-diff -NurpP --minimal linux-4.9.207/arch/alpha/Kconfig linux-4.9.207-vs2.3.9.11/arch/alpha/Kconfig
---- linux-4.9.207/arch/alpha/Kconfig 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/alpha/Kconfig 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/Documentation/vserver/debug.txt linux-4.9/Documentation/vserver/debug.txt
+--- linux-4.9/Documentation/vserver/debug.txt 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/Documentation/vserver/debug.txt 2021-02-24 15:47:45.047741532 +0100
+@@ -0,0 +1,154 @@
++
++debug_cvirt:
++
++ 2 4 "vx_map_tgid: %p/%llx: %d -> %d"
++ "vx_rmap_tgid: %p/%llx: %d -> %d"
++
++debug_dlim:
++
++ 0 1 "ALLOC (%p,#%d)%c inode (%d)"
++ "FREE (%p,#%d)%c inode"
++ 1 2 "ALLOC (%p,#%d)%c %lld bytes (%d)"
++ "FREE (%p,#%d)%c %lld bytes"
++ 2 4 "ADJUST: %lld,%lld on %ld,%ld [mult=%d]"
++ 3 8 "ext3_has_free_blocks(%p): %lu<%lu+1, %c, %u!=%u r=%d"
++ "ext3_has_free_blocks(%p): free=%lu, root=%lu"
++ "rcu_free_dl_info(%p)"
++ 4 10 "alloc_dl_info(%p,%d) = %p"
++ "dealloc_dl_info(%p)"
++ "get_dl_info(%p[#%d.%d])"
++ "put_dl_info(%p[#%d.%d])"
++ 5 20 "alloc_dl_info(%p,%d)*"
++ 6 40 "__hash_dl_info: %p[#%d]"
++ "__unhash_dl_info: %p[#%d]"
++ 7 80 "locate_dl_info(%p,#%d) = %p"
++
++debug_misc:
++
++ 0 1 "destroy_dqhash: %p [#0x%08x] c=%d"
++ "new_dqhash: %p [#0x%08x]"
++ "vroot[%d]_clr_dev: dev=%p[%lu,%d:%d]"
++ "vroot[%d]_get_real_bdev: dev=%p[%lu,%d:%d]"
++ "vroot[%d]_set_dev: dev=%p[%lu,%d:%d]"
++ "vroot_get_real_bdev not set"
++ 1 2 "cow_break_link(?%s?)"
++ "temp copy ?%s?"
++ 2 4 "dentry_open(new): %p"
++ "dentry_open(old): %p"
++ "lookup_create(new): %p"
++ "old path ?%s?"
++ "path_lookup(old): %d"
++ "vfs_create(new): %d"
++ "vfs_rename: %d"
++ "vfs_sendfile: %d"
++ 3 8 "fput(new_file=%p[#%d])"
++ "fput(old_file=%p[#%d])"
++ 4 10 "vx_info_kill(%p[#%d],%d,%d) = %d"
++ "vx_info_kill(%p[#%d],%d,%d)*"
++ 5 20 "vs_reboot(%p[#%d],%d)"
++ 6 40 "dropping task %p[#%u,%u] for %p[#%u,%u]"
++
++debug_net:
++
++ 2 4 "nx_addr_conflict(%p,%p) %d.%d,%d.%d"
++ 3 8 "inet_bind(%p) %d.%d.%d.%d, %d.%d.%d.%d, %d.%d.%d.%d"
++ "inet_bind(%p)* %p,%p;%lx %d.%d.%d.%d"
++ 4 10 "ip_route_connect(%p) %p,%p;%lx"
++ 5 20 "__addr_in_socket(%p,%d.%d.%d.%d) %p:%d.%d.%d.%d %p;%lx"
++ 6 40 "sk,egf: %p [#%d] (from %d)"
++ "sk,egn: %p [#%d] (from %d)"
++ "sk,req: %p [#%d] (from %d)"
++ "sk: %p [#%d] (from %d)"
++ "tw: %p [#%d] (from %d)"
++ 7 80 "__sock_recvmsg: %p[%p,%p,%p;%d]:%d/%d"
++ "__sock_sendmsg: %p[%p,%p,%p;%d]:%d/%d"
++
++debug_nid:
++
++ 0 1 "__lookup_nx_info(#%u): %p[#%u]"
++ "alloc_nx_info(%d) = %p"
++ "create_nx_info(%d) (dynamic rejected)"
++ "create_nx_info(%d) = %p (already there)"
++ "create_nx_info(%d) = %p (new)"
++ "dealloc_nx_info(%p)"
++ 1 2 "alloc_nx_info(%d)*"
++ "create_nx_info(%d)*"
++ 2 4 "get_nx_info(%p[#%d.%d])"
++ "put_nx_info(%p[#%d.%d])"
++ 3 8 "claim_nx_info(%p[#%d.%d.%d]) %p"
++ "clr_nx_info(%p[#%d.%d])"
++ "init_nx_info(%p[#%d.%d])"
++ "release_nx_info(%p[#%d.%d.%d]) %p"
++ "set_nx_info(%p[#%d.%d])"
++ 4 10 "__hash_nx_info: %p[#%d]"
++ "__nx_dynamic_id: [#%d]"
++ "__unhash_nx_info: %p[#%d.%d.%d]"
++ 5 20 "moved task %p into nxi:%p[#%d]"
++ "nx_migrate_task(%p,%p[#%d.%d.%d])"
++ "task_get_nx_info(%p)"
++ 6 40 "nx_clear_persistent(%p[#%d])"
++
++debug_quota:
++
++ 0 1 "quota_sync_dqh(%p,%d) discard inode %p"
++ 1 2 "quota_sync_dqh(%p,%d)"
++ "sync_dquots(%p,%d)"
++ "sync_dquots_dqh(%p,%d)"
++ 3 8 "do_quotactl(%p,%d,cmd=%d,id=%d,%p)"
++
++debug_switch:
++
++ 0 1 "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]"
++ 1 2 "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]"
++ 4 10 "%s: (%s %s) returned %s with %d"
++
++debug_tag:
++
++ 7 80 "dx_parse_tag(?%s?): %d:#%d"
++ "dx_propagate_tag(%p[#%lu.%d]): %d,%d"
++
++debug_xid:
++
