxi, void __user *data)
25467 + if (copy_to_user(data, &space_mask, sizeof(space_mask)))
25472 diff -NurpP --minimal linux-2.6.25/kernel/vserver/switch.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/switch.c
25473 --- linux-2.6.25/kernel/vserver/switch.c 1969-12-31 19:00:00.000000000 -0500
25474 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/switch.c 2008-04-29 18:40:18.000000000 -0400
25477 + * linux/kernel/vserver/switch.c
25479 + * Virtual Server: Syscall Switch
25481 + * Copyright (C) 2003-2007 Herbert Pötzl
25483 + * V0.01 syscall switch
25484 + * V0.02 added signal to context
25485 + * V0.03 added rlimit functions
25486 + * V0.04 added iattr, task/xid functions
25487 + * V0.05 added debug/history stuff
25488 + * V0.06 added compat32 layer
25489 + * V0.07 vcmd args and perms
25490 + * V0.08 added status commands
25491 + * V0.09 added tag commands
25492 + * V0.10 added oom bias
25493 + * V0.11 added device commands
25497 +#include <linux/vs_context.h>
25498 +#include <linux/vs_network.h>
25499 +#include <linux/vserver/switch.h>
25501 +#include "vci_config.h"
25505 +int vc_get_version(uint32_t id)
25507 + return VCI_VERSION;
25511 +int vc_get_vci(uint32_t id)
25513 + return vci_kernel_config();
25516 +#include <linux/vserver/context_cmd.h>
25517 +#include <linux/vserver/cvirt_cmd.h>
25518 +#include <linux/vserver/cacct_cmd.h>
25519 +#include <linux/vserver/limit_cmd.h>
25520 +#include <linux/vserver/network_cmd.h>
25521 +#include <linux/vserver/sched_cmd.h>
25522 +#include <linux/vserver/debug_cmd.h>
25523 +#include <linux/vserver/inode_cmd.h>
25524 +#include <linux/vserver/dlimit_cmd.h>
25525 +#include <linux/vserver/signal_cmd.h>
25526 +#include <linux/vserver/space_cmd.h>
25527 +#include <linux/vserver/tag_cmd.h>
25528 +#include <linux/vserver/device_cmd.h>
25530 +#include <linux/vserver/inode.h>
25531 +#include <linux/vserver/dlimit.h>
25534 +#ifdef CONFIG_COMPAT
25535 +#define __COMPAT(name, id, data, compat) \
25536 + (compat) ? name ## _x32(id, data) : name(id, data)
25537 +#define __COMPAT_NO_ID(name, data, compat) \
25538 + (compat) ? name ## _x32(data) : name(data)
25540 +#define __COMPAT(name, id, data, compat) \
25542 +#define __COMPAT_NO_ID(name, data, compat) \
25548 +long do_vcmd(uint32_t cmd, uint32_t id,
25549 + struct vx_info *vxi, struct nx_info *nxi,
25550 + void __user *data, int compat)
25554 + case VCMD_get_version:
25555 + return vc_get_version(id);
25556 + case VCMD_get_vci:
25557 + return vc_get_vci(id);
25559 + case VCMD_task_xid:
25560 + return vc_task_xid(id);
25561 + case VCMD_vx_info:
25562 + return vc_vx_info(vxi, data);
25564 + case VCMD_task_nid:
25565 + return vc_task_nid(id);
25566 + case VCMD_nx_info:
25567 + return vc_nx_info(nxi, data);
25569 + case VCMD_task_tag:
25570 + return vc_task_tag(id);
25572 + /* this is version 1 */
25573 + case VCMD_set_space:
25574 + return vc_set_space(vxi, data);
25576 + case VCMD_get_space_mask:
25577 + return vc_get_space_mask(vxi, data);
25579 +#ifdef CONFIG_IA32_EMULATION
25580 + case VCMD_get_rlimit:
25581 + return __COMPAT(vc_get_rlimit, vxi, data, compat);
25582 + case VCMD_set_rlimit:
25583 + return __COMPAT(vc_set_rlimit, vxi, data, compat);
25585 + case VCMD_get_rlimit:
25586 + return vc_get_rlimit(vxi, data);
25587 + case VCMD_set_rlimit:
25588 + return vc_set_rlimit(vxi, data);
25590 + case VCMD_get_rlimit_mask:
25591 + return vc_get_rlimit_mask(id, data);
25592 + case VCMD_reset_minmax:
25593 + return vc_reset_minmax(vxi, data);
25595 + case VCMD_get_vhi_name:
25596 + return vc_get_vhi_name(vxi, data);
25597 + case VCMD_set_vhi_name:
25598 + return vc_set_vhi_name(vxi, data);
25600 + case VCMD_ctx_stat:
25601 + return vc_ctx_stat(vxi, data);
25602 + case VCMD_virt_stat:
25603 + return vc_virt_stat(vxi, data);
25604 + case VCMD_sock_stat:
25605 + return vc_sock_stat(vxi, data);
25606 + case VCMD_rlimit_stat:
25607 + return vc_rlimit_stat(vxi, data);
25609 + case VCMD_set_cflags:
25610 + return vc_set_cflags(vxi, data);
25611 + case VCMD_get_cflags:
25612 + return vc_get_cflags(vxi, data);
25614 + /* this is version 1 */
25615 + case VCMD_set_ccaps:
25616 + return vc_set_ccaps(vxi, data);
25617 + /* this is version 1 */
25618 + case VCMD_get_ccaps:
25619 + return vc_get_ccaps(vxi, data);
25620 + case VCMD_set_bcaps:
25621 + return vc_set_bcaps(vxi, data);
25622 + case VCMD_get_bcaps:
25623 + return vc_get_bcaps(vxi, data);
25625 + case VCMD_set_badness:
25626 + return vc_set_badness(vxi, data);
25627 + case VCMD_get_badness:
25628 + return vc_get_badness(vxi, data);
25630 + case VCMD_set_nflags:
25631 + return vc_set_nflags(nxi, data);
25632 + case VCMD_get_nflags:
25633 + return vc_get_nflags(nxi, data);
25635 + case VCMD_set_ncaps:
25636 + return vc_set_ncaps(nxi, data);
25637 + case VCMD_get_ncaps:
25638 + return vc_get_ncaps(nxi, data);
25640 + case VCMD_set_sched_v4:
25641 + return vc_set_sched_v4(vxi, data);
25642 + /* this is version 5 */
25643 + case VCMD_set_sched:
25644 + return vc_set_sched(vxi, data);
25645 + case VCMD_get_sched:
25646 + return vc_get_sched(vxi, data);
25647 + case VCMD_sched_info:
25648 + return vc_sched_info(vxi, data);
25650 + case VCMD_add_dlimit:
25651 + return __COMPAT(vc_add_dlimit, id, data, compat);
25652 + case VCMD_rem_dlimit:
25653 + return __COMPAT(vc_rem_dlimit, id, data, compat);
25654 + case VCMD_set_dlimit:
25655 + return __COMPAT(vc_set_dlimit, id, data, compat);
25656 + case VCMD_get_dlimit:
25657 + return __COMPAT(vc_get_dlimit, id, data, compat);
25659 + case VCMD_ctx_kill:
25660 + return vc_ctx_kill(vxi, data);
25662 + case VCMD_wait_exit:
25663 + return vc_wait_exit(vxi, data);
25665 + case VCMD_get_iattr:
25666 + return __COMPAT_NO_ID(vc_get_iattr, data, compat);
25667 + case VCMD_set_iattr:
25668 + return __COMPAT_NO_ID(vc_set_iattr, data, compat);
25670 + case VCMD_fget_iattr:
25671 + return vc_fget_iattr(id, data);
25672 + case VCMD_fset_iattr:
25673 + return vc_fset_iattr(id, data);
25675 + case VCMD_enter_space_v0:
25676 + return vc_enter_space(vxi, NULL);
25677 + /* this is version 1 */
25678 + case VCMD_enter_space:
25679 + return vc_enter_space(vxi, data);
25681 + case VCMD_ctx_create_v0:
25682 + return vc_ctx_create(id, NULL);
25683 + case VCMD_ctx_create:
25684 + return vc_ctx_create(id, data);
25685 + case VCMD_ctx_migrate_v0:
25686 + return vc_ctx_migrate(vxi, NULL);
25687 + case VCMD_ctx_migrate:
25688 + return vc_ctx_migrate(vxi, data);
25690 + case VCMD_net_create_v0:
25691 + return vc_net_create(id, NULL);
25692 + case VCMD_net_create:
25693 + return vc_net_create(id, data);
25694 + case VCMD_net_migrate:
25695 + return vc_net_migrate(nxi, data);
25697 + case VCMD_tag_migrate:
25698 + return vc_tag_migrate(id);
25700 + case VCMD_net_add:
25701 + return vc_net_add(nxi, data);
25702 + case VCMD_net_remove:
25703 + return vc_net_remove(nxi, data);
25705 + case VCMD_net_add_ipv4:
25706 + return vc_net_add_ipv4(nxi, data);
25707 + case VCMD_net_remove_ipv4:
25708 + return vc_net_remove_ipv4(nxi, data);
25709 +#ifdef CONFIG_IPV6
25710 + case VCMD_net_add_ipv6:
25711 + return vc_net_add_ipv6(nxi, data);
25712 + case VCMD_net_remove_ipv6:
25713 + return vc_net_remove_ipv6(nxi, data);
25715 +/* case VCMD_add_match_ipv4:
25716 + return vc_add_match_ipv4(nxi, data);
25717 + case VCMD_get_match_ipv4:
25718 + return vc_get_match_ipv4(nxi, data);
25719 +#ifdef CONFIG_IPV6
25720 + case VCMD_add_match_ipv6:
25721 + return vc_add_match_ipv6(nxi, data);
25722 + case VCMD_get_match_ipv6:
25723 + return vc_get_match_ipv6(nxi, data);
25726 +#ifdef CONFIG_VSERVER_DEVICE
25727 + case VCMD_set_mapping:
25728 + return __COMPAT(vc_set_mapping, vxi, data, compat);
25729 + case VCMD_unset_mapping:
25730 + return __COMPAT(vc_unset_mapping, vxi, data, compat);
25732 +#ifdef CONFIG_VSERVER_HISTORY
25733 + case VCMD_dump_history:
25734 + return vc_dump_history(id);
25735 + case VCMD_read_history:
25736 + return __COMPAT(vc_read_history, id, data, compat);
25738 +#ifdef CONFIG_VSERVER_MONITOR
25739 + case VCMD_read_monitor:
25740 + return __COMPAT(vc_read_monitor, id, data, compat);
25743 + vxwprintk_task(1, "unimplemented VCMD_%02d_%d[%d]",
25744 + VC_CATEGORY(cmd), VC_COMMAND(cmd), VC_VERSION(cmd));
25750 +#define __VCMD(vcmd, _perm, _args, _flags) \
25751 + case VCMD_ ## vcmd: perm = _perm; \
25752 + args = _args; flags = _flags; break
25755 +#define VCA_NONE 0x00
25756 +#define VCA_VXI 0x01
25757 +#define VCA_NXI 0x02
25759 +#define VCF_NONE 0x00
25760 +#define VCF_INFO 0x01
25761 +#define VCF_ADMIN 0x02
25762 +#define VCF_ARES 0x06 /* includes admin */
25763 +#define VCF_SETUP 0x08
25765 +#define VCF_ZIDOK 0x10 /* zero id okay */
25769 +long do_vserver(uint32_t cmd, uint32_t id, void __user *data, int compat)
25772 + int permit = -1, state = 0;
25773 + int perm = -1, args = 0, flags = 0;
25774 + struct vx_info *vxi = NULL;
25775 + struct nx_info *nxi = NULL;
25778 + /* unpriviledged commands */
25779 + __VCMD(get_version, 0, VCA_NONE, 0);
25780 + __VCMD(get_vci, 0, VCA_NONE, 0);
25781 + __VCMD(get_rlimit_mask, 0, VCA_NONE, 0);
25782 + __VCMD(get_space_mask, 0, VCA_NONE, 0);
25784 + /* info commands */
25785 + __VCMD(task_xid, 2, VCA_NONE, 0);
25786 + __VCMD(reset_minmax, 2, VCA_VXI, 0);
25787 + __VCMD(vx_info, 3, VCA_VXI, VCF_INFO);
25788 + __VCMD(get_bcaps, 3, VCA_VXI, VCF_INFO);
25789 + __VCMD(get_ccaps, 3, VCA_VXI, VCF_INFO);
25790 + __VCMD(get_cflags, 3, VCA_VXI, VCF_INFO);
25791 + __VCMD(get_badness, 3, VCA_VXI, VCF_INFO);
25792 + __VCMD(get_vhi_name, 3, VCA_VXI, VCF_INFO);
25793 + __VCMD(get_rlimit, 3, VCA_VXI, VCF_INFO);
25795 + __VCMD(ctx_stat, 3, VCA_VXI, VCF_INFO);
25796 + __VCMD(virt_stat, 3, VCA_VXI, VCF_INFO);
25797 + __VCMD(sock_stat, 3, VCA_VXI, VCF_INFO);
25798 + __VCMD(rlimit_stat, 3, VCA_VXI, VCF_INFO);
25800 + __VCMD(task_nid, 2, VCA_NONE, 0);
25801 + __VCMD(nx_info, 3, VCA_NXI, VCF_INFO);
25802 + __VCMD(get_ncaps, 3, VCA_NXI, VCF_INFO);
25803 + __VCMD(get_nflags, 3, VCA_NXI, VCF_INFO);
25805 + __VCMD(task_tag, 2, VCA_NONE, 0);
25807 + __VCMD(get_iattr, 2, VCA_NONE, 0);
25808 + __VCMD(fget_iattr, 2, VCA_NONE, 0);
25809 + __VCMD(get_dlimit, 3, VCA_NONE, VCF_INFO);
25810 + __VCMD(get_sched, 3, VCA_VXI, VCF_INFO);
25811 + __VCMD(sched_info, 3, VCA_VXI, VCF_INFO | VCF_ZIDOK);
25813 + /* lower admin commands */
25814 + __VCMD(wait_exit, 4, VCA_VXI, VCF_INFO);
25815 + __VCMD(ctx_create_v0, 5, VCA_NONE, 0);
25816 + __VCMD(ctx_create, 5, VCA_NONE, 0);
25817 + __VCMD(ctx_migrate_v0, 5, VCA_VXI, VCF_ADMIN);
25818 + __VCMD(ctx_migrate, 5, VCA_VXI, VCF_ADMIN);
25819 + __VCMD(enter_space_v0, 5, VCA_VXI, VCF_ADMIN);
25820 + __VCMD(enter_space, 5, VCA_VXI, VCF_ADMIN);
25822 + __VCMD(net_create_v0, 5, VCA_NONE, 0);
25823 + __VCMD(net_create, 5, VCA_NONE, 0);
25824 + __VCMD(net_migrate, 5, VCA_NXI, VCF_ADMIN);
25826 + __VCMD(tag_migrate, 5, VCA_NONE, VCF_ADMIN);
25828 + /* higher admin commands */
25829 + __VCMD(ctx_kill, 6, VCA_VXI, VCF_ARES);