++ 0 1 "__lookup_vx_info(#%u): %p[#%u]"
++ "alloc_vx_info(%d) = %p"
++ "alloc_vx_info(%d)*"
++ "create_vx_info(%d) (dynamic rejected)"
++ "create_vx_info(%d) = %p (already there)"
++ "create_vx_info(%d) = %p (new)"
++ "dealloc_vx_info(%p)"
++ "loc_vx_info(%d) = %p (found)"
++ "loc_vx_info(%d) = %p (new)"
++ "loc_vx_info(%d) = %p (not available)"
++ 1 2 "create_vx_info(%d)*"
++ "loc_vx_info(%d)*"
++ 2 4 "get_vx_info(%p[#%d.%d])"
++ "put_vx_info(%p[#%d.%d])"
++ 3 8 "claim_vx_info(%p[#%d.%d.%d]) %p"
++ "clr_vx_info(%p[#%d.%d])"
++ "init_vx_info(%p[#%d.%d])"
++ "release_vx_info(%p[#%d.%d.%d]) %p"
++ "set_vx_info(%p[#%d.%d])"
++ 4 10 "__hash_vx_info: %p[#%d]"
++ "__unhash_vx_info: %p[#%d.%d.%d]"
++ "__vx_dynamic_id: [#%d]"
++ 5 20 "enter_vx_info(%p[#%d],%p) %p[#%d,%p]"
++ "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]"
++ "moved task %p into vxi:%p[#%d]"
++ "task_get_vx_info(%p)"
++ "vx_migrate_task(%p,%p[#%d.%d])"
++ 6 40 "vx_clear_persistent(%p[#%d])"
++ "vx_exit_init(%p[#%d],%p[#%d,%d,%d])"
++ "vx_set_init(%p[#%d],%p[#%d,%d,%d])"
++ "vx_set_persistent(%p[#%d])"
++ "vx_set_reaper(%p[#%d],%p[#%d,%d])"
++ 7 80 "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]"
++
++
++debug_limit:
++
++ n 2^n "vx_acc_cres[%5d,%s,%2d]: %5d%s"
++ "vx_cres_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
++
++ m 2^m "vx_acc_page[%5d,%s,%2d]: %5d%s"
++ "vx_acc_pages[%5d,%s,%2d]: %5d += %5d"
++ "vx_pages_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
+diff -urNp -x '*.orig' linux-4.9/arch/alpha/Kconfig linux-4.9/arch/alpha/Kconfig
+--- linux-4.9/arch/alpha/Kconfig 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/alpha/Kconfig 2021-02-24 15:47:45.037741219 +0100
@@ -743,6 +743,8 @@ config DUMMY_CONSOLE
depends on VGA_HOSE
default y
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/alpha/kernel/systbls.S linux-4.9.207-vs2.3.9.11/arch/alpha/kernel/systbls.S
---- linux-4.9.207/arch/alpha/kernel/systbls.S 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/alpha/kernel/systbls.S 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/alpha/kernel/systbls.S linux-4.9/arch/alpha/kernel/systbls.S
+--- linux-4.9/arch/alpha/kernel/systbls.S 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/alpha/kernel/systbls.S 2021-02-24 15:47:45.037741219 +0100
@@ -446,7 +446,7 @@ sys_call_table:
.quad sys_stat64 /* 425 */
.quad sys_lstat64
.quad sys_ni_syscall /* sys_mbind */
.quad sys_ni_syscall /* sys_get_mempolicy */
.quad sys_ni_syscall /* sys_set_mempolicy */
-diff -NurpP --minimal linux-4.9.207/arch/alpha/kernel/traps.c linux-4.9.207-vs2.3.9.11/arch/alpha/kernel/traps.c
---- linux-4.9.207/arch/alpha/kernel/traps.c 2019-12-25 15:27:26.328464250 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/alpha/kernel/traps.c 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/alpha/kernel/traps.c linux-4.9/arch/alpha/kernel/traps.c
+--- linux-4.9/arch/alpha/kernel/traps.c 2021-02-24 15:47:30.747294162 +0100
++++ linux-4.9/arch/alpha/kernel/traps.c 2021-02-24 15:47:45.037741219 +0100
@@ -179,7 +179,8 @@ die_if_kernel(char * str, struct pt_regs
#ifdef CONFIG_SMP
printk("CPU %d ", hard_smp_processor_id());
dik_show_regs(regs, r9_15);
add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE);
dik_show_trace((unsigned long *)(regs+1));
-diff -NurpP --minimal linux-4.9.207/arch/arm/Kconfig linux-4.9.207-vs2.3.9.11/arch/arm/Kconfig
---- linux-4.9.207/arch/arm/Kconfig 2019-12-25 15:27:26.428462634 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/arm/Kconfig 2019-10-05 14:58:36.470454583 +0000
-@@ -2200,6 +2200,8 @@ source "fs/Kconfig"
+diff -urNp -x '*.orig' linux-4.9/arch/arm/Kconfig linux-4.9/arch/arm/Kconfig
+--- linux-4.9/arch/arm/Kconfig 2021-02-24 15:47:30.757294474 +0100