25830 + __VCMD(set_space, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25832 + __VCMD(set_ccaps, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25833 + __VCMD(set_bcaps, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25834 + __VCMD(set_cflags, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25835 + __VCMD(set_badness, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25837 + __VCMD(set_vhi_name, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25838 + __VCMD(set_rlimit, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25839 + __VCMD(set_sched, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25840 + __VCMD(set_sched_v4, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
25842 + __VCMD(set_ncaps, 7, VCA_NXI, VCF_ARES | VCF_SETUP);
25843 + __VCMD(set_nflags, 7, VCA_NXI, VCF_ARES | VCF_SETUP);
25844 + __VCMD(net_add, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
25845 + __VCMD(net_remove, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
25846 + __VCMD(net_add_ipv4, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
25847 + __VCMD(net_remove_ipv4, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
25848 +#ifdef CONFIG_IPV6
25849 + __VCMD(net_add_ipv6, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
25850 + __VCMD(net_remove_ipv6, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
25852 + __VCMD(set_iattr, 7, VCA_NONE, 0);
25853 + __VCMD(fset_iattr, 7, VCA_NONE, 0);
25854 + __VCMD(set_dlimit, 7, VCA_NONE, VCF_ARES);
25855 + __VCMD(add_dlimit, 8, VCA_NONE, VCF_ARES);
25856 + __VCMD(rem_dlimit, 8, VCA_NONE, VCF_ARES);
25858 +#ifdef CONFIG_VSERVER_DEVICE
25859 + __VCMD(set_mapping, 8, VCA_VXI, VCF_ARES|VCF_ZIDOK);
25860 + __VCMD(unset_mapping, 8, VCA_VXI, VCF_ARES|VCF_ZIDOK);
25862 + /* debug level admin commands */
25863 +#ifdef CONFIG_VSERVER_HISTORY
25864 + __VCMD(dump_history, 9, VCA_NONE, 0);
25865 + __VCMD(read_history, 9, VCA_NONE, 0);
25867 +#ifdef CONFIG_VSERVER_MONITOR
25868 + __VCMD(read_monitor, 9, VCA_NONE, 0);
25875 + vxdprintk(VXD_CBIT(switch, 0),
25876 + "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]",
25877 + VC_CATEGORY(cmd), VC_COMMAND(cmd),
25878 + VC_VERSION(cmd), id, data, compat,
25879 + perm, args, flags);
25886 + if (!capable(CAP_CONTEXT))
25890 + /* moved here from the individual commands */
25892 + if ((perm > 1) && !capable(CAP_SYS_ADMIN))
25896 + /* vcmd involves resource management */
25898 + if ((flags & VCF_ARES) && !capable(CAP_SYS_RESOURCE))
25902 + /* various legacy exceptions */
25904 + /* will go away when spectator is a cap */
25905 + case VCMD_ctx_migrate_v0:
25906 + case VCMD_ctx_migrate:
25908 + current->xid = 1;
25914 + /* will go away when spectator is a cap */
25915 + case VCMD_net_migrate:
25917 + current->nid = 1;
25924 + /* vcmds are fine by default */
25927 + /* admin type vcmds require admin ... */
25928 + if (flags & VCF_ADMIN)
25929 + permit = vx_check(0, VS_ADMIN) ? 1 : 0;
25931 + /* ... but setup type vcmds override that */
25932 + if (!permit && (flags & VCF_SETUP))
25933 + permit = vx_flags(VXF_STATE_SETUP, 0) ? 2 : 0;
25941 + if (!id && (flags & VCF_ZIDOK))
25945 + if (args & VCA_VXI) {
25946 + vxi = lookup_vx_info(id);
25950 + if ((flags & VCF_ADMIN) &&
25951 + /* special case kill for shutdown */
25952 + (cmd != VCMD_ctx_kill) &&
25953 + /* can context be administrated? */
25954 + !vx_info_flags(vxi, VXF_STATE_ADMIN, 0)) {
25960 + if (args & VCA_NXI) {
25961 + nxi = lookup_nx_info(id);
25965 + if ((flags & VCF_ADMIN) &&
25966 + /* can context be administrated? */
25967 + !nx_info_flags(nxi, NXF_STATE_ADMIN, 0)) {
25974 + ret = do_vcmd(cmd, id, vxi, nxi, data, compat);
25977 + if ((args & VCA_NXI) && nxi)
25978 + put_nx_info(nxi);
25980 + if ((args & VCA_VXI) && vxi)
25981 + put_vx_info(vxi);
25983 + vxdprintk(VXD_CBIT(switch, 1),
25984 + "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]",
25985 + VC_CATEGORY(cmd), VC_COMMAND(cmd),
25986 + VC_VERSION(cmd), ret, ret, state, permit);
25991 +sys_vserver(uint32_t cmd, uint32_t id, void __user *data)
25993 + return do_vserver(cmd, id, data, 0);
25996 +#ifdef CONFIG_COMPAT
25999 +sys32_vserver(uint32_t cmd, uint32_t id, void __user *data)
26001 + return do_vserver(cmd, id, data, 1);
26004 +#endif /* CONFIG_COMPAT */
26005 diff -NurpP --minimal linux-2.6.25/kernel/vserver/sysctl.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sysctl.c
26006 --- linux-2.6.25/kernel/vserver/sysctl.c 1969-12-31 19:00:00.000000000 -0500
26007 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/sysctl.c 2008-04-19 15:14:52.000000000 -0400
26010 + * kernel/vserver/sysctl.c
26012 + * Virtual Context Support
26014 + * Copyright (C) 2004-2007 Herbert Pötzl
26016 + * V0.01 basic structure
26020 +#include <linux/module.h>
26021 +#include <linux/ctype.h>
26022 +#include <linux/sysctl.h>
26023 +#include <linux/parser.h>
26024 +#include <asm/uaccess.h>
26028 + CTL_DEBUG_ERROR = 0,
26029 + CTL_DEBUG_SWITCH = 1,
26044 +unsigned int vx_debug_switch = 0;
26045 +unsigned int vx_debug_xid = 0;
26046 +unsigned int vx_debug_nid = 0;
26047 +unsigned int vx_debug_tag = 0;
26048 +unsigned int vx_debug_net = 0;
26049 +unsigned int vx_debug_limit = 0;
26050 +unsigned int vx_debug_cres = 0;
26051 +unsigned int vx_debug_dlim = 0;
26052 +unsigned int vx_debug_quota = 0;
26053 +unsigned int vx_debug_cvirt = 0;
26054 +unsigned int vx_debug_space = 0;
26055 +unsigned int vx_debug_misc = 0;
26058 +static struct ctl_table_header *vserver_table_header;
26059 +static ctl_table vserver_root_table[];
26062 +void vserver_register_sysctl(void)
26064 + if (!vserver_table_header) {
26065 + vserver_table_header = register_sysctl_table(vserver_root_table);
26070 +void vserver_unregister_sysctl(void)
26072 + if (vserver_table_header) {
26073 + unregister_sysctl_table(vserver_table_header);
26074 + vserver_table_header = NULL;
26079 +static int proc_dodebug(ctl_table *table, int write,
26080 + struct file *filp, void __user *buffer, size_t *lenp, loff_t *ppos)
26082 + char tmpbuf[20], *p, c;
26083 + unsigned int value;
26084 + size_t left, len;
26086 + if ((*ppos && !write) || !*lenp) {
26094 + if (!access_ok(VERIFY_READ, buffer, left))
26096 + p = (char *)buffer;
26097 + while (left && __get_user(c, p) >= 0 && isspace(c))
26102 + if (left > sizeof(tmpbuf) - 1)
26104 + if (copy_from_user(tmpbuf, p, left))
26106 + tmpbuf[left] = '\0';
26108 + for (p = tmpbuf, value = 0; '0' <= *p && *p <= '9'; p++, left--)
26109 + value = 10 * value + (*p - '0');
26110 + if (*p && !isspace(*p))
26112 + while (left && isspace(*p))
26114 + *(unsigned int *)table->data = value;
26116 + if (!access_ok(VERIFY_WRITE, buffer, left))
26118 + len = sprintf(tmpbuf, "%d", *(unsigned int *)table->data);
26121 + if (__copy_to_user(buffer, tmpbuf, len))
26123 + if ((left -= len) > 0) {
26124 + if (put_user('\n', (char *)buffer + len))
26138 +#define CTL_ENTRY(ctl, name) \
26140 + .ctl_name = ctl, \
26141 + .procname = #name, \
26142 + .data = &vx_ ## name, \
26143 + .maxlen = sizeof(int), \
26145 + .proc_handler = &proc_dodebug, \
26146 + .strategy = &sysctl_intvec, \
26147 + .extra1 = &zero, \
26150 +static ctl_table vserver_debug_table[] = {
26151 + CTL_ENTRY(CTL_DEBUG_SWITCH, debug_switch),
26152 + CTL_ENTRY(CTL_DEBUG_XID, debug_xid),
26153 + CTL_ENTRY(CTL_DEBUG_NID, debug_nid),
26154 + CTL_ENTRY(CTL_DEBUG_TAG, debug_tag),
26155 + CTL_ENTRY(CTL_DEBUG_NET, debug_net),
26156 + CTL_ENTRY(CTL_DEBUG_LIMIT, debug_limit),
26157 + CTL_ENTRY(CTL_DEBUG_CRES, debug_cres),
26158 + CTL_ENTRY(CTL_DEBUG_DLIM, debug_dlim),
26159 + CTL_ENTRY(CTL_DEBUG_QUOTA, debug_quota),
26160 + CTL_ENTRY(CTL_DEBUG_CVIRT, debug_cvirt),
26161 + CTL_ENTRY(CTL_DEBUG_SPACE, debug_space),
26162 + CTL_ENTRY(CTL_DEBUG_MISC, debug_misc),
26163 + { .ctl_name = 0 }
26166 +static ctl_table vserver_root_table[] = {
26168 + .ctl_name = CTL_VSERVER,
26169 + .procname = "vserver",
26171 + .child = vserver_debug_table
26173 + { .ctl_name = 0 }
26177 +static match_table_t tokens = {
26178 + { CTL_DEBUG_SWITCH, "switch=%x" },
26179 + { CTL_DEBUG_XID, "xid=%x" },
26180 + { CTL_DEBUG_NID, "nid=%x" },
26181 + { CTL_DEBUG_TAG, "tag=%x" },
26182 + { CTL_DEBUG_NET, "net=%x" },
26183 + { CTL_DEBUG_LIMIT, "limit=%x" },
26184 + { CTL_DEBUG_CRES, "cres=%x" },
26185 + { CTL_DEBUG_DLIM, "dlim=%x" },
26186 + { CTL_DEBUG_QUOTA, "quota=%x" },
26187 + { CTL_DEBUG_CVIRT, "cvirt=%x" },
26188 + { CTL_DEBUG_SPACE, "space=%x" },
26189 + { CTL_DEBUG_MISC, "misc=%x" },
26190 + { CTL_DEBUG_ERROR, NULL }
26193 +#define HANDLE_CASE(id, name, val) \
26194 + case CTL_DEBUG_ ## id: \
26195 + vx_debug_ ## name = val; \
26196 + printk("vs_debug_" #name "=0x%x\n", val); \
26200 +static int __init vs_debug_setup(char *str)
26205 + printk("vs_debug_setup(%s)\n", str);
26206 + while ((p = strsep(&str, ",")) != NULL) {
26207 + substring_t args[MAX_OPT_ARGS];
26208 + unsigned int value;
26213 + token = match_token(p, tokens, args);
26214 + value = (token > 0) ? simple_strtoul(args[0].from, NULL, 0) : 0;
26217 + HANDLE_CASE(SWITCH, switch, value);
26218 + HANDLE_CASE(XID, xid, value);
26219 + HANDLE_CASE(NID, nid, value);
26220 + HANDLE_CASE(TAG, tag, value);
26221 + HANDLE_CASE(NET, net, value);
26222 + HANDLE_CASE(LIMIT, limit, value);
26223 + HANDLE_CASE(CRES, cres, value);
26224 + HANDLE_CASE(DLIM, dlim, value);
26225 + HANDLE_CASE(QUOTA, quota, value);
26226 + HANDLE_CASE(CVIRT, cvirt, value);
26227 + HANDLE_CASE(SPACE, space, value);
26228 + HANDLE_CASE(MISC, misc, value);
26237 +__setup("vsdebug=", vs_debug_setup);
26241 +EXPORT_SYMBOL_GPL(vx_debug_switch);
26242 +EXPORT_SYMBOL_GPL(vx_debug_xid);
26243 +EXPORT_SYMBOL_GPL(vx_debug_nid);
26244 +EXPORT_SYMBOL_GPL(vx_debug_net);
26245 +EXPORT_SYMBOL_GPL(vx_debug_limit);
26246 +EXPORT_SYMBOL_GPL(vx_debug_cres);
26247 +EXPORT_SYMBOL_GPL(vx_debug_dlim);
26248 +EXPORT_SYMBOL_GPL(vx_debug_quota);
26249 +EXPORT_SYMBOL_GPL(vx_debug_cvirt);
26250 +EXPORT_SYMBOL_GPL(vx_debug_space);
26251 +EXPORT_SYMBOL_GPL(vx_debug_misc);
26253 diff -NurpP --minimal linux-2.6.25/kernel/vserver/tag.c linux-2.6.25-vs2.3.0.34.9/kernel/vserver/tag.c
26254 --- linux-2.6.25/kernel/vserver/tag.c 1969-12-31 19:00:00.000000000 -0500
26255 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/tag.c 2008-04-19 15:14:52.000000000 -0400
26258 + * linux/kernel/vserver/tag.c
26260 + * Virtual Server: Shallow Tag Space
26262 + * Copyright (C) 2007 Herbert Pötzl
26264 + * V0.01 basic implementation
26268 +#include <linux/sched.h>
26269 +#include <linux/vserver/debug.h>
26270 +#include <linux/vs_pid.h>
26271 +#include <linux/vs_tag.h>
26273 +#include <linux/vserver/tag_cmd.h>
26276 +int dx_migrate_task(struct task_struct *p, tag_t tag)
26281 + vxdprintk(VXD_CBIT(tag, 5),
26282 + "dx_migrate_task(%p[#%d],#%d)", p, p->tag, tag);
26288 + vxdprintk(VXD_CBIT(tag, 5),
26289 + "moved task %p into [#%d]", p, tag);
26293 +/* vserver syscall commands below here */
26295 +/* taks xid and vx_info functions */
26298 +int vc_task_tag(uint32_t id)
26303 + struct task_struct *tsk;
26304 + read_lock(&tasklist_lock);
26305 + tsk = find_task_by_real_pid(id);
26306 + tag = (tsk) ? tsk->tag : -ESRCH;
26307 + read_unlock(&tasklist_lock);
26309 + tag = dx_current_tag();
26314 +int vc_tag_migrate(uint32_t tag)
26316 + return dx_migrate_task(current, tag & 0xFFFF);
26320 diff -NurpP --minimal linux-2.6.25/kernel/vserver/vci_config.h linux-2.6.25-vs2.3.0.34.9/kernel/vserver/vci_config.h
26321 --- linux-2.6.25/kernel/vserver/vci_config.h 1969-12-31 19:00:00.000000000 -0500