++++ linux-4.9/arch/arm/Kconfig 2021-02-24 15:47:45.041074656 +0100
+@@ -2202,6 +2202,8 @@ source "fs/Kconfig"
source "arch/arm/Kconfig.debug"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/arm/kernel/calls.S linux-4.9.207-vs2.3.9.11/arch/arm/kernel/calls.S
---- linux-4.9.207/arch/arm/kernel/calls.S 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/arm/kernel/calls.S 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/arm/kernel/calls.S linux-4.9/arch/arm/kernel/calls.S
+--- linux-4.9/arch/arm/kernel/calls.S 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/arm/kernel/calls.S 2021-02-24 15:47:45.041074656 +0100
@@ -322,7 +322,7 @@
/* 310 */ CALL(sys_request_key)
CALL(sys_keyctl)
CALL(sys_ioprio_set)
/* 315 */ CALL(sys_ioprio_get)
CALL(sys_inotify_init)
-diff -NurpP --minimal linux-4.9.207/arch/arm/kernel/traps.c linux-4.9.207-vs2.3.9.11/arch/arm/kernel/traps.c
---- linux-4.9.207/arch/arm/kernel/traps.c 2019-12-25 15:27:26.938454388 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/arm/kernel/traps.c 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/arm/kernel/traps.c linux-4.9/arch/arm/kernel/traps.c
+--- linux-4.9/arch/arm/kernel/traps.c 2021-02-24 15:47:30.797295726 +0100
++++ linux-4.9/arch/arm/kernel/traps.c 2021-02-24 15:47:45.041074656 +0100
@@ -279,8 +279,8 @@ static int __die(const char *str, int er
print_modules();
if (!user_mode(regs) || in_interrupt()) {
dump_mem(KERN_EMERG, "Stack: ", regs->ARM_sp,
-diff -NurpP --minimal linux-4.9.207/arch/cris/Kconfig linux-4.9.207-vs2.3.9.11/arch/cris/Kconfig
---- linux-4.9.207/arch/cris/Kconfig 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/cris/Kconfig 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/cris/Kconfig linux-4.9/arch/cris/Kconfig
+--- linux-4.9/arch/cris/Kconfig 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/cris/Kconfig 2021-02-24 15:47:45.041074656 +0100
@@ -583,6 +583,8 @@ source "fs/Kconfig"
source "arch/cris/Kconfig.debug"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/ia64/Kconfig linux-4.9.207-vs2.3.9.11/arch/ia64/Kconfig
---- linux-4.9.207/arch/ia64/Kconfig 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/ia64/Kconfig 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/ia64/Kconfig linux-4.9/arch/ia64/Kconfig
+--- linux-4.9/arch/ia64/Kconfig 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/ia64/Kconfig 2021-02-24 15:47:45.041074656 +0100
@@ -602,6 +602,8 @@ source "fs/Kconfig"
source "arch/ia64/Kconfig.debug"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/ia64/kernel/entry.S linux-4.9.207-vs2.3.9.11/arch/ia64/kernel/entry.S
---- linux-4.9.207/arch/ia64/kernel/entry.S 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/ia64/kernel/entry.S 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/ia64/kernel/entry.S linux-4.9/arch/ia64/kernel/entry.S
+--- linux-4.9/arch/ia64/kernel/entry.S 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/ia64/kernel/entry.S 2021-02-24 15:47:45.041074656 +0100
@@ -1697,7 +1697,7 @@ sys_call_table:
data8 sys_mq_notify
data8 sys_mq_getsetattr
data8 sys_waitid // 1270
data8 sys_add_key
data8 sys_request_key
-diff -NurpP --minimal linux-4.9.207/arch/ia64/kernel/ptrace.c linux-4.9.207-vs2.3.9.11/arch/ia64/kernel/ptrace.c
---- linux-4.9.207/arch/ia64/kernel/ptrace.c 2019-12-25 15:27:28.308432237 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/ia64/kernel/ptrace.c 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/ia64/kernel/ptrace.c linux-4.9/arch/ia64/kernel/ptrace.c
+--- linux-4.9/arch/ia64/kernel/ptrace.c 2021-02-24 15:47:30.857297603 +0100
++++ linux-4.9/arch/ia64/kernel/ptrace.c 2021-02-24 15:47:45.041074656 +0100
@@ -21,6 +21,7 @@
#include <linux/regset.h>
#include <linux/elf.h>
#include <asm/pgtable.h>
#include <asm/processor.h>
-diff -NurpP --minimal linux-4.9.207/arch/ia64/kernel/traps.c linux-4.9.207-vs2.3.9.11/arch/ia64/kernel/traps.c
---- linux-4.9.207/arch/ia64/kernel/traps.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/ia64/kernel/traps.c 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/ia64/kernel/traps.c linux-4.9/arch/ia64/kernel/traps.c
+--- linux-4.9/arch/ia64/kernel/traps.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/ia64/kernel/traps.c 2021-02-24 15:47:45.041074656 +0100
@@ -60,8 +60,9 @@ die (const char *str, struct pt_regs *re
put_cpu();
}
}
}
-diff -NurpP --minimal linux-4.9.207/arch/m32r/kernel/traps.c linux-4.9.207-vs2.3.9.11/arch/m32r/kernel/traps.c
---- linux-4.9.207/arch/m32r/kernel/traps.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/m32r/kernel/traps.c 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/m32r/kernel/traps.c linux-4.9/arch/m32r/kernel/traps.c
+--- linux-4.9/arch/m32r/kernel/traps.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/m32r/kernel/traps.c 2021-02-24 15:47:45.041074656 +0100
@@ -184,8 +184,9 @@ static void show_registers(struct pt_reg
} else {
printk("SPI: %08lx\n", sp);
/*
* When in-kernel, we also print out the stack and code at the
-diff -NurpP --minimal linux-4.9.207/arch/m68k/Kconfig linux-4.9.207-vs2.3.9.11/arch/m68k/Kconfig
---- linux-4.9.207/arch/m68k/Kconfig 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/m68k/Kconfig 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/m68k/Kconfig linux-4.9/arch/m68k/Kconfig
+--- linux-4.9/arch/m68k/Kconfig 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/m68k/Kconfig 2021-02-24 15:47:45.041074656 +0100
@@ -163,6 +163,8 @@ source "fs/Kconfig"
source "arch/m68k/Kconfig.debug"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/mips/Kconfig linux-4.9.207-vs2.3.9.11/arch/mips/Kconfig
---- linux-4.9.207/arch/mips/Kconfig 2019-12-25 15:27:28.488429329 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/mips/Kconfig 2019-12-25 15:37:43.808561393 +0000
-@@ -3193,6 +3193,8 @@ source "fs/Kconfig"
+diff -urNp -x '*.orig' linux-4.9/arch/mips/Kconfig linux-4.9/arch/mips/Kconfig
+--- linux-4.9/arch/mips/Kconfig 2021-02-24 15:47:30.863964478 +0100
++++ linux-4.9/arch/mips/Kconfig 2021-02-24 15:47:45.044408094 +0100
+@@ -3194,6 +3194,8 @@ source "fs/Kconfig"
source "arch/mips/Kconfig.debug"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/mips/kernel/ptrace.c linux-4.9.207-vs2.3.9.11/arch/mips/kernel/ptrace.c
---- linux-4.9.207/arch/mips/kernel/ptrace.c 2019-12-25 15:27:28.848423509 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/mips/kernel/ptrace.c 2018-10-20 05:55:33.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/mips/kernel/ptrace.c linux-4.9/arch/mips/kernel/ptrace.c
+--- linux-4.9/arch/mips/kernel/ptrace.c 2021-02-24 15:47:30.880631666 +0100
++++ linux-4.9/arch/mips/kernel/ptrace.c 2021-02-24 15:47:45.044408094 +0100
@@ -30,6 +30,7 @@
#include <linux/audit.h>
#include <linux/seccomp.h>
switch (request) {
/* when I and D space are separate, these will need to be fixed. */
case PTRACE_PEEKTEXT: /* read word at location addr. */
-diff -NurpP --minimal linux-4.9.207/arch/mips/kernel/scall32-o32.S linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall32-o32.S
---- linux-4.9.207/arch/mips/kernel/scall32-o32.S 2019-12-25 15:27:28.848423509 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall32-o32.S 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/mips/kernel/scall32-o32.S linux-4.9/arch/mips/kernel/scall32-o32.S
+--- linux-4.9/arch/mips/kernel/scall32-o32.S 2021-02-24 15:47:30.880631666 +0100
++++ linux-4.9/arch/mips/kernel/scall32-o32.S 2021-02-24 15:47:45.044408094 +0100