26322 +++ linux-2.6.25-vs2.3.0.34.9/kernel/vserver/vci_config.h 2008-04-19 15:14:52.000000000 -0400
26325 +/* interface version */
26327 +#define VCI_VERSION 0x00020302
26331 + VCI_KCBIT_NO_DYNAMIC = 0,
26333 + VCI_KCBIT_PROC_SECURE = 4,
26334 + VCI_KCBIT_HARDCPU = 5,
26335 + VCI_KCBIT_IDLELIMIT = 6,
26336 + VCI_KCBIT_IDLETIME = 7,
26338 + VCI_KCBIT_COWBL = 8,
26339 + VCI_KCBIT_FULLCOWBL = 9,
26340 + VCI_KCBIT_SPACES = 10,
26341 + VCI_KCBIT_NETV2 = 11,
26343 + VCI_KCBIT_DEBUG = 16,
26344 + VCI_KCBIT_HISTORY = 20,
26345 + VCI_KCBIT_TAGGED = 24,
26346 + VCI_KCBIT_PPTAG = 28,
26348 + VCI_KCBIT_MORE = 31,
26352 +static inline uint32_t vci_kernel_config(void)
26355 + (1 << VCI_KCBIT_NO_DYNAMIC) |
26357 + /* configured features */
26358 +#ifdef CONFIG_VSERVER_PROC_SECURE
26359 + (1 << VCI_KCBIT_PROC_SECURE) |
26361 +#ifdef CONFIG_VSERVER_HARDCPU
26362 + (1 << VCI_KCBIT_HARDCPU) |
26364 +#ifdef CONFIG_VSERVER_IDLELIMIT
26365 + (1 << VCI_KCBIT_IDLELIMIT) |
26367 +#ifdef CONFIG_VSERVER_IDLETIME
26368 + (1 << VCI_KCBIT_IDLETIME) |
26370 +#ifdef CONFIG_VSERVER_COWBL
26371 + (1 << VCI_KCBIT_COWBL) |
26372 + (1 << VCI_KCBIT_FULLCOWBL) |
26374 + (1 << VCI_KCBIT_SPACES) |
26375 + (1 << VCI_KCBIT_NETV2) |
26377 + /* debug options */
26378 +#ifdef CONFIG_VSERVER_DEBUG
26379 + (1 << VCI_KCBIT_DEBUG) |
26381 +#ifdef CONFIG_VSERVER_HISTORY
26382 + (1 << VCI_KCBIT_HISTORY) |
26385 + /* inode context tagging */
26386 +#if defined(CONFIG_TAGGING_NONE)
26387 + (0 << VCI_KCBIT_TAGGED) |
26388 +#elif defined(CONFIG_TAGGING_UID16)
26389 + (1 << VCI_KCBIT_TAGGED) |
26390 +#elif defined(CONFIG_TAGGING_GID16)
26391 + (2 << VCI_KCBIT_TAGGED) |
26392 +#elif defined(CONFIG_TAGGING_ID24)
26393 + (3 << VCI_KCBIT_TAGGED) |
26394 +#elif defined(CONFIG_TAGGING_INTERN)
26395 + (4 << VCI_KCBIT_TAGGED) |
26396 +#elif defined(CONFIG_TAGGING_RUNTIME)
26397 + (5 << VCI_KCBIT_TAGGED) |
26399 + (7 << VCI_KCBIT_TAGGED) |
26401 + (1 << VCI_KCBIT_PPTAG) |
26405 diff -NurpP --minimal linux-2.6.25/Makefile linux-2.6.25-vs2.3.0.34.9/Makefile
26406 --- linux-2.6.25/Makefile 2008-04-17 12:05:26.000000000 -0400
26407 +++ linux-2.6.25-vs2.3.0.34.9/Makefile 2008-04-29 20:29:51.000000000 -0400
26413 +EXTRAVERSION = .4-vs2.3.x-vs2.3.0.34.9
26414 NAME = Funky Weasel is Jiggy wit it
26417 diff -NurpP --minimal linux-2.6.25/mm/filemap_xip.c linux-2.6.25-vs2.3.0.34.9/mm/filemap_xip.c
26418 --- linux-2.6.25/mm/filemap_xip.c 2008-04-17 12:05:44.000000000 -0400
26419 +++ linux-2.6.25-vs2.3.0.34.9/mm/filemap_xip.c 2008-04-19 15:14:52.000000000 -0400
26421 #include <linux/uio.h>
26422 #include <linux/rmap.h>
26423 #include <linux/sched.h>
26424 +#include <linux/vs_memory.h>
26425 #include <asm/tlbflush.h>
26428 diff -NurpP --minimal linux-2.6.25/mm/fremap.c linux-2.6.25-vs2.3.0.34.9/mm/fremap.c
26429 --- linux-2.6.25/mm/fremap.c 2008-04-17 12:05:44.000000000 -0400
26430 +++ linux-2.6.25-vs2.3.0.34.9/mm/fremap.c 2008-04-19 15:14:52.000000000 -0400
26432 #include <linux/rmap.h>
26433 #include <linux/module.h>
26434 #include <linux/syscalls.h>
26435 +#include <linux/vs_memory.h>
26437 #include <asm/mmu_context.h>
26438 #include <asm/cacheflush.h>
26439 diff -NurpP --minimal linux-2.6.25/mm/hugetlb.c linux-2.6.25-vs2.3.0.34.9/mm/hugetlb.c
26440 --- linux-2.6.25/mm/hugetlb.c 2008-04-17 12:05:44.000000000 -0400
26441 +++ linux-2.6.25-vs2.3.0.34.9/mm/hugetlb.c 2008-04-19 15:14:52.000000000 -0400
26443 #include <asm/pgtable.h>
26445 #include <linux/hugetlb.h>
26446 +#include <linux/vs_memory.h>
26447 #include "internal.h"
26449 const unsigned long hugetlb_zero = 0, hugetlb_infinity = ~0UL;
26450 diff -NurpP --minimal linux-2.6.25/mm/memory.c linux-2.6.25-vs2.3.0.34.9/mm/memory.c
26451 --- linux-2.6.25/mm/memory.c 2008-04-17 12:05:44.000000000 -0400
26452 +++ linux-2.6.25-vs2.3.0.34.9/mm/memory.c 2008-04-19 15:14:52.000000000 -0400
26453 @@ -505,6 +505,9 @@ static int copy_pte_range(struct mm_stru
26457 + if (!vx_rss_avail(dst_mm, ((end - addr)/PAGE_SIZE + 1)))
26461 rss[1] = rss[0] = 0;
26462 dst_pte = pte_alloc_map_lock(dst_mm, dst_pmd, addr, &dst_ptl);
26463 @@ -2058,6 +2061,11 @@ static int do_swap_page(struct mm_struct
26467 + if (!vx_rss_avail(mm, 1)) {
26468 + ret = VM_FAULT_OOM;
26472 mark_page_accessed(page);
26474 delayacct_clear_flag(DELAYACCT_PF_SWAPIN);
26475 @@ -2129,6 +2137,8 @@ static int do_anonymous_page(struct mm_s
26476 /* Allocate our own private page. */
26477 pte_unmap(page_table);
26479 + if (!vx_rss_avail(mm, 1))
26481 if (unlikely(anon_vma_prepare(vma)))
26483 page = alloc_zeroed_user_highpage_movable(vma, address);
26484 @@ -2453,6 +2463,7 @@ static inline int handle_pte_fault(struc
26488 + int ret = 0, type = VXPT_UNKNOWN;
26491 if (!pte_present(entry)) {
26492 @@ -2480,9 +2491,12 @@ static inline int handle_pte_fault(struc
26493 if (unlikely(!pte_same(*pte, entry)))
26495 if (write_access) {
26496 - if (!pte_write(entry))
26497 - return do_wp_page(mm, vma, address,
26498 + if (!pte_write(entry)) {
26499 + ret = do_wp_page(mm, vma, address,
26500 pte, pmd, ptl, entry);
26501 + type = VXPT_WRITE;
26504 entry = pte_mkdirty(entry);
26506 entry = pte_mkyoung(entry);
26507 @@ -2500,7 +2514,10 @@ static inline int handle_pte_fault(struc
26510 pte_unmap_unlock(pte, ptl);
26514 + vx_page_fault(mm, vma, type, ret);
26519 diff -NurpP --minimal linux-2.6.25/mm/mlock.c linux-2.6.25-vs2.3.0.34.9/mm/mlock.c
26520 --- linux-2.6.25/mm/mlock.c 2008-04-17 10:37:25.000000000 -0400
26521 +++ linux-2.6.25-vs2.3.0.34.9/mm/mlock.c 2008-04-19 15:14:52.000000000 -0400
26523 #include <linux/syscalls.h>
26524 #include <linux/sched.h>
26525 #include <linux/module.h>
26526 +#include <linux/vs_memory.h>
26528 int can_do_mlock(void)
26530 @@ -76,7 +77,7 @@ success:
26531 ret = make_pages_present(start, end);
26534 - mm->locked_vm -= pages;
26535 + vx_vmlocked_sub(mm, pages);
26537 if (ret == -ENOMEM)
26539 @@ -134,7 +135,7 @@ static int do_mlock(unsigned long start,
26541 asmlinkage long sys_mlock(unsigned long start, size_t len)
26543 - unsigned long locked;
26544 + unsigned long locked, grow;
26545 unsigned long lock_limit;
26546 int error = -ENOMEM;
26548 @@ -145,8 +146,10 @@ asmlinkage long sys_mlock(unsigned long
26549 len = PAGE_ALIGN(len + (start & ~PAGE_MASK));
26550 start &= PAGE_MASK;
26552 - locked = len >> PAGE_SHIFT;
26553 - locked += current->mm->locked_vm;
26554 + grow = len >> PAGE_SHIFT;
26555 + if (!vx_vmlocked_avail(current->mm, grow))
26557 + locked = current->mm->locked_vm + grow;
26559 lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur;
26560 lock_limit >>= PAGE_SHIFT;
26561 @@ -154,6 +157,7 @@ asmlinkage long sys_mlock(unsigned long
26562 /* check against resource limits */
26563 if ((locked <= lock_limit) || capable(CAP_IPC_LOCK))
26564 error = do_mlock(start, len, 1);
26566 up_write(¤t->mm->mmap_sem);
26569 @@ -213,6 +217,8 @@ asmlinkage long sys_mlockall(int flags)
26570 lock_limit >>= PAGE_SHIFT;
26573 + if (!vx_vmlocked_avail(current->mm, current->mm->total_vm))
26575 if (!(flags & MCL_CURRENT) || (current->mm->total_vm <= lock_limit) ||
26576 capable(CAP_IPC_LOCK))
26577 ret = do_mlockall(flags);
26578 diff -NurpP --minimal linux-2.6.25/mm/mmap.c linux-2.6.25-vs2.3.0.34.9/mm/mmap.c
26579 --- linux-2.6.25/mm/mmap.c 2008-04-17 12:05:44.000000000 -0400
26580 +++ linux-2.6.25-vs2.3.0.34.9/mm/mmap.c 2008-04-19 15:14:52.000000000 -0400
26581 @@ -1197,10 +1197,10 @@ munmap_back:
26582 kmem_cache_free(vm_area_cachep, vma);
26585 - mm->total_vm += len >> PAGE_SHIFT;
26586 + vx_vmpages_add(mm, len >> PAGE_SHIFT);
26587 vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT);
26588 if (vm_flags & VM_LOCKED) {
26589 - mm->locked_vm += len >> PAGE_SHIFT;
26590 + vx_vmlocked_add(mm, len >> PAGE_SHIFT);
26591 make_pages_present(addr, addr + len);
26593 if ((flags & MAP_POPULATE) && !(flags & MAP_NONBLOCK))
26594 @@ -1549,9 +1549,9 @@ static int acct_stack_growth(struct vm_a
26597 /* Ok, everything looks good - let it rip */
26598 - mm->total_vm += grow;
26599 + vx_vmpages_add(mm, grow);
26600 if (vma->vm_flags & VM_LOCKED)
26601 - mm->locked_vm += grow;
26602 + vx_vmlocked_add(mm, grow);
26603 vm_stat_account(mm, vma->vm_flags, vma->vm_file, grow);
26606 @@ -1722,9 +1722,9 @@ static void remove_vma_list(struct mm_st
26608 long nrpages = vma_pages(vma);
26610 - mm->total_vm -= nrpages;
26611 + vx_vmpages_sub(mm, nrpages);
26612 if (vma->vm_flags & VM_LOCKED)
26613 - mm->locked_vm -= nrpages;
26614 + vx_vmlocked_sub(mm, nrpages);
26615 vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages);
26616 vma = remove_vma(vma);
26618 @@ -1967,6 +1967,8 @@ unsigned long do_brk(unsigned long addr,
26619 lock_limit >>= PAGE_SHIFT;
26620 if (locked > lock_limit && !capable(CAP_IPC_LOCK))
26622 + if (!vx_vmlocked_avail(mm, len >> PAGE_SHIFT))
26627 @@ -1993,7 +1995,8 @@ unsigned long do_brk(unsigned long addr,
26628 if (mm->map_count > sysctl_max_map_count)
26631 - if (security_vm_enough_memory(len >> PAGE_SHIFT))
26632 + if (security_vm_enough_memory(len >> PAGE_SHIFT) ||
26633 + !vx_vmpages_avail(mm, len >> PAGE_SHIFT))
26636 /* Can we just expand an old private anonymous mapping? */
26637 @@ -2018,9 +2021,9 @@ unsigned long do_brk(unsigned long addr,
26638 vma->vm_page_prot = vm_get_page_prot(flags);
26639 vma_link(mm, vma, prev, rb_link, rb_parent);
26641 - mm->total_vm += len >> PAGE_SHIFT;
26642 + vx_vmpages_add(mm, len >> PAGE_SHIFT);
26643 if (flags & VM_LOCKED) {
26644 - mm->locked_vm += len >> PAGE_SHIFT;
26645 + vx_vmlocked_add(mm, len >> PAGE_SHIFT);
26646 make_pages_present(addr, addr + len);
26649 @@ -2049,6 +2052,11 @@ void exit_mmap(struct mm_struct *mm)
26650 free_pgtables(&tlb, vma, FIRST_USER_ADDRESS, 0);
26651 tlb_finish_mmu(tlb, 0, end);
26653 + set_mm_counter(mm, file_rss, 0);
26654 + set_mm_counter(mm, anon_rss, 0);
26655 + vx_vmpages_sub(mm, mm->total_vm);
26656 + vx_vmlocked_sub(mm, mm->locked_vm);
26659 * Walk the list again, actually closing and freeing it,
26660 * with preemption enabled, without holding any MM locks.
26661 @@ -2088,7 +2096,8 @@ int insert_vm_struct(struct mm_struct *
26662 if (__vma && __vma->vm_start < vma->vm_end)
26664 if ((vma->vm_flags & VM_ACCOUNT) &&
26665 - security_vm_enough_memory_mm(mm, vma_pages(vma)))
26666 + (security_vm_enough_memory_mm(mm, vma_pages(vma)) ||
26667 + !vx_vmpages_avail(mm, vma_pages(vma))))
26669 vma_link(mm, vma, prev, rb_link, rb_parent);
26671 @@ -2161,6 +2170,8 @@ int may_expand_vm(struct mm_struct *mm,
26673 if (cur + npages > lim)
26675 + if (!vx_vmpages_avail(mm, npages))
26680 @@ -2238,7 +2249,6 @@ int install_special_mapping(struct mm_st
26684 - mm->total_vm += len >> PAGE_SHIFT;
26686 + vx_vmpages_add(mm, len >> PAGE_SHIFT);
26689 diff -NurpP --minimal linux-2.6.25/mm/mremap.c linux-2.6.25-vs2.3.0.34.9/mm/mremap.c
26690 --- linux-2.6.25/mm/mremap.c 2008-04-17 11:31:40.000000000 -0400
26691 +++ linux-2.6.25-vs2.3.0.34.9/mm/mremap.c 2008-04-19 15:14:52.000000000 -0400
26693 #include <linux/highmem.h>
26694 #include <linux/security.h>
26695 #include <linux/syscalls.h>
26696 +#include <linux/vs_memory.h>
26698 #include <asm/uaccess.h>
26699 #include <asm/cacheflush.h>
26700 @@ -212,7 +213,7 @@ static unsigned long move_vma(struct vm_
26701 * If this were a serious issue, we'd add a flag to do_munmap().