@@ -511,7 +511,7 @@ EXPORT(sys_call_table)
PTR sys_mq_timedreceive
PTR sys_mq_notify /* 4275 */
PTR sys_waitid
PTR sys_ni_syscall /* available, was setaltroot */
PTR sys_add_key /* 4280 */
-diff -NurpP --minimal linux-4.9.207/arch/mips/kernel/scall64-64.S linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall64-64.S
---- linux-4.9.207/arch/mips/kernel/scall64-64.S 2019-12-25 15:27:28.848423509 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall64-64.S 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/mips/kernel/scall64-64.S linux-4.9/arch/mips/kernel/scall64-64.S
+--- linux-4.9/arch/mips/kernel/scall64-64.S 2021-02-24 15:47:30.880631666 +0100
++++ linux-4.9/arch/mips/kernel/scall64-64.S 2021-02-24 15:47:45.044408094 +0100
@@ -348,7 +348,7 @@ EXPORT(sys_call_table)
PTR sys_mq_timedreceive
PTR sys_mq_notify
PTR sys_waitid
PTR sys_ni_syscall /* available, was setaltroot */
PTR sys_add_key
-diff -NurpP --minimal linux-4.9.207/arch/mips/kernel/scall64-n32.S linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall64-n32.S
---- linux-4.9.207/arch/mips/kernel/scall64-n32.S 2019-12-25 15:27:28.848423509 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall64-n32.S 2018-10-20 04:58:12.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/mips/kernel/scall64-n32.S linux-4.9/arch/mips/kernel/scall64-n32.S
+--- linux-4.9/arch/mips/kernel/scall64-n32.S 2021-02-24 15:47:30.880631666 +0100
++++ linux-4.9/arch/mips/kernel/scall64-n32.S 2021-02-24 15:47:45.044408094 +0100
@@ -343,7 +343,7 @@ EXPORT(sysn32_call_table)
PTR compat_sys_mq_timedreceive
PTR compat_sys_mq_notify
PTR compat_sys_waitid
PTR sys_ni_syscall /* available, was setaltroot */
PTR sys_add_key
-diff -NurpP --minimal linux-4.9.207/arch/mips/kernel/scall64-o32.S linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall64-o32.S
---- linux-4.9.207/arch/mips/kernel/scall64-o32.S 2019-12-25 15:27:28.848423509 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/mips/kernel/scall64-o32.S 2019-10-05 14:58:36.920447392 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/mips/kernel/scall64-o32.S linux-4.9/arch/mips/kernel/scall64-o32.S
+--- linux-4.9/arch/mips/kernel/scall64-o32.S 2021-02-24 15:47:30.880631666 +0100
++++ linux-4.9/arch/mips/kernel/scall64-o32.S 2021-02-24 15:47:45.044408094 +0100
@@ -499,7 +499,7 @@ EXPORT(sys32_call_table)
PTR compat_sys_mq_timedreceive
PTR compat_sys_mq_notify /* 4275 */
PTR compat_sys_waitid
PTR sys_ni_syscall /* available, was setaltroot */
PTR sys_add_key /* 4280 */
-diff -NurpP --minimal linux-4.9.207/arch/mips/kernel/traps.c linux-4.9.207-vs2.3.9.11/arch/mips/kernel/traps.c
---- linux-4.9.207/arch/mips/kernel/traps.c 2019-12-25 15:27:28.848423509 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/mips/kernel/traps.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/mips/kernel/traps.c linux-4.9/arch/mips/kernel/traps.c
+--- linux-4.9/arch/mips/kernel/traps.c 2021-02-24 15:47:30.880631666 +0100
++++ linux-4.9/arch/mips/kernel/traps.c 2021-02-24 15:47:45.044408094 +0100
@@ -361,9 +361,10 @@ void show_registers(struct pt_regs *regs
__show_regs(regs);
if (cpu_has_userlocal) {
unsigned long tls;
-diff -NurpP --minimal linux-4.9.207/arch/parisc/Kconfig linux-4.9.207-vs2.3.9.11/arch/parisc/Kconfig
---- linux-4.9.207/arch/parisc/Kconfig 2019-12-25 15:27:29.098419467 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/parisc/Kconfig 2018-10-20 05:55:33.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/parisc/Kconfig linux-4.9/arch/parisc/Kconfig
+--- linux-4.9/arch/parisc/Kconfig 2021-02-24 15:47:30.893965417 +0100
++++ linux-4.9/arch/parisc/Kconfig 2021-02-24 15:47:45.044408094 +0100
@@ -348,6 +348,8 @@ config SECCOMP
If unsure, say Y. Only embedded should say N here.
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/parisc/kernel/syscall_table.S linux-4.9.207-vs2.3.9.11/arch/parisc/kernel/syscall_table.S
---- linux-4.9.207/arch/parisc/kernel/syscall_table.S 2019-12-25 15:27:29.198417850 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/parisc/kernel/syscall_table.S 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/parisc/kernel/syscall_table.S linux-4.9/arch/parisc/kernel/syscall_table.S
+--- linux-4.9/arch/parisc/kernel/syscall_table.S 2021-02-24 15:47:30.897298854 +0100
++++ linux-4.9/arch/parisc/kernel/syscall_table.S 2021-02-24 15:47:45.044408094 +0100
@@ -358,7 +358,7 @@
ENTRY_COMP(mbind) /* 260 */
ENTRY_COMP(get_mempolicy)
ENTRY_SAME(add_key)
ENTRY_SAME(request_key) /* 265 */
ENTRY_COMP(keyctl)
-diff -NurpP --minimal linux-4.9.207/arch/parisc/kernel/traps.c linux-4.9.207-vs2.3.9.11/arch/parisc/kernel/traps.c
---- linux-4.9.207/arch/parisc/kernel/traps.c 2019-12-25 15:27:29.208417686 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/parisc/kernel/traps.c 2019-02-22 08:37:49.463155825 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/parisc/kernel/traps.c linux-4.9/arch/parisc/kernel/traps.c
+--- linux-4.9/arch/parisc/kernel/traps.c 2021-02-24 15:47:30.897298854 +0100
++++ linux-4.9/arch/parisc/kernel/traps.c 2021-02-24 15:47:45.044408094 +0100
@@ -235,8 +235,9 @@ void die_if_kernel(char *str, struct pt_
return; /* STFU */
/* Wot's wrong wif bein' racy? */
if (current->thread.flags & PARISC_KERNEL_DEATH) {
-diff -NurpP --minimal linux-4.9.207/arch/powerpc/include/uapi/asm/unistd.h linux-4.9.207-vs2.3.9.11/arch/powerpc/include/uapi/asm/unistd.h
---- linux-4.9.207/arch/powerpc/include/uapi/asm/unistd.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/powerpc/include/uapi/asm/unistd.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/powerpc/Kconfig linux-4.9/arch/powerpc/Kconfig
+--- linux-4.9/arch/powerpc/Kconfig 2021-02-24 15:47:30.900632291 +0100
++++ linux-4.9/arch/powerpc/Kconfig 2021-02-24 15:47:45.044408094 +0100
+@@ -1092,6 +1092,8 @@ source "lib/Kconfig"
+
+ source "arch/powerpc/Kconfig.debug"
+
++source "kernel/vserver/Kconfig"
++
+ source "security/Kconfig"
+
+ source "crypto/Kconfig"
+diff -urNp -x '*.orig' linux-4.9/arch/powerpc/include/uapi/asm/unistd.h linux-4.9/arch/powerpc/include/uapi/asm/unistd.h
+--- linux-4.9/arch/powerpc/include/uapi/asm/unistd.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/powerpc/include/uapi/asm/unistd.h 2021-02-24 15:47:45.044408094 +0100
@@ -275,7 +275,7 @@
#endif
#define __NR_rtas 255
#define __NR_migrate_pages 258
#define __NR_mbind 259
#define __NR_get_mempolicy 260
-diff -NurpP --minimal linux-4.9.207/arch/powerpc/Kconfig linux-4.9.207-vs2.3.9.11/arch/powerpc/Kconfig
---- linux-4.9.207/arch/powerpc/Kconfig 2019-12-25 15:27:29.218417525 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/powerpc/Kconfig 2019-10-05 14:58:37.110444356 +0000
-@@ -1091,6 +1091,8 @@ source "lib/Kconfig"
+diff -urNp -x '*.orig' linux-4.9/arch/s390/Kconfig linux-4.9/arch/s390/Kconfig
+--- linux-4.9/arch/s390/Kconfig 2021-02-24 15:47:30.947300418 +0100
++++ linux-4.9/arch/s390/Kconfig 2021-02-24 15:47:45.044408094 +0100
+@@ -775,6 +775,8 @@ source "fs/Kconfig"
- source "arch/powerpc/Kconfig.debug"
+ source "arch/s390/Kconfig.debug"
+source "kernel/vserver/Kconfig"
+
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/s390/include/asm/tlb.h linux-4.9.207-vs2.3.9.11/arch/s390/include/asm/tlb.h