26703 hiwater_vm = mm->hiwater_vm;
26704 - mm->total_vm += new_len >> PAGE_SHIFT;
26705 + vx_vmpages_add(mm, new_len >> PAGE_SHIFT);
26706 vm_stat_account(mm, vma->vm_flags, vma->vm_file, new_len>>PAGE_SHIFT);
26708 if (do_munmap(mm, old_addr, old_len) < 0) {
26709 @@ -230,7 +231,7 @@ static unsigned long move_vma(struct vm_
26712 if (vm_flags & VM_LOCKED) {
26713 - mm->locked_vm += new_len >> PAGE_SHIFT;
26714 + vx_vmlocked_add(mm, new_len >> PAGE_SHIFT);
26715 if (new_len > old_len)
26716 make_pages_present(new_addr + old_len,
26717 new_addr + new_len);
26718 @@ -341,6 +342,9 @@ unsigned long do_mremap(unsigned long ad
26720 if (locked > lock_limit && !capable(CAP_IPC_LOCK))
26722 + if (!vx_vmlocked_avail(current->mm,
26723 + (new_len - old_len) >> PAGE_SHIFT))
26726 if (!may_expand_vm(mm, (new_len - old_len) >> PAGE_SHIFT)) {
26728 @@ -369,10 +373,10 @@ unsigned long do_mremap(unsigned long ad
26729 vma_adjust(vma, vma->vm_start,
26730 addr + new_len, vma->vm_pgoff, NULL);
26732 - mm->total_vm += pages;
26733 + vx_vmpages_add(mm, pages);
26734 vm_stat_account(mm, vma->vm_flags, vma->vm_file, pages);
26735 if (vma->vm_flags & VM_LOCKED) {
26736 - mm->locked_vm += pages;
26737 + vx_vmlocked_add(mm, pages);
26738 make_pages_present(addr + old_len,
26741 diff -NurpP --minimal linux-2.6.25/mm/nommu.c linux-2.6.25-vs2.3.0.34.9/mm/nommu.c
26742 --- linux-2.6.25/mm/nommu.c 2008-04-17 12:05:44.000000000 -0400
26743 +++ linux-2.6.25-vs2.3.0.34.9/mm/nommu.c 2008-04-19 15:14:52.000000000 -0400
26744 @@ -991,7 +991,7 @@ unsigned long do_mmap_pgoff(struct file
26745 realalloc += kobjsize(vma);
26746 askedalloc += sizeof(*vma);
26748 - current->mm->total_vm += len >> PAGE_SHIFT;
26749 + vx_vmpages_add(current->mm, len >> PAGE_SHIFT);
26751 add_nommu_vma(vma);
26753 @@ -1117,7 +1117,7 @@ int do_munmap(struct mm_struct *mm, unsi
26756 update_hiwater_vm(mm);
26757 - mm->total_vm -= len >> PAGE_SHIFT;
26758 + vx_vmpages_sub(mm, len >> PAGE_SHIFT);
26761 show_process_blocks();
26762 @@ -1150,7 +1150,7 @@ void exit_mmap(struct mm_struct * mm)
26763 printk("Exit_mmap:\n");
26766 - mm->total_vm = 0;
26767 + vx_vmpages_sub(mm, mm->total_vm);
26769 while ((tmp = mm->context.vmlist)) {
26770 mm->context.vmlist = tmp->next;
26771 diff -NurpP --minimal linux-2.6.25/mm/oom_kill.c linux-2.6.25-vs2.3.0.34.9/mm/oom_kill.c
26772 --- linux-2.6.25/mm/oom_kill.c 2008-04-17 12:05:44.000000000 -0400
26773 +++ linux-2.6.25-vs2.3.0.34.9/mm/oom_kill.c 2008-04-19 16:55:20.000000000 -0400
26775 #include <linux/module.h>
26776 #include <linux/notifier.h>
26777 #include <linux/memcontrol.h>
26778 +#include <linux/vs_memory.h>
26780 int sysctl_panic_on_oom;
26781 int sysctl_oom_kill_allocating_task;
26782 @@ -73,6 +74,12 @@ unsigned long badness(struct task_struct
26783 points = mm->total_vm;
26786 + * add points for context badness
26789 + points += vx_badness(p, mm);
26792 * After this unlock we can no longer dereference local variable `mm'
26795 @@ -162,8 +169,8 @@ unsigned long badness(struct task_struct
26799 - printk(KERN_DEBUG "OOMkill: task %d (%s) got %lu points\n",
26800 - p->pid, p->comm, points);
26801 + printk(KERN_DEBUG "OOMkill: task %d:#%u (%s) got %d points\n",
26802 + task_pid_nr(p), p->xid, p->comm, points);
26806 @@ -322,8 +329,8 @@ static void __oom_kill_task(struct task_
26810 - printk(KERN_ERR "Killed process %d (%s)\n",
26811 - task_pid_nr(p), p->comm);
26812 + printk(KERN_ERR "Killed process %d:#%u (%s)\n",
26813 + task_pid_nr(p), p->xid, p->comm);
26816 * We give our sacrificial lamb high priority and access to
26817 @@ -403,8 +410,8 @@ static int oom_kill_process(struct task_
26821 - printk(KERN_ERR "%s: kill process %d (%s) score %li or a child\n",
26822 - message, task_pid_nr(p), p->comm, points);
26823 + printk(KERN_ERR "%s: kill process %d:#%u (%s) score %li or a child\n",
26824 + message, task_pid_nr(p), p->xid, p->comm, points);
26826 /* Try to kill a child first */
26827 list_for_each_entry(c, &p->children, sibling) {
26828 diff -NurpP --minimal linux-2.6.25/mm/page_alloc.c linux-2.6.25-vs2.3.0.34.9/mm/page_alloc.c
26829 --- linux-2.6.25/mm/page_alloc.c 2008-04-17 12:05:44.000000000 -0400
26830 +++ linux-2.6.25-vs2.3.0.34.9/mm/page_alloc.c 2008-04-19 16:53:55.000000000 -0400
26832 #include <linux/fault-inject.h>
26833 #include <linux/page-isolation.h>
26834 #include <linux/memcontrol.h>
26835 +#include <linux/vs_base.h>
26836 +#include <linux/vs_limit.h>
26838 #include <asm/tlbflush.h>
26839 #include <asm/div64.h>
26840 @@ -1762,6 +1764,9 @@ void si_meminfo(struct sysinfo *val)
26841 val->totalhigh = totalhigh_pages;
26842 val->freehigh = nr_free_highpages();
26843 val->mem_unit = PAGE_SIZE;
26845 + if (vx_flags(VXF_VIRT_MEM, 0))
26846 + vx_vsi_meminfo(val);
26849 EXPORT_SYMBOL(si_meminfo);
26850 @@ -1782,6 +1787,9 @@ void si_meminfo_node(struct sysinfo *val
26853 val->mem_unit = PAGE_SIZE;
26855 + if (vx_flags(VXF_VIRT_MEM, 0))
26856 + vx_vsi_meminfo(val);
26860 diff -NurpP --minimal linux-2.6.25/mm/rmap.c linux-2.6.25-vs2.3.0.34.9/mm/rmap.c
26861 --- linux-2.6.25/mm/rmap.c 2008-04-17 12:05:44.000000000 -0400
26862 +++ linux-2.6.25-vs2.3.0.34.9/mm/rmap.c 2008-04-19 16:53:36.000000000 -0400
26864 #include <linux/module.h>
26865 #include <linux/kallsyms.h>
26866 #include <linux/memcontrol.h>
26867 +#include <linux/vs_memory.h>
26869 #include <asm/tlbflush.h>
26871 diff -NurpP --minimal linux-2.6.25/mm/shmem.c linux-2.6.25-vs2.3.0.34.9/mm/shmem.c
26872 --- linux-2.6.25/mm/shmem.c 2008-04-17 12:05:44.000000000 -0400
26873 +++ linux-2.6.25-vs2.3.0.34.9/mm/shmem.c 2008-04-19 15:14:52.000000000 -0400
26875 #include <asm/pgtable.h>
26877 /* This magic number is used in glibc for posix shared memory */
26878 -#define TMPFS_MAGIC 0x01021994
26880 #define ENTRIES_PER_PAGE (PAGE_CACHE_SIZE/sizeof(unsigned long))
26881 #define ENTRIES_PER_PAGEPAGE (ENTRIES_PER_PAGE*ENTRIES_PER_PAGE)
26882 @@ -1773,7 +1772,7 @@ static int shmem_statfs(struct dentry *d
26884 struct shmem_sb_info *sbinfo = SHMEM_SB(dentry->d_sb);
26886 - buf->f_type = TMPFS_MAGIC;
26887 + buf->f_type = TMPFS_SUPER_MAGIC;
26888 buf->f_bsize = PAGE_CACHE_SIZE;
26889 buf->f_namelen = NAME_MAX;
26890 spin_lock(&sbinfo->stat_lock);
26891 @@ -2341,7 +2340,7 @@ static int shmem_fill_super(struct super
26892 sb->s_maxbytes = SHMEM_MAX_BYTES;
26893 sb->s_blocksize = PAGE_CACHE_SIZE;
26894 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
26895 - sb->s_magic = TMPFS_MAGIC;
26896 + sb->s_magic = TMPFS_SUPER_MAGIC;
26897 sb->s_op = &shmem_ops;
26898 sb->s_time_gran = 1;
26899 #ifdef CONFIG_TMPFS_POSIX_ACL
26900 diff -NurpP --minimal linux-2.6.25/mm/slab.c linux-2.6.25-vs2.3.0.34.9/mm/slab.c
26901 --- linux-2.6.25/mm/slab.c 2008-04-17 12:05:44.000000000 -0400
26902 +++ linux-2.6.25-vs2.3.0.34.9/mm/slab.c 2008-04-19 15:14:52.000000000 -0400
26903 @@ -509,6 +509,8 @@ struct kmem_cache {
26904 #define STATS_INC_FREEMISS(x) do { } while (0)
26907 +#include "slab_vs.h"
26912 @@ -3344,6 +3346,7 @@ retry:
26914 obj = slab_get_obj(cachep, slabp, nodeid);
26915 check_slabp(cachep, slabp);
26916 + vx_slab_alloc(cachep, flags);
26917 l3->free_objects--;
26918 /* move slabp to correct slabp list: */
26919 list_del(&slabp->list);
26920 @@ -3416,6 +3419,7 @@ __cache_alloc_node(struct kmem_cache *ca
26921 /* ___cache_alloc_node can fall back to other nodes */
26922 ptr = ____cache_alloc_node(cachep, flags, nodeid);
26924 + vx_slab_alloc(cachep, flags);
26925 local_irq_restore(save_flags);
26926 ptr = cache_alloc_debugcheck_after(cachep, flags, ptr, caller);
26928 @@ -3587,6 +3591,7 @@ static inline void __cache_free(struct k
26931 objp = cache_free_debugcheck(cachep, objp, __builtin_return_address(0));
26932 + vx_slab_free(cachep);
26935 * Skip calling cache_free_alien() when the platform is not numa.
26936 diff -NurpP --minimal linux-2.6.25/mm/slab_vs.h linux-2.6.25-vs2.3.0.34.9/mm/slab_vs.h
26937 --- linux-2.6.25/mm/slab_vs.h 1969-12-31 19:00:00.000000000 -0500
26938 +++ linux-2.6.25-vs2.3.0.34.9/mm/slab_vs.h 2008-04-19 15:14:52.000000000 -0400
26941 +#include <linux/vserver/context.h>
26943 +#include <linux/vs_context.h>
26946 +void vx_slab_alloc(struct kmem_cache *cachep, gfp_t flags)
26948 + int what = gfp_zone(cachep->gfpflags);
26950 + if (!current->vx_info)
26953 + atomic_add(cachep->buffer_size, ¤t->vx_info->cacct.slab[what]);
26957 +void vx_slab_free(struct kmem_cache *cachep)
26959 + int what = gfp_zone(cachep->gfpflags);
26961 + if (!current->vx_info)
26964 + atomic_sub(cachep->buffer_size, ¤t->vx_info->cacct.slab[what]);
26967 diff -NurpP --minimal linux-2.6.25/mm/swapfile.c linux-2.6.25-vs2.3.0.34.9/mm/swapfile.c
26968 --- linux-2.6.25/mm/swapfile.c 2008-04-17 12:05:44.000000000 -0400
26969 +++ linux-2.6.25-vs2.3.0.34.9/mm/swapfile.c 2008-04-19 15:14:52.000000000 -0400
26971 #include <asm/pgtable.h>
26972 #include <asm/tlbflush.h>
26973 #include <linux/swapops.h>
26974 +#include <linux/vs_base.h>
26975 +#include <linux/vs_memory.h>
26977 DEFINE_SPINLOCK(swap_lock);
26978 unsigned int nr_swapfiles;
26979 @@ -1743,6 +1745,8 @@ void si_swapinfo(struct sysinfo *val)
26980 val->freeswap = nr_swap_pages + nr_to_be_unused;
26981 val->totalswap = total_swap_pages + nr_to_be_unused;
26982 spin_unlock(&swap_lock);
26983 + if (vx_flags(VXF_VIRT_MEM, 0))
26984 + vx_vsi_swapinfo(val);
26988 diff -NurpP --minimal linux-2.6.25/net/core/dev.c linux-2.6.25-vs2.3.0.34.9/net/core/dev.c
26989 --- linux-2.6.25/net/core/dev.c 2008-04-17 12:05:44.000000000 -0400
26990 +++ linux-2.6.25-vs2.3.0.34.9/net/core/dev.c 2008-04-19 15:14:52.000000000 -0400
26991 @@ -119,6 +119,7 @@
26992 #include <linux/err.h>
26993 #include <linux/ctype.h>
26994 #include <linux/if_arp.h>
26995 +#include <linux/vs_inet.h>
26997 #include "net-sysfs.h"
26999 @@ -2336,6 +2337,8 @@ static int dev_ifconf(struct net *net, c
27002 for_each_netdev(net, dev) {
27003 + if (!nx_dev_visible(current->nx_info, dev))
27005 for (i = 0; i < NPROTO; i++) {
27006 if (gifconf_list[i]) {
27008 @@ -2404,6 +2407,9 @@ static void dev_seq_printf_stats(struct
27010 struct net_device_stats *stats = dev->get_stats(dev);
27012 + if (!nx_dev_visible(current->nx_info, dev))
27015 seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu "
27016 "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n",
27017 dev->name, stats->rx_bytes, stats->rx_packets,
27018 diff -NurpP --minimal linux-2.6.25/net/core/rtnetlink.c linux-2.6.25-vs2.3.0.34.9/net/core/rtnetlink.c
27019 --- linux-2.6.25/net/core/rtnetlink.c 2008-04-17 12:05:44.000000000 -0400
27020 +++ linux-2.6.25-vs2.3.0.34.9/net/core/rtnetlink.c 2008-04-23 14:29:56.000000000 -0400
27021 @@ -669,6 +669,8 @@ static int rtnl_dump_ifinfo(struct sk_bu
27024 for_each_netdev(net, dev) {
27025 + if (!nx_dev_visible(skb->sk->sk_nx_info, dev))
27029 if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK,
27030 @@ -1202,6 +1204,9 @@ void rtmsg_ifinfo(int type, struct net_d
27031 struct sk_buff *skb;
27032 int err = -ENOBUFS;
27034 + if (!nx_dev_visible(current->nx_info, dev))
27037 skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL);
27040 diff -NurpP --minimal linux-2.6.25/net/core/sock.c linux-2.6.25-vs2.3.0.34.9/net/core/sock.c
27041 --- linux-2.6.25/net/core/sock.c 2008-04-17 12:05:44.000000000 -0400
27042 +++ linux-2.6.25-vs2.3.0.34.9/net/core/sock.c 2008-04-23 14:31:31.000000000 -0400
27043 @@ -126,6 +126,10 @@
27044 #include <linux/ipsec.h>
27046 #include <linux/filter.h>
27047 +#include <linux/vs_socket.h>
27048 +#include <linux/vs_limit.h>
27049 +#include <linux/vs_context.h>
27050 +#include <linux/vs_network.h>
27053 #include <net/tcp.h>
27054 @@ -907,6 +911,8 @@ static struct sock *sk_prot_alloc(struct
27055 if (!try_module_get(prot->owner))
27058 + sock_vx_init(sk);
27059 + sock_nx_init(sk);
27063 @@ -984,6 +990,11 @@ void sk_free(struct sock *sk)
27064 __FUNCTION__, atomic_read(&sk->sk_omem_alloc));
27066 put_net(sk->sk_net);
27068 + clr_vx_info(&sk->sk_vx_info);
27070 + clr_nx_info(&sk->sk_nx_info);
27072 sk_prot_free(sk->sk_prot_creator, sk);
27075 @@ -999,6 +1010,8 @@ struct sock *sk_clone(const struct sock
27078 get_net(newsk->sk_net);
27079 + sock_vx_init(newsk);
27080 + sock_nx_init(newsk);
27081 sk_node_init(&newsk->sk_node);
27082 sock_lock_init(newsk);
27083 bh_lock_sock(newsk);
27084 @@ -1045,6 +1058,12 @@ struct sock *sk_clone(const struct sock
27085 newsk->sk_priority = 0;
27086 atomic_set(&newsk->sk_refcnt, 2);
27088 + set_vx_info(&newsk->sk_vx_info, sk->sk_vx_info);
27089 + newsk->sk_xid = sk->sk_xid;
27090 + vx_sock_inc(newsk);
27091 + set_nx_info(&newsk->sk_nx_info, sk->sk_nx_info);
27092 + newsk->sk_nid = sk->sk_nid;
27095 * Increment the counter in the same struct proto as the master
27096 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
27097 @@ -1727,6 +1746,11 @@ void sock_init_data(struct socket *sock,
27099 sk->sk_stamp = ktime_set(-1L, 0);
27101 + set_vx_info(&sk->sk_vx_info, current->vx_info);
27102 + sk->sk_xid = vx_current_xid();
27104 + set_nx_info(&sk->sk_nx_info, current->nx_info);
27105 + sk->sk_nid = nx_current_nid();
27106 atomic_set(&sk->sk_refcnt, 1);
27107 atomic_set(&sk->sk_drops, 0);
27109 diff -NurpP --minimal linux-2.6.25/net/ipv4/af_inet.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/af_inet.c
27110 --- linux-2.6.25/net/ipv4/af_inet.c 2008-04-17 12:05:44.000000000 -0400
27111 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/af_inet.c 2008-04-19 16:08:42.000000000 -0400
27112 @@ -115,6 +115,7 @@
27113 #ifdef CONFIG_IP_MROUTE
27114 #include <linux/mroute.h>
27116 +#include <linux/vs_limit.h>
27118 DEFINE_SNMP_STAT(struct linux_mib, net_statistics) __read_mostly;
27120 @@ -317,9 +318,12 @@ lookup_protocol:
27124 + if ((protocol == IPPROTO_ICMP) &&
27125 + nx_capable(answer->capability, NXC_RAW_ICMP))
27127 if (answer->capability > 0 && !capable(answer->capability))
27128 goto out_rcu_unlock;
27131 sock->ops = answer->ops;
27132 answer_prot = answer->prot;
27133 answer_no_check = answer->no_check;
27134 @@ -433,6 +437,7 @@ int inet_bind(struct socket *sock, struc
27135 struct sockaddr_in *addr = (struct sockaddr_in *)uaddr;
27136 struct sock *sk = sock->sk;
27137 struct inet_sock *inet = inet_sk(sk);
27138 + struct nx_v4_sock_addr nsa;
27139 unsigned short snum;
27142 @@ -446,7 +451,11 @@ int inet_bind(struct socket *sock, struc
27143 if (addr_len < sizeof(struct sockaddr_in))
27146 - chk_addr_ret = inet_addr_type(&init_net, addr->sin_addr.s_addr);
27147 + err = v4_map_sock_addr(inet, addr, &nsa);
27151 + chk_addr_ret = inet_addr_type(&init_net, nsa.saddr);
27153 /* Not specified by any standard per-se, however it breaks too
27154 * many applications when removed. It is unfortunate since
27155 @@ -458,7 +467,7 @@ int inet_bind(struct socket *sock, struc
27156 err = -EADDRNOTAVAIL;
27157 if (!sysctl_ip_nonlocal_bind &&
27159 - addr->sin_addr.s_addr != htonl(INADDR_ANY) &&
27160 + nsa.saddr != htonl(INADDR_ANY) &&
27161 chk_addr_ret != RTN_LOCAL &&
27162 chk_addr_ret != RTN_MULTICAST &&
27163 chk_addr_ret != RTN_BROADCAST)
27164 @@ -483,7 +492,7 @@ int inet_bind(struct socket *sock, struc
27165 if (sk->sk_state != TCP_CLOSE || inet->num)