---- linux-4.9.207/arch/s390/include/asm/tlb.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/s390/include/asm/tlb.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/s390/include/asm/tlb.h linux-4.9/arch/s390/include/asm/tlb.h
+--- linux-4.9/arch/s390/include/asm/tlb.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/s390/include/asm/tlb.h 2021-02-24 15:47:45.044408094 +0100
@@ -24,6 +24,7 @@
#include <linux/mm.h>
#include <linux/pagemap.h>
#include <asm/processor.h>
#include <asm/pgalloc.h>
#include <asm/tlbflush.h>
-diff -NurpP --minimal linux-4.9.207/arch/s390/include/uapi/asm/unistd.h linux-4.9.207-vs2.3.9.11/arch/s390/include/uapi/asm/unistd.h
---- linux-4.9.207/arch/s390/include/uapi/asm/unistd.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/s390/include/uapi/asm/unistd.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/s390/include/uapi/asm/unistd.h linux-4.9/arch/s390/include/uapi/asm/unistd.h
+--- linux-4.9/arch/s390/include/uapi/asm/unistd.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/s390/include/uapi/asm/unistd.h 2021-02-24 15:47:45.044408094 +0100
@@ -200,7 +200,7 @@
#define __NR_clock_gettime 260
#define __NR_clock_getres 261
#define __NR_statfs64 265
#define __NR_fstatfs64 266
#define __NR_remap_file_pages 267
-diff -NurpP --minimal linux-4.9.207/arch/s390/Kconfig linux-4.9.207-vs2.3.9.11/arch/s390/Kconfig
---- linux-4.9.207/arch/s390/Kconfig 2019-12-25 15:27:30.238401034 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/s390/Kconfig 2018-10-20 04:58:13.000000000 +0000
-@@ -775,6 +775,8 @@ source "fs/Kconfig"
-
- source "arch/s390/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/s390/kernel/ptrace.c linux-4.9.207-vs2.3.9.11/arch/s390/kernel/ptrace.c
---- linux-4.9.207/arch/s390/kernel/ptrace.c 2019-12-25 15:27:30.598395214 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/s390/kernel/ptrace.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/s390/kernel/ptrace.c linux-4.9/arch/s390/kernel/ptrace.c
+--- linux-4.9/arch/s390/kernel/ptrace.c 2021-02-24 15:47:30.957300731 +0100
++++ linux-4.9/arch/s390/kernel/ptrace.c 2021-02-24 15:47:45.047741532 +0100
@@ -21,6 +21,7 @@
#include <linux/tracehook.h>
#include <linux/seccomp.h>
#include <trace/syscall.h>
#include <asm/segment.h>
#include <asm/page.h>
-diff -NurpP --minimal linux-4.9.207/arch/s390/kernel/syscalls.S linux-4.9.207-vs2.3.9.11/arch/s390/kernel/syscalls.S
---- linux-4.9.207/arch/s390/kernel/syscalls.S 2019-12-25 15:27:30.598395214 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/s390/kernel/syscalls.S 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/s390/kernel/syscalls.S linux-4.9/arch/s390/kernel/syscalls.S
+--- linux-4.9/arch/s390/kernel/syscalls.S 2021-02-24 15:47:30.960634169 +0100
++++ linux-4.9/arch/s390/kernel/syscalls.S 2021-02-24 15:47:45.047741532 +0100
@@ -271,7 +271,7 @@ SYSCALL(sys_clock_settime,compat_sys_clo
SYSCALL(sys_clock_gettime,compat_sys_clock_gettime) /* 260 */
SYSCALL(sys_clock_getres,compat_sys_clock_getres)
SYSCALL(sys_ni_syscall,compat_sys_s390_fadvise64_64)
SYSCALL(sys_statfs64,compat_sys_statfs64)
SYSCALL(sys_fstatfs64,compat_sys_fstatfs64)
-diff -NurpP --minimal linux-4.9.207/arch/sh/Kconfig linux-4.9.207-vs2.3.9.11/arch/sh/Kconfig
---- linux-4.9.207/arch/sh/Kconfig 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/sh/Kconfig 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/sh/Kconfig linux-4.9/arch/sh/Kconfig
+--- linux-4.9/arch/sh/Kconfig 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/sh/Kconfig 2021-02-24 15:47:45.047741532 +0100