27166 goto out_release_sock;
27168 - inet->rcv_saddr = inet->saddr = addr->sin_addr.s_addr;
27169 + v4_set_sock_addr(inet, &nsa);
27170 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
27171 inet->saddr = 0; /* Use device */
27173 @@ -676,11 +685,13 @@ int inet_getname(struct socket *sock, st
27176 sin->sin_port = inet->dport;
27177 - sin->sin_addr.s_addr = inet->daddr;
27178 + sin->sin_addr.s_addr =
27179 + nx_map_sock_lback(sk->sk_nx_info, inet->daddr);
27181 __be32 addr = inet->rcv_saddr;
27183 addr = inet->saddr;
27184 + addr = nx_map_sock_lback(sk->sk_nx_info, addr);
27185 sin->sin_port = inet->sport;
27186 sin->sin_addr.s_addr = addr;
27188 diff -NurpP --minimal linux-2.6.25/net/ipv4/devinet.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/devinet.c
27189 --- linux-2.6.25/net/ipv4/devinet.c 2008-04-17 12:05:44.000000000 -0400
27190 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/devinet.c 2008-04-19 15:14:52.000000000 -0400
27191 @@ -421,6 +421,7 @@ struct in_device *inetdev_by_index(struc
27196 /* Called only from RTNL semaphored context. No locks. */
27198 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
27199 @@ -672,6 +673,8 @@ int devinet_ioctl(unsigned int cmd, void
27202 if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) {
27203 + struct nx_info *nxi = current->nx_info;
27205 if (tryaddrmatch) {
27206 /* Matthias Andree */
27207 /* compare label and address (4.4BSD style) */
27208 @@ -680,6 +683,8 @@ int devinet_ioctl(unsigned int cmd, void
27209 This is checked above. */
27210 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
27211 ifap = &ifa->ifa_next) {
27212 + if (!nx_v4_ifa_visible(nxi, ifa))
27214 if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
27215 sin_orig.sin_addr.s_addr ==
27216 ifa->ifa_address) {
27217 @@ -692,9 +697,12 @@ int devinet_ioctl(unsigned int cmd, void
27218 comparing just the label */
27220 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
27221 - ifap = &ifa->ifa_next)
27222 + ifap = &ifa->ifa_next) {
27223 + if (!nx_v4_ifa_visible(nxi, ifa))
27225 if (!strcmp(ifr.ifr_name, ifa->ifa_label))
27231 @@ -846,6 +854,8 @@ static int inet_gifconf(struct net_devic
27234 for (; ifa; ifa = ifa->ifa_next) {
27235 + if (!nx_v4_ifa_visible(current->nx_info, ifa))
27238 done += sizeof(ifr);
27240 @@ -1171,6 +1181,7 @@ static int inet_dump_ifaddr(struct sk_bu
27241 struct net_device *dev;
27242 struct in_device *in_dev;
27243 struct in_ifaddr *ifa;
27244 + struct sock *sk = skb->sk;
27245 int s_ip_idx, s_idx = cb->args[0];
27247 if (net != &init_net)
27248 @@ -1188,6 +1199,8 @@ static int inet_dump_ifaddr(struct sk_bu
27250 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
27251 ifa = ifa->ifa_next, ip_idx++) {
27252 + if (sk && !nx_v4_ifa_visible(sk->sk_nx_info, ifa))
27254 if (ip_idx < s_ip_idx)
27256 if (inet_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).pid,
27257 diff -NurpP --minimal linux-2.6.25/net/ipv4/fib_hash.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/fib_hash.c
27258 --- linux-2.6.25/net/ipv4/fib_hash.c 2008-04-17 12:05:44.000000000 -0400
27259 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/fib_hash.c 2008-04-19 15:14:52.000000000 -0400
27260 @@ -1025,7 +1025,7 @@ static int fib_seq_show(struct seq_file
27261 prefix = f->fn_key;
27262 mask = FZ_MASK(iter->zone);
27263 flags = fib_flag_trans(fa->fa_type, mask, fi);
27265 + if (fi && nx_dev_visible(current->nx_info, fi->fib_dev))
27266 snprintf(bf, sizeof(bf),
27267 "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u",
27268 fi->fib_dev ? fi->fib_dev->name : "*", prefix,
27269 diff -NurpP --minimal linux-2.6.25/net/ipv4/inet_connection_sock.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/inet_connection_sock.c
27270 --- linux-2.6.25/net/ipv4/inet_connection_sock.c 2008-04-17 12:05:44.000000000 -0400
27271 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/inet_connection_sock.c 2008-04-19 15:14:52.000000000 -0400
27272 @@ -47,10 +47,40 @@ void inet_get_local_port_range(int *low,
27274 EXPORT_SYMBOL(inet_get_local_port_range);
27276 +int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
27278 + __be32 sk1_rcv_saddr = inet_rcv_saddr(sk1),
27279 + sk2_rcv_saddr = inet_rcv_saddr(sk2);
27281 + if (inet_v6_ipv6only(sk2))
27284 + if (sk1_rcv_saddr &&
27286 + sk1_rcv_saddr == sk2_rcv_saddr)
27289 + if (sk1_rcv_saddr &&
27290 + !sk2_rcv_saddr &&
27291 + v4_addr_in_nx_info(sk2->sk_nx_info, sk1_rcv_saddr, NXA_MASK_BIND))
27294 + if (sk2_rcv_saddr &&
27295 + !sk1_rcv_saddr &&
27296 + v4_addr_in_nx_info(sk1->sk_nx_info, sk2_rcv_saddr, NXA_MASK_BIND))
27299 + if (!sk1_rcv_saddr &&
27300 + !sk2_rcv_saddr &&
27301 + nx_v4_addr_conflict(sk1->sk_nx_info, sk2->sk_nx_info))
27307 int inet_csk_bind_conflict(const struct sock *sk,
27308 const struct inet_bind_bucket *tb)
27310 - const __be32 sk_rcv_saddr = inet_rcv_saddr(sk);
27312 struct hlist_node *node;
27313 int reuse = sk->sk_reuse;
27314 @@ -63,9 +93,7 @@ int inet_csk_bind_conflict(const struct
27315 sk->sk_bound_dev_if == sk2->sk_bound_dev_if)) {
27316 if (!reuse || !sk2->sk_reuse ||
27317 sk2->sk_state == TCP_LISTEN) {
27318 - const __be32 sk2_rcv_saddr = inet_rcv_saddr(sk2);
27319 - if (!sk2_rcv_saddr || !sk_rcv_saddr ||
27320 - sk2_rcv_saddr == sk_rcv_saddr)
27321 + if (ipv4_rcv_saddr_equal(sk, sk2))
27325 diff -NurpP --minimal linux-2.6.25/net/ipv4/inet_diag.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/inet_diag.c
27326 --- linux-2.6.25/net/ipv4/inet_diag.c 2008-04-17 12:05:44.000000000 -0400
27327 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/inet_diag.c 2008-04-19 16:05:51.000000000 -0400
27329 #include <linux/stddef.h>
27331 #include <linux/inet_diag.h>
27332 +#include <linux/vs_network.h>
27333 +#include <linux/vs_inet.h>
27335 static const struct inet_diag_handler **inet_diag_table;
27337 @@ -122,8 +124,8 @@ static int inet_csk_diag_fill(struct soc
27339 r->id.idiag_sport = inet->sport;
27340 r->id.idiag_dport = inet->dport;
27341 - r->id.idiag_src[0] = inet->rcv_saddr;
27342 - r->id.idiag_dst[0] = inet->daddr;
27343 + r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info, inet->rcv_saddr);
27344 + r->id.idiag_dst[0] = nx_map_sock_lback(sk->sk_nx_info, inet->daddr);
27346 #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
27347 if (r->idiag_family == AF_INET6) {
27348 @@ -210,8 +212,8 @@ static int inet_twsk_diag_fill(struct in
27349 r->id.idiag_cookie[1] = (u32)(((unsigned long)tw >> 31) >> 1);
27350 r->id.idiag_sport = tw->tw_sport;
27351 r->id.idiag_dport = tw->tw_dport;
27352 - r->id.idiag_src[0] = tw->tw_rcv_saddr;
27353 - r->id.idiag_dst[0] = tw->tw_daddr;
27354 + r->id.idiag_src[0] = nx_map_sock_lback(tw->tw_nx_info, tw->tw_rcv_saddr);
27355 + r->id.idiag_dst[0] = nx_map_sock_lback(tw->tw_nx_info, tw->tw_daddr);
27356 r->idiag_state = tw->tw_substate;
27357 r->idiag_timer = 3;
27358 r->idiag_expires = DIV_ROUND_UP(tmo * 1000, HZ);
27359 @@ -268,6 +270,7 @@ static int inet_diag_get_exact(struct sk
27362 if (req->idiag_family == AF_INET) {
27363 + /* TODO: lback */
27364 sk = inet_lookup(&init_net, hashinfo, req->id.idiag_dst[0],
27365 req->id.idiag_dport, req->id.idiag_src[0],
27366 req->id.idiag_sport, req->id.idiag_if);
27367 @@ -510,6 +513,7 @@ static int inet_csk_diag_dump(struct soc
27371 + /* TODO: lback */
27372 entry.saddr = &inet->rcv_saddr;
27373 entry.daddr = &inet->daddr;
27375 @@ -546,6 +550,7 @@ static int inet_twsk_diag_dump(struct in
27379 + /* TODO: lback */
27380 entry.saddr = &tw->tw_rcv_saddr;
27381 entry.daddr = &tw->tw_daddr;
27383 @@ -592,8 +597,8 @@ static int inet_diag_fill_req(struct sk_
27385 r->id.idiag_sport = inet->sport;
27386 r->id.idiag_dport = ireq->rmt_port;
27387 - r->id.idiag_src[0] = ireq->loc_addr;
27388 - r->id.idiag_dst[0] = ireq->rmt_addr;
27389 + r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info, ireq->loc_addr);
27390 + r->id.idiag_dst[0] = nx_map_sock_lback(sk->sk_nx_info, ireq->rmt_addr);
27391 r->idiag_expires = jiffies_to_msecs(tmo);
27392 r->idiag_rqueue = 0;
27393 r->idiag_wqueue = 0;
27394 @@ -663,6 +668,7 @@ static int inet_diag_dump_reqs(struct sk
27398 + /* TODO: lback */
27400 #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
27401 (entry.family == AF_INET6) ?
27402 @@ -731,6 +737,8 @@ static int inet_diag_dump(struct sk_buff
27403 sk_for_each(sk, node, &hashinfo->listening_hash[i]) {
27404 struct inet_sock *inet = inet_sk(sk);
27406 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
27411 @@ -792,6 +800,8 @@ skip_listen_ht:
27412 sk_for_each(sk, node, &head->chain) {
27413 struct inet_sock *inet = inet_sk(sk);
27415 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
27419 if (!(r->idiag_states & (1 << sk->sk_state)))
27420 @@ -816,6 +826,8 @@ next_normal:
27421 inet_twsk_for_each(tw, node,
27424 + if (!nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))
27428 if (r->id.idiag_sport != tw->tw_sport &&
27429 diff -NurpP --minimal linux-2.6.25/net/ipv4/inet_hashtables.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/inet_hashtables.c
27430 --- linux-2.6.25/net/ipv4/inet_hashtables.c 2008-04-17 12:05:44.000000000 -0400
27431 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/inet_hashtables.c 2008-04-19 15:14:52.000000000 -0400
27434 #include <net/inet_connection_sock.h>
27435 #include <net/inet_hashtables.h>
27436 +#include <net/route.h>
27437 #include <net/ip.h>
27440 @@ -144,11 +145,10 @@ static struct sock *inet_lookup_listener
27441 const __be32 rcv_saddr = inet->rcv_saddr;
27442 int score = sk->sk_family == PF_INET ? 1 : 0;
27445 - if (rcv_saddr != daddr)
27447 + if (v4_inet_addr_match(sk->sk_nx_info, daddr, rcv_saddr))
27452 if (sk->sk_bound_dev_if) {
27453 if (sk->sk_bound_dev_if != dif)
27455 @@ -180,7 +180,7 @@ struct sock *__inet_lookup_listener(stru
27456 const struct inet_sock *inet = inet_sk((sk = __sk_head(head)));
27458 if (inet->num == hnum && !sk->sk_node.next &&
27459 - (!inet->rcv_saddr || inet->rcv_saddr == daddr) &&
27460 + v4_inet_addr_match(sk->sk_nx_info, daddr, inet->rcv_saddr) &&
27461 (sk->sk_family == PF_INET || !ipv6_only_sock(sk)) &&
27462 !sk->sk_bound_dev_if && sk->sk_net == net)
27464 diff -NurpP --minimal linux-2.6.25/net/ipv4/netfilter/nf_nat_helper.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/netfilter/nf_nat_helper.c
27465 --- linux-2.6.25/net/ipv4/netfilter/nf_nat_helper.c 2008-04-17 12:05:45.000000000 -0400
27466 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/netfilter/nf_nat_helper.c 2008-04-19 15:14:52.000000000 -0400
27468 #include <net/tcp.h>
27470 #include <linux/netfilter_ipv4.h>
27471 +#include <net/route.h>
27472 #include <net/netfilter/nf_conntrack.h>
27473 #include <net/netfilter/nf_conntrack_helper.h>
27474 #include <net/netfilter/nf_conntrack_ecache.h>
27475 diff -NurpP --minimal linux-2.6.25/net/ipv4/netfilter.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/netfilter.c
27476 --- linux-2.6.25/net/ipv4/netfilter.c 2008-04-17 12:05:45.000000000 -0400
27477 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/netfilter.c 2008-04-19 15:14:52.000000000 -0400
27479 #include <linux/netfilter_ipv4.h>
27480 #include <linux/ip.h>
27481 #include <linux/skbuff.h>
27482 -#include <net/route.h>
27483 +// #include <net/route.h>
27484 #include <net/xfrm.h>
27485 #include <net/ip.h>
27486 #include <net/netfilter/nf_queue.h>
27487 diff -NurpP --minimal linux-2.6.25/net/ipv4/raw.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/raw.c
27488 --- linux-2.6.25/net/ipv4/raw.c 2008-04-17 12:05:45.000000000 -0400
27489 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/raw.c 2008-04-29 20:28:52.000000000 -0400
27490 @@ -126,7 +126,7 @@ static struct sock *__raw_v4_lookup(stru
27492 if (sk->sk_net == net && inet->num == num &&
27493 !(inet->daddr && inet->daddr != raddr) &&
27494 - !(inet->rcv_saddr && inet->rcv_saddr != laddr) &&
27495 + v4_sock_addr_match(sk->sk_nx_info, inet, laddr) &&
27496 !(sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif))
27497 goto found; /* gotcha */
27499 @@ -382,6 +382,12 @@ static int raw_send_hdrinc(struct sock *
27500 icmp_out_count(((struct icmphdr *)
27501 skb_transport_header(skb))->type);
27504 + if (!nx_check(0, VS_ADMIN) && !capable(CAP_NET_RAW) &&
27505 + sk->sk_nx_info &&
27506 + !v4_addr_in_nx_info(sk->sk_nx_info, iph->saddr, NXA_MASK_BIND))
27509 err = NF_HOOK(PF_INET, NF_INET_LOCAL_OUT, skb, NULL, rt->u.dst.dev,
27512 @@ -393,6 +399,7 @@ out:
27519 IP_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
27520 @@ -560,6 +567,13 @@ static int raw_sendmsg(struct kiocb *ioc
27523 security_sk_classify_flow(sk, &fl);
27524 + if (sk->sk_nx_info) {
27525 + err = ip_v4_find_src(sk->sk_net,
27526 + sk->sk_nx_info, &rt, &fl);
27531 err = ip_route_output_flow(&init_net, &rt, &fl, sk, 1);
27534 @@ -622,17 +636,19 @@ static int raw_bind(struct sock *sk, str
27536 struct inet_sock *inet = inet_sk(sk);
27537 struct sockaddr_in *addr = (struct sockaddr_in *) uaddr;
27538 + struct nx_v4_sock_addr nsa = { 0 };
27542 if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_in))
27544 - chk_addr_ret = inet_addr_type(sk->sk_net, addr->sin_addr.s_addr);
27545 + v4_map_sock_addr(inet, addr, &nsa);
27546 + chk_addr_ret = inet_addr_type(sk->sk_net, nsa.saddr);
27547 ret = -EADDRNOTAVAIL;
27548 - if (addr->sin_addr.s_addr && chk_addr_ret != RTN_LOCAL &&
27549 + if (nsa.saddr && chk_addr_ret != RTN_LOCAL &&
27550 chk_addr_ret != RTN_MULTICAST && chk_addr_ret != RTN_BROADCAST)
27552 - inet->rcv_saddr = inet->saddr = addr->sin_addr.s_addr;
27553 + v4_set_sock_addr(inet, &nsa);
27554 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
27555 inet->saddr = 0; /* Use device */
27557 @@ -684,7 +700,8 @@ static int raw_recvmsg(struct kiocb *ioc
27558 /* Copy the address. */
27560 sin->sin_family = AF_INET;
27561 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
27562 + sin->sin_addr.s_addr =
27563 + nx_map_sock_lback(sk->sk_nx_info, ip_hdr(skb)->saddr);
27565 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
27567 @@ -862,7 +879,8 @@ static struct sock *raw_get_first(struct
27568 struct hlist_node *node;
27570 sk_for_each(sk, node, &state->h->ht[state->bucket])
27571 - if (sk->sk_net == state->p.net)
27572 + if ((sk->sk_net == state->p.net) &&
27573 + nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
27577 @@ -878,7 +896,8 @@ static struct sock *raw_get_next(struct
27581 - } while (sk && sk->sk_net != state->p.net);
27582 + } while (sk && ((sk->sk_net != state->p.net) ||
27583 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)));
27585 if (!sk && ++state->bucket < RAW_HTABLE_SIZE) {
27586 sk = sk_head(&state->h->ht[state->bucket]);
27587 @@ -937,7 +956,10 @@ static void raw_sock_seq_show(struct seq
27589 seq_printf(seq, "%4d: %08X:%04X %08X:%04X"
27590 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %d",
27591 - i, src, srcp, dest, destp, sp->sk_state,
27593 + nx_map_sock_lback(current_nx_info(), src), srcp,
27594 + nx_map_sock_lback(current_nx_info(), dest), destp,
27596 atomic_read(&sp->sk_wmem_alloc),
27597 atomic_read(&sp->sk_rmem_alloc),
27598 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
27599 diff -NurpP --minimal linux-2.6.25/net/ipv4/syncookies.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/syncookies.c
27600 --- linux-2.6.25/net/ipv4/syncookies.c 2008-04-17 12:05:45.000000000 -0400
27601 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/syncookies.c 2008-04-19 15:14:52.000000000 -0400
27603 #include <linux/cryptohash.h>
27604 #include <linux/kernel.h>
27605 #include <net/tcp.h>
27606 +#include <net/route.h>
27608 extern int sysctl_tcp_syncookies;
27610 diff -NurpP --minimal linux-2.6.25/net/ipv4/tcp.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/tcp.c
27611 --- linux-2.6.25/net/ipv4/tcp.c 2008-04-17 12:05:45.000000000 -0400
27612 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/tcp.c 2008-04-19 15:14:52.000000000 -0400
27613 @@ -263,6 +263,7 @@
27614 #include <linux/cache.h>
27615 #include <linux/err.h>
27616 #include <linux/crypto.h>
27617 +#include <linux/in.h>
27619 #include <net/icmp.h>
27620 #include <net/tcp.h>
27621 diff -NurpP --minimal linux-2.6.25/net/ipv4/tcp_ipv4.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/tcp_ipv4.c
27622 --- linux-2.6.25/net/ipv4/tcp_ipv4.c 2008-04-17 12:05:45.000000000 -0400
27623 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/tcp_ipv4.c 2008-04-19 15:14:52.000000000 -0400
27624 @@ -1965,6 +1965,12 @@ static void *listening_get_next(struct s
27625 req = req->dl_next;
27628 + vxdprintk(VXD_CBIT(net, 6),
27629 + "sk,req: %p [#%d] (from %d)", req->sk,
27630 + (req->sk)?req->sk->sk_nid:0, nx_current_nid());
27632 + !nx_check(req->sk->sk_nid, VS_WATCH_P | VS_IDENT))
27634 if (req->rsk_ops->family == st->family) {
27637 @@ -1989,6 +1995,10 @@ get_req:
27640 sk_for_each_from(sk, node) {
27641 + vxdprintk(VXD_CBIT(net, 6), "sk: %p [#%d] (from %d)",
27642 + sk, sk->sk_nid, nx_current_nid());
27643 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
27645 if (sk->sk_family == st->family) {
27648 @@ -2038,18 +2048,26 @@ static void *established_get_first(struc
27650 read_lock_bh(lock);
27651 sk_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
27652 - if (sk->sk_family != st->family) {
27653 + vxdprintk(VXD_CBIT(net, 6),
27654 + "sk,egf: %p [#%d] (from %d)",
27655 + sk, sk->sk_nid, nx_current_nid());
27656 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
27658 + if (sk->sk_family != st->family)
27664 st->state = TCP_SEQ_STATE_TIME_WAIT;
27665 inet_twsk_for_each(tw, node,
27666 &tcp_hashinfo.ehash[st->bucket].twchain) {
27667 - if (tw->tw_family != st->family) {
27668 + vxdprintk(VXD_CBIT(net, 6),
27669 + "tw: %p [#%d] (from %d)",
27670 + tw, tw->tw_nid, nx_current_nid());
27671 + if (!nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))
27673 + if (tw->tw_family != st->family)
27679 @@ -2073,7 +2091,8 @@ static void *established_get_next(struct
27683 - while (tw && tw->tw_family != st->family) {
27684 + while (tw && (tw->tw_family != st->family ||
27685 + !nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))) {
27689 @@ -2094,6 +2113,11 @@ get_tw:
27692 sk_for_each_from(sk, node) {
27693 + vxdprintk(VXD_CBIT(net, 6),
27694 + "sk,egn: %p [#%d] (from %d)",
27695 + sk, sk->sk_nid, nx_current_nid());
27696 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
27698 if (sk->sk_family == st->family)
27701 @@ -2266,9 +2290,9 @@ static void get_openreq4(struct sock *sk
27702 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
27703 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p",
27706 + nx_map_sock_lback(current_nx_info(), ireq->loc_addr),
27707 ntohs(inet_sk(sk)->sport),
27709 + nx_map_sock_lback(current_nx_info(), ireq->rmt_addr),
27710 ntohs(ireq->rmt_port),
27712 0, 0, /* could print option size, but that is af dependent. */
27713 @@ -2310,7 +2334,10 @@ static void get_tcp4_sock(struct sock *s
27715 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
27716 "%08X %5d %8d %lu %d %p %u %u %u %u %d",
27717 - i, src, srcp, dest, destp, sk->sk_state,
27719 + nx_map_sock_lback(current_nx_info(), src), srcp,
27720 + nx_map_sock_lback(current_nx_info(), dest), destp,
27722 tp->write_seq - tp->snd_una,
27723 sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
27724 (tp->rcv_nxt - tp->copied_seq),
27725 @@ -2345,7 +2372,10 @@ static void get_timewait4_sock(struct in
27727 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
27728 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p",
27729 - i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
27731 + nx_map_sock_lback(current_nx_info(), src), srcp,
27732 + nx_map_sock_lback(current_nx_info(), dest), destp,
27733 + tw->tw_substate, 0, 0,
27734 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
27735 atomic_read(&tw->tw_refcnt), tw);
27737 diff -NurpP --minimal linux-2.6.25/net/ipv4/tcp_minisocks.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/tcp_minisocks.c
27738 --- linux-2.6.25/net/ipv4/tcp_minisocks.c 2008-04-17 11:31:40.000000000 -0400
27739 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/tcp_minisocks.c 2008-04-19 15:14:52.000000000 -0400
27741 #include <net/inet_common.h>
27742 #include <net/xfrm.h>
27744 +#include <linux/vs_limit.h>
27745 +#include <linux/vs_socket.h>
27746 +#include <linux/vs_context.h>
27748 #ifdef CONFIG_SYSCTL
27749 #define SYNC_INIT 0 /* let the user enable it */
27751 @@ -293,6 +297,11 @@ void tcp_time_wait(struct sock *sk, int
27752 tcptw->tw_ts_recent = tp->rx_opt.ts_recent;
27753 tcptw->tw_ts_recent_stamp = tp->rx_opt.ts_recent_stamp;
27755 + tw->tw_xid = sk->sk_xid;
27756 + tw->tw_vx_info = NULL;
27757 + tw->tw_nid = sk->sk_nid;
27758 + tw->tw_nx_info = NULL;
27760 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
27761 if (tw->tw_family == PF_INET6) {
27762 struct ipv6_pinfo *np = inet6_sk(sk);
27763 diff -NurpP --minimal linux-2.6.25/net/ipv4/udp.c linux-2.6.25-vs2.3.0.34.9/net/ipv4/udp.c
27764 --- linux-2.6.25/net/ipv4/udp.c 2008-04-17 12:05:45.000000000 -0400
27765 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv4/udp.c 2008-04-21 12:41:01.000000000 -0400
27766 @@ -246,14 +246,7 @@ int udp_get_port(struct sock *sk, unsign
27767 return __udp_lib_get_port(sk, snum, udp_hash, scmp);
27770 -int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
27772 - struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2);
27774 - return ( !ipv6_only_sock(sk2) &&
27775 - (!inet1->rcv_saddr || !inet2->rcv_saddr ||
27776 - inet1->rcv_saddr == inet2->rcv_saddr ));
27778 +extern int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2);
27780 static inline int udp_v4_get_port(struct sock *sk, unsigned short snum)
27782 @@ -273,16 +266,23 @@ static struct sock *__udp4_lib_lookup(st
27785 read_lock(&udp_hash_lock);
27787 sk_for_each(sk, node, &udptable[hnum & (UDP_HTABLE_SIZE - 1)]) {
27788 struct inet_sock *inet = inet_sk(sk);
27790 if (sk->sk_net == net && sk->sk_hash == hnum &&
27791 !ipv6_only_sock(sk)) {
27792 int score = (sk->sk_family == PF_INET ? 1 : 0);
27794 if (inet->rcv_saddr) {
27795 if (inet->rcv_saddr != daddr)
27799 + /* block non nx_info ips */
27800 + if (!v4_addr_in_nx_info(sk->sk_nx_info,
27801 + daddr, NXA_MASK_BIND))
27805 if (inet->daddr != saddr)
27806 @@ -308,6 +308,7 @@ static struct sock *__udp4_lib_lookup(st
27813 read_unlock(&udp_hash_lock);
27814 @@ -329,7 +330,7 @@ static inline struct sock *udp_v4_mcast_
27815 if (s->sk_hash != hnum ||
27816 (inet->daddr && inet->daddr != rmt_addr) ||
27817 (inet->dport != rmt_port && inet->dport) ||
27818 - (inet->rcv_saddr && inet->rcv_saddr != loc_addr) ||
27819 + !v4_sock_addr_match(sk->sk_nx_info, inet, loc_addr) ||
27820 ipv6_only_sock(s) ||
27821 (s->sk_bound_dev_if && s->sk_bound_dev_if != dif))
27823 @@ -662,7 +663,15 @@ int udp_sendmsg(struct kiocb *iocb, stru
27824 .uli_u = { .ports =
27825 { .sport = inet->sport,
27826 .dport = dport } } };
27827 + struct nx_info *nxi = sk->sk_nx_info;
27828 + struct net *net = sk->sk_net;
27830 security_sk_classify_flow(sk, &fl);
27832 + err = ip_v4_find_src(net, nxi, &rt, &fl);
27836 err = ip_route_output_flow(&init_net, &rt, &fl, sk, 1);
27838 if (err == -ENETUNREACH)
27839 @@ -905,7 +914,8 @@ try_again:
27841 sin->sin_family = AF_INET;
27842 sin->sin_port = udp_hdr(skb)->source;
27843 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
27844 + sin->sin_addr.s_addr = nx_map_sock_lback(
27845 + skb->sk->sk_nx_info, ip_hdr(skb)->saddr);
27846 memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
27848 if (inet->cmsg_flags)
27849 @@ -1516,7 +1526,8 @@ static struct sock *udp_get_first(struct
27850 for (state->bucket = 0; state->bucket < UDP_HTABLE_SIZE; ++state->bucket) {
27851 struct hlist_node *node;
27852 sk_for_each(sk, node, state->hashtable + state->bucket) {
27853 - if (sk->sk_family == state->family)
27854 + if (sk->sk_family == state->family &&
27855 + nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
27859 @@ -1533,7 +1544,8 @@ static struct sock *udp_get_next(struct
27863 - } while (sk && sk->sk_family != state->family);
27864 + } while (sk && (sk->sk_family != state->family ||
27865 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)));
27867 if (!sk && ++state->bucket < UDP_HTABLE_SIZE) {
27868 sk = sk_head(state->hashtable + state->bucket);
27869 @@ -1648,7 +1660,10 @@ static void udp4_format_sock(struct sock
27871 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
27872 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p",
27873 - bucket, src, srcp, dest, destp, sp->sk_state,
27875 + nx_map_sock_lback(current_nx_info(), src), srcp,
27876 + nx_map_sock_lback(current_nx_info(), dest), destp,
27878 atomic_read(&sp->sk_wmem_alloc),
27879 atomic_read(&sp->sk_rmem_alloc),
27880 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
27881 diff -NurpP --minimal linux-2.6.25/net/ipv6/addrconf.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/addrconf.c
27882 --- linux-2.6.25/net/ipv6/addrconf.c 2008-04-17 12:05:45.000000000 -0400
27883 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/addrconf.c 2008-04-19 16:44:23.000000000 -0400
27886 #include <linux/proc_fs.h>
27887 #include <linux/seq_file.h>
27888 +#include <linux/vs_network.h>
27889 +#include <linux/vs_inet6.h>
27891 /* Set to 3 to get tracing... */
27892 #define ACONF_DEBUG 2
27893 @@ -918,7 +920,8 @@ static inline int ipv6_saddr_preferred(i
27896 int ipv6_dev_get_saddr(struct net_device *daddr_dev,
27897 - struct in6_addr *daddr, struct in6_addr *saddr)
27898 + struct in6_addr *daddr, struct in6_addr *saddr,
27899 + struct nx_info *nxi)
27901 struct ipv6_saddr_score hiscore;
27902 struct inet6_ifaddr *ifa_result = NULL;
27903 @@ -964,6 +967,10 @@ int ipv6_dev_get_saddr(struct net_device
27905 score.addr_type = __ipv6_addr_type(&ifa->addr);
27907 + /* Use only addresses assigned to the context */
27908 + if (!v6_ifa_in_nx_info(ifa, nxi))
27912 * - Tentative Address (RFC2462 section 5.4)
27913 * - A tentative address is not considered
27914 @@ -1181,9 +1188,10 @@ record_it:
27917 int ipv6_get_saddr(struct dst_entry *dst,
27918 - struct in6_addr *daddr, struct in6_addr *saddr)
27919 + struct in6_addr *daddr, struct in6_addr *saddr,
27920 + struct nx_info *nxi)
27922 - return ipv6_dev_get_saddr(dst ? ip6_dst_idev(dst)->dev : NULL, daddr, saddr);
27923 + return ipv6_dev_get_saddr(dst ? ip6_dst_idev(dst)->dev : NULL, daddr, saddr, nxi);
27926 EXPORT_SYMBOL(ipv6_get_saddr);
27927 @@ -1287,35 +1295,46 @@ struct inet6_ifaddr *ipv6_get_ifaddr(str
27931 +extern int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2);
27933 int ipv6_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2)
27935 const struct in6_addr *sk_rcv_saddr6 = &inet6_sk(sk)->rcv_saddr;
27936 const struct in6_addr *sk2_rcv_saddr6 = inet6_rcv_saddr(sk2);
27937 - __be32 sk_rcv_saddr = inet_sk(sk)->rcv_saddr;
27938 __be32 sk2_rcv_saddr = inet_rcv_saddr(sk2);
27939 int sk_ipv6only = ipv6_only_sock(sk);
27940 int sk2_ipv6only = inet_v6_ipv6only(sk2);
27941 int addr_type = ipv6_addr_type(sk_rcv_saddr6);
27942 int addr_type2 = sk2_rcv_saddr6 ? ipv6_addr_type(sk2_rcv_saddr6) : IPV6_ADDR_MAPPED;
27944 - if (!sk2_rcv_saddr && !sk_ipv6only)
27945 + /* FIXME: needs handling for v4 ANY */
27946 + if (!sk2_rcv_saddr && !sk_ipv6only && !sk2->sk_nx_info)
27949 if (addr_type2 == IPV6_ADDR_ANY &&
27950 - !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED))
27951 + !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED) &&
27952 + v6_addr_in_nx_info(sk2->sk_nx_info, sk_rcv_saddr6, -1))
27955 if (addr_type == IPV6_ADDR_ANY &&
27956 - !(sk_ipv6only && addr_type2 == IPV6_ADDR_MAPPED))
27957 + !(sk_ipv6only && addr_type2 == IPV6_ADDR_MAPPED) &&
27958 + (sk2_rcv_saddr6 && v6_addr_in_nx_info(sk->sk_nx_info, sk2_rcv_saddr6, -1)))
27961 + if (addr_type == IPV6_ADDR_ANY &&
27962 + addr_type2 == IPV6_ADDR_ANY &&
27963 + nx_v6_addr_conflict(sk->sk_nx_info, sk2->sk_nx_info))
27966 if (sk2_rcv_saddr6 &&
27967 + addr_type != IPV6_ADDR_ANY &&
27968 + addr_type != IPV6_ADDR_ANY &&
27969 ipv6_addr_equal(sk_rcv_saddr6, sk2_rcv_saddr6))
27972 if (addr_type == IPV6_ADDR_MAPPED &&
27974 - (!sk2_rcv_saddr || !sk_rcv_saddr || sk_rcv_saddr == sk2_rcv_saddr))
27975 + ipv4_rcv_saddr_equal(sk, sk2))
27979 @@ -2846,7 +2865,10 @@ static void if6_seq_stop(struct seq_file
27980 static int if6_seq_show(struct seq_file *seq, void *v)
27982 struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v;
27985 + if (nx_check(0, VS_ADMIN|VS_WATCH) ||
27986 + v6_addr_in_nx_info(current_nx_info(), &ifp->addr, -1))
27988 NIP6_SEQFMT " %02x %02x %02x %02x %8s\n",
27990 ifp->idev->dev->ifindex,
27991 @@ -3337,6 +3359,11 @@ static int inet6_dump_addr(struct sk_buf
27992 struct inet6_ifaddr *ifa;
27993 struct ifmcaddr6 *ifmca;
27994 struct ifacaddr6 *ifaca;
27995 + struct nx_info *nxi = skb->sk ? skb->sk->sk_nx_info : NULL;
27997 + /* disable ipv6 on non v6 guests */
27998 + if (nxi && !nx_info_has_v6(nxi))
28001 s_idx = cb->args[0];
28002 s_ip_idx = ip_idx = cb->args[1];
28003 @@ -3358,6 +3385,8 @@ static int inet6_dump_addr(struct sk_buf
28004 ifa = ifa->if_next, ip_idx++) {
28005 if (ip_idx < s_ip_idx)
28007 + if (!v6_addr_in_nx_info(nxi, &ifa->addr, -1))
28009 err = inet6_fill_ifaddr(skb, ifa,
28010 NETLINK_CB(cb->skb).pid,
28011 cb->nlh->nlmsg_seq,
28012 @@ -3371,6 +3400,8 @@ static int inet6_dump_addr(struct sk_buf
28013 ifmca = ifmca->next, ip_idx++) {
28014 if (ip_idx < s_ip_idx)
28016 + if (!v6_addr_in_nx_info(nxi, &ifa->addr, -1))
28018 err = inet6_fill_ifmcaddr(skb, ifmca,
28019 NETLINK_CB(cb->skb).pid,
28020 cb->nlh->nlmsg_seq,
28021 @@ -3384,6 +3415,8 @@ static int inet6_dump_addr(struct sk_buf
28022 ifaca = ifaca->aca_next, ip_idx++) {
28023 if (ip_idx < s_ip_idx)
28025 + if (!v6_addr_in_nx_info(nxi, &ifa->addr, -1))
28027 err = inet6_fill_ifacaddr(skb, ifaca,
28028 NETLINK_CB(cb->skb).pid,
28029 cb->nlh->nlmsg_seq,
28030 @@ -3678,6 +3711,11 @@ static int inet6_dump_ifinfo(struct sk_b
28031 int s_idx = cb->args[0];
28032 struct net_device *dev;
28033 struct inet6_dev *idev;
28034 + struct nx_info *nxi = skb->sk ? skb->sk->sk_nx_info : NULL;
28036 + /* FIXME: maybe disable ipv6 on non v6 guests?
28037 + if (skb->sk && skb->sk->sk_vx_info)
28038 + return skb->len; */
28040 if (net != &init_net)
28042 @@ -3687,6 +3725,8 @@ static int inet6_dump_ifinfo(struct sk_b
28043 for_each_netdev(&init_net, dev) {
28046 + if (!v6_dev_in_nx_info(dev, nxi))
28048 if ((idev = in6_dev_get(dev)) == NULL)
28050 err = inet6_fill_ifinfo(skb, idev, NETLINK_CB(cb->skb).pid,
28051 diff -NurpP --minimal linux-2.6.25/net/ipv6/af_inet6.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/af_inet6.c
28052 --- linux-2.6.25/net/ipv6/af_inet6.c 2008-04-17 12:05:45.000000000 -0400
28053 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/af_inet6.c 2008-04-19 15:14:52.000000000 -0400
28055 #include <linux/netdevice.h>
28056 #include <linux/icmpv6.h>
28057 #include <linux/netfilter_ipv6.h>
28058 +#include <linux/vs_inet.h>
28059 +#include <linux/vs_inet6.h>
28061 #include <net/ip.h>
28062 #include <net/ipv6.h>
28064 #include <net/tcp.h>
28065 #include <net/ipip.h>
28066 #include <net/protocol.h>
28067 +#include <net/route.h>
28068 #include <net/inet_common.h>
28069 #include <net/transp_v6.h>
28070 #include <net/ip6_route.h>
28071 @@ -148,9 +151,12 @@ lookup_protocol:
28075 + if ((protocol == IPPROTO_ICMPV6) &&
28076 + nx_capable(answer->capability, NXC_RAW_ICMP))
28078 if (answer->capability > 0 && !capable(answer->capability))
28079 goto out_rcu_unlock;
28082 sock->ops = answer->ops;
28083 answer_prot = answer->prot;
28084 answer_no_check = answer->no_check;
28085 @@ -248,6 +254,7 @@ int inet6_bind(struct socket *sock, stru
28086 struct sock *sk = sock->sk;
28087 struct inet_sock *inet = inet_sk(sk);
28088 struct ipv6_pinfo *np = inet6_sk(sk);
28089 + struct nx_v6_sock_addr nsa;
28091 unsigned short snum;
28093 @@ -259,6 +266,11 @@ int inet6_bind(struct socket *sock, stru
28095 if (addr_len < SIN6_LEN_RFC2133)
28098 + err = v6_map_sock_addr(inet, addr, &nsa);
28102 addr_type = ipv6_addr_type(&addr->sin6_addr);
28103 if ((addr_type & IPV6_ADDR_MULTICAST) && sock->type == SOCK_STREAM)
28105 @@ -282,6 +294,10 @@ int inet6_bind(struct socket *sock, stru
28106 err = -EADDRNOTAVAIL;
28109 + if (!v4_addr_in_nx_info(sk->sk_nx_info, v4addr, NXA_MASK_BIND)) {
28110 + err = -EADDRNOTAVAIL;
28114 if (addr_type != IPV6_ADDR_ANY) {
28115 struct net_device *dev = NULL;
28116 @@ -307,6 +323,11 @@ int inet6_bind(struct socket *sock, stru
28120 + if (!v6_addr_in_nx_info(sk->sk_nx_info, &addr->sin6_addr, -1)) {
28121 + err = -EADDRNOTAVAIL;
28125 /* ipv4 addr of the socket is invalid. Only the
28126 * unspecified and mapped address have a v4 equivalent.
28128 @@ -325,6 +346,8 @@ int inet6_bind(struct socket *sock, stru
28132 + v6_set_sock_addr(inet, &nsa);
28134 inet->rcv_saddr = v4addr;
28135 inet->saddr = v4addr;
28137 @@ -419,9 +442,11 @@ int inet6_getname(struct socket *sock, s
28139 sin->sin6_port = inet->dport;
28140 ipv6_addr_copy(&sin->sin6_addr, &np->daddr);
28141 + /* FIXME: remap lback? */
28143 sin->sin6_flowinfo = np->flow_label;
28145 + /* FIXME: remap lback? */
28146 if (ipv6_addr_any(&np->rcv_saddr))
28147 ipv6_addr_copy(&sin->sin6_addr, &np->saddr);
28149 diff -NurpP --minimal linux-2.6.25/net/ipv6/fib6_rules.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/fib6_rules.c
28150 --- linux-2.6.25/net/ipv6/fib6_rules.c 2008-04-17 12:05:45.000000000 -0400
28151 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/fib6_rules.c 2008-04-19 15:14:52.000000000 -0400
28152 @@ -86,7 +86,7 @@ static int fib6_rule_action(struct fib_r
28153 r->src.plen && !(flags & RT6_LOOKUP_F_HAS_SADDR)) {
28154 struct in6_addr saddr;
28155 if (ipv6_get_saddr(&rt->u.dst, &flp->fl6_dst,
28159 if (!ipv6_prefix_equal(&saddr, &r->src.addr,
28161 diff -NurpP --minimal linux-2.6.25/net/ipv6/inet6_hashtables.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/inet6_hashtables.c
28162 --- linux-2.6.25/net/ipv6/inet6_hashtables.c 2008-04-17 12:05:45.000000000 -0400
28163 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/inet6_hashtables.c 2008-04-19 15:14:52.000000000 -0400
28166 #include <linux/module.h>
28167 #include <linux/random.h>
28168 +#include <linux/vs_inet6.h>
28170 #include <net/inet_connection_sock.h>
28171 #include <net/inet_hashtables.h>
28172 @@ -114,6 +115,9 @@ struct sock *inet6_lookup_listener(struc
28173 if (!ipv6_addr_equal(&np->rcv_saddr, daddr))
28177 + if (!v6_addr_in_nx_info(sk->sk_nx_info, daddr, -1))
28180 if (sk->sk_bound_dev_if) {
28181 if (sk->sk_bound_dev_if != dif)
28182 diff -NurpP --minimal linux-2.6.25/net/ipv6/ip6_output.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/ip6_output.c
28183 --- linux-2.6.25/net/ipv6/ip6_output.c 2008-04-17 12:05:45.000000000 -0400
28184 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/ip6_output.c 2008-04-19 15:14:52.000000000 -0400
28185 @@ -920,7 +920,7 @@ static int ip6_dst_lookup_tail(struct so
28186 goto out_err_release;
28188 if (ipv6_addr_any(&fl->fl6_src)) {
28189 - err = ipv6_get_saddr(*dst, &fl->fl6_dst, &fl->fl6_src);
28190 + err = ipv6_get_saddr(*dst, &fl->fl6_dst, &fl->fl6_src, sk->sk_nx_info);
28192 goto out_err_release;
28194 diff -NurpP --minimal linux-2.6.25/net/ipv6/Kconfig linux-2.6.25-vs2.3.0.34.9/net/ipv6/Kconfig
28195 --- linux-2.6.25/net/ipv6/Kconfig 2008-04-17 12:05:45.000000000 -0400
28196 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/Kconfig 2008-04-19 15:14:52.000000000 -0400
28199 # IPv6 as module will cause a CRASH if you try to unload it
28201 - tristate "The IPv6 protocol"
28203 + bool "The IPv6 protocol"
28206 This is complemental support for the IP version 6.
28207 You will still be able to do traditional IPv4 networking as well.
28208 diff -NurpP --minimal linux-2.6.25/net/ipv6/ndisc.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/ndisc.c
28209 --- linux-2.6.25/net/ipv6/ndisc.c 2008-04-17 12:05:45.000000000 -0400
28210 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/ndisc.c 2008-04-19 15:14:52.000000000 -0400
28211 @@ -563,7 +563,7 @@ static void ndisc_send_na(struct net_dev
28215 - if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
28216 + if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr, NULL))
28218 src_addr = &tmpaddr;
28220 diff -NurpP --minimal linux-2.6.25/net/ipv6/route.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/route.c
28221 --- linux-2.6.25/net/ipv6/route.c 2008-04-17 12:05:45.000000000 -0400
28222 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/route.c 2008-04-19 15:14:52.000000000 -0400
28223 @@ -2122,7 +2122,7 @@ static int rt6_fill_node(struct sk_buff
28224 NLA_PUT_U32(skb, RTA_IIF, iif);
28226 struct in6_addr saddr_buf;
28227 - if (ipv6_get_saddr(&rt->u.dst, dst, &saddr_buf) == 0)
28228 + if (ipv6_get_saddr(&rt->u.dst, dst, &saddr_buf, (skb->sk ? skb->sk->sk_nx_info : NULL)) == 0)
28229 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
28232 diff -NurpP --minimal linux-2.6.25/net/ipv6/tcp_ipv6.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/tcp_ipv6.c
28233 --- linux-2.6.25/net/ipv6/tcp_ipv6.c 2008-04-17 12:05:45.000000000 -0400
28234 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/tcp_ipv6.c 2008-04-19 15:14:52.000000000 -0400
28237 #include <linux/crypto.h>
28238 #include <linux/scatterlist.h>
28239 +#include <linux/vs_inet6.h>
28241 /* Socket used for sending RSTs and ACKs */
28242 static struct socket *tcp6_socket;
28243 @@ -154,8 +155,15 @@ static int tcp_v6_connect(struct sock *s
28244 * connect() to INADDR_ANY means loopback (BSD'ism).
28247 - if(ipv6_addr_any(&usin->sin6_addr))
28248 - usin->sin6_addr.s6_addr[15] = 0x1;
28249 + if(ipv6_addr_any(&usin->sin6_addr)) {
28250 + struct nx_info *nxi = sk->sk_nx_info;
28252 + if (nxi && nx_info_has_v6(nxi))
28253 + /* FIXME: remap lback? */
28254 + usin->sin6_addr = nxi->v6.ip;
28256 + usin->sin6_addr.s6_addr[15] = 0x1;
28259 addr_type = ipv6_addr_type(&usin->sin6_addr);
28261 diff -NurpP --minimal linux-2.6.25/net/ipv6/udp.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/udp.c
28262 --- linux-2.6.25/net/ipv6/udp.c 2008-04-17 12:05:45.000000000 -0400
28263 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/udp.c 2008-04-19 15:14:52.000000000 -0400
28266 #include <linux/proc_fs.h>
28267 #include <linux/seq_file.h>
28268 +#include <linux/vs_inet6.h>
28269 #include "udp_impl.h"
28271 static inline int udp_v6_get_port(struct sock *sk, unsigned short snum)
28272 @@ -83,6 +84,10 @@ static struct sock *__udp6_lib_lookup(st
28273 if (!ipv6_addr_equal(&np->rcv_saddr, daddr))
28277 + /* block non nx_info ips */
28278 + if (!v6_addr_in_nx_info(sk->sk_nx_info, daddr, -1))
28281 if (!ipv6_addr_any(&np->daddr)) {
28282 if (!ipv6_addr_equal(&np->daddr, saddr))
28283 diff -NurpP --minimal linux-2.6.25/net/ipv6/xfrm6_policy.c linux-2.6.25-vs2.3.0.34.9/net/ipv6/xfrm6_policy.c
28284 --- linux-2.6.25/net/ipv6/xfrm6_policy.c 2008-04-17 12:05:45.000000000 -0400
28285 +++ linux-2.6.25-vs2.3.0.34.9/net/ipv6/xfrm6_policy.c 2008-04-19 16:13:21.000000000 -0400
28286 @@ -58,7 +58,7 @@ static int xfrm6_get_saddr(xfrm_address_
28287 return -EHOSTUNREACH;
28289 ipv6_get_saddr(dst, (struct in6_addr *)&daddr->a6,
28290 - (struct in6_addr *)&saddr->a6);
28291 + (struct in6_addr *)&saddr->a6, NULL);
28295 diff -NurpP --minimal linux-2.6.25/net/netlink/af_netlink.c linux-2.6.25-vs2.3.0.34.9/net/netlink/af_netlink.c
28296 --- linux-2.6.25/net/netlink/af_netlink.c 2008-04-17 12:05:45.000000000 -0400
28297 +++ linux-2.6.25-vs2.3.0.34.9/net/netlink/af_netlink.c 2008-04-19 15:14:52.000000000 -0400
28299 #include <linux/audit.h>
28300 #include <linux/selinux.h>
28301 #include <linux/mutex.h>
28302 +#include <linux/vs_context.h>
28303 +#include <linux/vs_network.h>
28304 +#include <linux/vs_limit.h>
28306 #include <net/net_namespace.h>
28307 #include <net/sock.h>
28308 diff -NurpP --minimal linux-2.6.25/net/sctp/ipv6.c linux-2.6.25-vs2.3.0.34.9/net/sctp/ipv6.c
28309 --- linux-2.6.25/net/sctp/ipv6.c 2008-04-17 12:05:45.000000000 -0400
28310 +++ linux-2.6.25-vs2.3.0.34.9/net/sctp/ipv6.c 2008-04-19 15:14:52.000000000 -0400
28311 @@ -316,7 +316,7 @@ static void sctp_v6_get_saddr(struct sct
28312 __FUNCTION__, asoc, dst, NIP6(daddr->v6.sin6_addr));
28315 - ipv6_get_saddr(dst, &daddr->v6.sin6_addr,&saddr->v6.sin6_addr);
28316 + ipv6_get_saddr(dst, &daddr->v6.sin6_addr,&saddr->v6.sin6_addr, asoc->base.sk->sk_nx_info);
28317 SCTP_DEBUG_PRINTK("saddr from ipv6_get_saddr: " NIP6_FMT "\n",
28318 NIP6(saddr->v6.sin6_addr));
28320 diff -NurpP --minimal linux-2.6.25/net/socket.c linux-2.6.25-vs2.3.0.34.9/net/socket.c
28321 --- linux-2.6.25/net/socket.c 2008-04-17 12:05:45.000000000 -0400
28322 +++ linux-2.6.25-vs2.3.0.34.9/net/socket.c 2008-04-19 15:14:52.000000000 -0400
28325 #include <net/sock.h>
28326 #include <linux/netfilter.h>
28327 +#include <linux/vs_base.h>
28328 +#include <linux/vs_socket.h>
28329 +#include <linux/vs_inet.h>
28330 +#include <linux/vs_inet6.h>
28332 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
28333 static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
28334 @@ -547,7 +551,7 @@ static inline int __sock_sendmsg(struct
28335 struct msghdr *msg, size_t size)
28337 struct sock_iocb *si = kiocb_to_siocb(iocb);
28343 @@ -558,7 +562,22 @@ static inline int __sock_sendmsg(struct
28347 - return sock->ops->sendmsg(iocb, sock, msg, size);
28348 + len = sock->ops->sendmsg(iocb, sock, msg, size);
28351 + vx_sock_send(sock->sk, size);
28353 + vx_sock_fail(sock->sk, size);
28355 + vxdprintk(VXD_CBIT(net, 7),
28356 + "__sock_sendmsg: %p[%p,%p,%p;%d/%d]:%d/%d",
28358 + (sock->sk)?sock->sk->sk_nx_info:0,
28359 + (sock->sk)?sock->sk->sk_vx_info:0,
28360 + (sock->sk)?sock->sk->sk_xid:0,
28361 + (sock->sk)?sock->sk->sk_nid:0,
28362 + (unsigned int)size, len);
28366 int sock_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
28367 @@ -627,7 +646,7 @@ EXPORT_SYMBOL_GPL(__sock_recv_timestamp)
28368 static inline int __sock_recvmsg(struct kiocb *iocb, struct socket *sock,
28369 struct msghdr *msg, size_t size, int flags)
28373 struct sock_iocb *si = kiocb_to_siocb(iocb);
28376 @@ -640,7 +659,18 @@ static inline int __sock_recvmsg(struct
28380 - return sock->ops->recvmsg(iocb, sock, msg, size, flags);
28381 + len = sock->ops->recvmsg(iocb, sock, msg, size, flags);
28382 + if ((len >= 0) && sock->sk)
28383 + vx_sock_recv(sock->sk, len);
28384 + vxdprintk(VXD_CBIT(net, 7),
28385 + "__sock_recvmsg: %p[%p,%p,%p;%d/%d]:%d/%d",
28387 + (sock->sk)?sock->sk->sk_nx_info:0,
28388 + (sock->sk)?sock->sk->sk_vx_info:0,
28389 + (sock->sk)?sock->sk->sk_xid:0,
28390 + (sock->sk)?sock->sk->sk_nid:0,
28391 + (unsigned int)size, len);
28395 int sock_recvmsg(struct socket *sock, struct msghdr *msg,
28396 @@ -1105,6 +1135,13 @@ static int __sock_create(struct net *net
28397 if (type < 0 || type >= SOCK_MAX)
28400 + if (!nx_check(0, VS_ADMIN)) {
28401 + if (family == PF_INET && !current_nx_info_has_v4())
28402 + return -EAFNOSUPPORT;
28403 + if (family == PF_INET6 && !current_nx_info_has_v6())
28404 + return -EAFNOSUPPORT;
28409 This uglymoron is moved from INET layer to here to avoid
28410 @@ -1222,6 +1259,7 @@ asmlinkage long sys_socket(int family, i
28414 + set_bit(SOCK_USER_SOCKET, &sock->flags);
28415 retval = sock_map_fd(sock);
28418 @@ -1254,10 +1292,12 @@ asmlinkage long sys_socketpair(int famil
28419 err = sock_create(family, type, protocol, &sock1);
28422 + set_bit(SOCK_USER_SOCKET, &sock1->flags);
28424 err = sock_create(family, type, protocol, &sock2);
28426 goto out_release_1;
28427 + set_bit(SOCK_USER_SOCKET, &sock2->flags);
28429 err = sock1->ops->socketpair(sock1, sock2);
28431 diff -NurpP --minimal linux-2.6.25/net/sunrpc/auth.c linux-2.6.25-vs2.3.0.34.9/net/sunrpc/auth.c
28432 --- linux-2.6.25/net/sunrpc/auth.c 2008-04-17 12:05:45.000000000 -0400
28433 +++ linux-2.6.25-vs2.3.0.34.9/net/sunrpc/auth.c 2008-04-19 15:14:52.000000000 -0400
28435 #include <linux/errno.h>
28436 #include <linux/sunrpc/clnt.h>
28437 #include <linux/spinlock.h>
28438 +#include <linux/vs_tag.h>
28441 # define RPCDBG_FACILITY RPCDBG_AUTH
28442 @@ -345,6 +346,7 @@ rpcauth_lookupcred(struct rpc_auth *auth
28443 struct auth_cred acred = {
28444 .uid = current->fsuid,
28445 .gid = current->fsgid,
28446 + .tag = dx_current_tag(),
28447 .group_info = current->group_info,
28449 struct rpc_cred *ret;
28450 @@ -382,6 +384,7 @@ rpcauth_bindcred(struct rpc_task *task)
28451 struct auth_cred acred = {
28452 .uid = current->fsuid,
28453 .gid = current->fsgid,
28454 + .tag = dx_current_tag(),
28455 .group_info = current->group_info,
28457 struct rpc_cred *ret;
28458 diff -NurpP --minimal linux-2.6.25/net/sunrpc/auth_unix.c linux-2.6.25-vs2.3.0.34.9/net/sunrpc/auth_unix.c
28459 --- linux-2.6.25/net/sunrpc/auth_unix.c 2008-04-17 10:37:27.000000000 -0400
28460 +++ linux-2.6.25-vs2.3.0.34.9/net/sunrpc/auth_unix.c 2008-04-19 15:14:52.000000000 -0400
28461 @@ -11,12 +11,14 @@
28462 #include <linux/module.h>
28463 #include <linux/sunrpc/clnt.h>
28464 #include <linux/sunrpc/auth.h>
28465 +#include <linux/vs_tag.h>
28467 #define NFS_NGROUPS 16
28470 struct rpc_cred uc_base;
28473 gid_t uc_gids[NFS_NGROUPS];
28475 #define uc_uid uc_base.cr_uid
28476 @@ -73,6 +75,7 @@ unx_create_cred(struct rpc_auth *auth, s
28477 if (flags & RPCAUTH_LOOKUP_ROOTCREDS) {
28480 + cred->uc_tag = dx_current_tag();
28481 cred->uc_gids[0] = NOGROUP;
28483 int groups = acred->group_info->ngroups;
28484 @@ -80,6 +83,7 @@ unx_create_cred(struct rpc_auth *auth, s
28485 groups = NFS_NGROUPS;
28487 cred->uc_gid = acred->gid;
28488 + cred->uc_tag = acred->tag;
28489 for (i = 0; i < groups; i++)
28490 cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
28491 if (i < NFS_NGROUPS)
28492 @@ -124,7 +128,8 @@ unx_match(struct auth_cred *acred, struc
28495 if (cred->uc_uid != acred->uid
28496 - || cred->uc_gid != acred->gid)
28497 + || cred->uc_gid != acred->gid
28498 + || cred->uc_tag != acred->tag)
28501 groups = acred->group_info->ngroups;
28502 @@ -150,7 +155,7 @@ unx_marshal(struct rpc_task *task, __be3
28503 struct rpc_clnt *clnt = task->tk_client;
28504 struct unx_cred *cred = container_of(task->tk_msg.rpc_cred, struct unx_cred, uc_base);
28505 __be32 *base, *hold;
28509 *p++ = htonl(RPC_AUTH_UNIX);
28511 @@ -160,9 +165,12 @@ unx_marshal(struct rpc_task *task, __be3
28512 * Copy the UTS nodename captured when the client was created.
28514 p = xdr_encode_array(p, clnt->cl_nodename, clnt->cl_nodelen);
28515 + tag = task->tk_client->cl_tag;
28517 - *p++ = htonl((u32) cred->uc_uid);
28518 - *p++ = htonl((u32) cred->uc_gid);
28519 + *p++ = htonl((u32) TAGINO_UID(tag,
28520 + cred->uc_uid, cred->uc_tag));
28521 + *p++ = htonl((u32) TAGINO_GID(tag,
28522 + cred->uc_gid, cred->uc_tag));
28524 for (i = 0; i < 16 && cred->uc_gids[i] != (gid_t) NOGROUP; i++)
28525 *p++ = htonl((u32) cred->uc_gids[i]);
28526 diff -NurpP --minimal linux-2.6.25/net/sunrpc/clnt.c linux-2.6.25-vs2.3.0.34.9/net/sunrpc/clnt.c
28527 --- linux-2.6.25/net/sunrpc/clnt.c 2008-04-17 12:05:45.000000000 -0400
28528 +++ linux-2.6.25-vs2.3.0.34.9/net/sunrpc/clnt.c 2008-04-19 16:09:36.000000000 -0400
28530 #include <linux/utsname.h>
28531 #include <linux/workqueue.h>
28532 #include <linux/in6.h>
28533 +#include <linux/vs_cvirt.h>
28535 #include <linux/sunrpc/clnt.h>
28536 #include <linux/sunrpc/rpc_pipe_fs.h>
28537 @@ -324,7 +325,9 @@ struct rpc_clnt *rpc_create(struct rpc_c
28538 clnt->cl_autobind = 1;
28539 if (args->flags & RPC_CLNT_CREATE_DISCRTRY)
28540 clnt->cl_discrtry = 1;
28542 + /* TODO: handle RPC_CLNT_CREATE_TAGGED
28543 + if (args->flags & RPC_CLNT_CREATE_TAGGED)
28544 + clnt->cl_tag = 1; */
28547 EXPORT_SYMBOL_GPL(rpc_create);
28548 diff -NurpP --minimal linux-2.6.25/net/unix/af_unix.c linux-2.6.25-vs2.3.0.34.9/net/unix/af_unix.c
28549 --- linux-2.6.25/net/unix/af_unix.c 2008-04-17 12:05:45.000000000 -0400
28550 +++ linux-2.6.25-vs2.3.0.34.9/net/unix/af_unix.c 2008-04-19 15:55:39.000000000 -0400
28551 @@ -116,6 +116,8 @@
28552 #include <linux/mount.h>
28553 #include <net/checksum.h>
28554 #include <linux/security.h>
28555 +#include <linux/vs_context.h>
28556 +#include <linux/vs_limit.h>
28558 static struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1];
28559 static DEFINE_SPINLOCK(unix_table_lock);
28560 @@ -255,6 +257,8 @@ static struct sock *__unix_find_socket_b
28561 if (s->sk_net != net)
28564 + if (!nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT))
28566 if (u->addr->len == len &&
28567 !memcmp(u->addr->name, sunname, len))
28569 @@ -819,7 +823,7 @@ static int unix_bind(struct socket *sock
28572 (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
28573 - err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0);
28574 + err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0, NULL);
28576 goto out_mknod_dput;
28577 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
28578 diff -NurpP --minimal linux-2.6.25/net/x25/af_x25.c linux-2.6.25-vs2.3.0.34.9/net/x25/af_x25.c
28579 --- linux-2.6.25/net/x25/af_x25.c 2008-04-17 12:05:45.000000000 -0400
28580 +++ linux-2.6.25-vs2.3.0.34.9/net/x25/af_x25.c 2008-04-19 15:14:52.000000000 -0400
28581 @@ -506,7 +506,10 @@ static int x25_create(struct net *net, s
28585 - sock_init_data(sock, sk);
28586 + sk->sk_socket = sock;
28587 + sk->sk_type = sock->type;
28588 + sk->sk_sleep = &sock->wait;
28591 x25_init_timers(sk);
28593 diff -NurpP --minimal linux-2.6.25/scripts/checksyscalls.sh linux-2.6.25-vs2.3.0.34.9/scripts/checksyscalls.sh
28594 --- linux-2.6.25/scripts/checksyscalls.sh 2008-04-17 11:31:42.000000000 -0400
28595 +++ linux-2.6.25-vs2.3.0.34.9/scripts/checksyscalls.sh 2008-04-19 15:14:52.000000000 -0400
28596 @@ -108,7 +108,6 @@ cat << EOF
28597 #define __IGNORE_afs_syscall
28598 #define __IGNORE_getpmsg
28599 #define __IGNORE_putpmsg
28600 -#define __IGNORE_vserver
28604 diff -NurpP --minimal linux-2.6.25/security/commoncap.c linux-2.6.25-vs2.3.0.34.9/security/commoncap.c
28605 --- linux-2.6.25/security/commoncap.c 2008-04-17 12:05:46.000000000 -0400
28606 +++ linux-2.6.25-vs2.3.0.34.9/security/commoncap.c 2008-04-23 22:22:54.000000000 -0400
28608 #include <linux/hugetlb.h>
28609 #include <linux/mount.h>
28610 #include <linux/sched.h>
28611 +#include <linux/vs_context.h>
28613 /* Global security state */
28615 @@ -32,7 +33,7 @@ EXPORT_SYMBOL(securebits);
28617 int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
28619 - NETLINK_CB(skb).eff_cap = current->cap_effective;
28620 + NETLINK_CB(skb).eff_cap = vx_mbcaps(current->cap_effective);
28624 @@ -53,9 +54,24 @@ EXPORT_SYMBOL(cap_netlink_recv);
28626 int cap_capable (struct task_struct *tsk, int cap)
28628 + struct vx_info *vxi = tsk->vx_info;
28631 + printk("cap_capable() VXF_STATE_SETUP = %llx, raised = %x, eff = %08x:%08x\n",
28632 + vx_info_flags(vxi, VXF_STATE_SETUP, 0),
28633 + cap_raised(tsk->cap_effective, cap),
28634 + tsk->cap_effective.cap[1], tsk->cap_effective.cap[0]);
28637 + /* special case SETUP */
28638 + if (vx_info_flags(vxi, VXF_STATE_SETUP, 0) &&
28639 + cap_raised(tsk->cap_effective, cap))
28642 /* Derived from include/linux/sched.h:capable. */
28643 - if (cap_raised(tsk->cap_effective, cap))
28644 + if (vx_cap_raised(vxi, tsk->cap_effective, cap))
28650 @@ -583,7 +599,8 @@ void cap_task_reparent_to_init (struct t
28652 int cap_syslog (int type)
28654 - if ((type != 3 && type != 10) && !capable(CAP_SYS_ADMIN))
28655 + if ((type != 3 && type != 10) &&
28656 + !vx_capable(CAP_SYS_ADMIN, VXC_SYSLOG))
28660 diff -NurpP --minimal linux-2.6.25/security/dummy.c linux-2.6.25-vs2.3.0.34.9/security/dummy.c
28661 --- linux-2.6.25/security/dummy.c 2008-04-17 12:05:46.000000000 -0400
28662 +++ linux-2.6.25-vs2.3.0.34.9/security/dummy.c 2008-04-23 20:28:54.000000000 -0400
28664 #include <linux/hugetlb.h>
28665 #include <linux/ptrace.h>
28666 #include <linux/file.h>
28667 +#include <linux/vs_context.h>
28669 static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
28671 @@ -714,7 +715,7 @@ static int dummy_sem_semop (struct sem_a
28673 static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb)
28675 - NETLINK_CB(skb).eff_cap = current->cap_effective;
28676 + NETLINK_CB(skb).eff_cap = vx_mbcaps(current->cap_effective);
28680 diff -NurpP --minimal linux-2.6.25/security/selinux/hooks.c linux-2.6.25-vs2.3.0.34.9/security/selinux/hooks.c
28681 --- linux-2.6.25/security/selinux/hooks.c 2008-04-17 12:05:46.000000000 -0400
28682 +++ linux-2.6.25-vs2.3.0.34.9/security/selinux/hooks.c 2008-04-19 15:14:52.000000000 -0400
28684 #include <linux/dccp.h>
28685 #include <linux/quota.h>
28686 #include <linux/un.h> /* for Unix socket types */
28687 -#include <net/af_unix.h> /* for Unix socket types */
28688 #include <linux/parser.h>
28689 #include <linux/nfs_mount.h>
28690 #include <net/ipv6.h>
projects / packages / kernel.git / blob