@@ -904,6 +904,8 @@ source "fs/Kconfig"
source "arch/sh/Kconfig.debug"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/sh/kernel/irq.c linux-4.9.207-vs2.3.9.11/arch/sh/kernel/irq.c
---- linux-4.9.207/arch/sh/kernel/irq.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/sh/kernel/irq.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/sh/kernel/irq.c linux-4.9/arch/sh/kernel/irq.c
+--- linux-4.9/arch/sh/kernel/irq.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/sh/kernel/irq.c 2021-02-24 15:47:45.047741532 +0100
@@ -14,6 +14,7 @@
#include <linux/ftrace.h>
#include <linux/delay.h>
#include <asm/processor.h>
#include <asm/machvec.h>
#include <asm/uaccess.h>
-diff -NurpP --minimal linux-4.9.207/arch/sparc/include/uapi/asm/unistd.h linux-4.9.207-vs2.3.9.11/arch/sparc/include/uapi/asm/unistd.h
---- linux-4.9.207/arch/sparc/include/uapi/asm/unistd.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/sparc/include/uapi/asm/unistd.h 2018-10-20 04:58:13.000000000 +0000
-@@ -332,7 +332,7 @@
- #define __NR_timer_getoverrun 264
- #define __NR_timer_delete 265
- #define __NR_timer_create 266
--/* #define __NR_vserver 267 Reserved for VSERVER */
-+#define __NR_vserver 267
- #define __NR_io_setup 268
- #define __NR_io_destroy 269
- #define __NR_io_submit 270
-diff -NurpP --minimal linux-4.9.207/arch/sparc/Kconfig linux-4.9.207-vs2.3.9.11/arch/sparc/Kconfig
---- linux-4.9.207/arch/sparc/Kconfig 2019-12-25 15:27:31.178385837 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/sparc/Kconfig 2019-02-22 08:37:49.523154806 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/sparc/Kconfig linux-4.9/arch/sparc/Kconfig
+--- linux-4.9/arch/sparc/Kconfig 2021-02-24 15:47:30.967301044 +0100
++++ linux-4.9/arch/sparc/Kconfig 2021-02-24 15:47:45.047741532 +0100
@@ -584,6 +584,8 @@ source "fs/Kconfig"
source "arch/sparc/Kconfig.debug"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/sparc/kernel/systbls_32.S linux-4.9.207-vs2.3.9.11/arch/sparc/kernel/systbls_32.S
---- linux-4.9.207/arch/sparc/kernel/systbls_32.S 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/sparc/kernel/systbls_32.S 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/sparc/include/uapi/asm/unistd.h linux-4.9/arch/sparc/include/uapi/asm/unistd.h
+--- linux-4.9/arch/sparc/include/uapi/asm/unistd.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/sparc/include/uapi/asm/unistd.h 2021-02-24 15:47:45.047741532 +0100
+@@ -332,7 +332,7 @@
+ #define __NR_timer_getoverrun 264
+ #define __NR_timer_delete 265
+ #define __NR_timer_create 266
+-/* #define __NR_vserver 267 Reserved for VSERVER */
++#define __NR_vserver 267
+ #define __NR_io_setup 268
+ #define __NR_io_destroy 269
+ #define __NR_io_submit 270
+diff -urNp -x '*.orig' linux-4.9/arch/sparc/kernel/systbls_32.S linux-4.9/arch/sparc/kernel/systbls_32.S
+--- linux-4.9/arch/sparc/kernel/systbls_32.S 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/sparc/kernel/systbls_32.S 2021-02-24 15:47:45.047741532 +0100
@@ -70,7 +70,7 @@ sys_call_table:
/*250*/ .long sys_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_ni_syscall
/*255*/ .long sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
/*270*/ .long sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
/*275*/ .long sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
/*280*/ .long sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
-diff -NurpP --minimal linux-4.9.207/arch/sparc/kernel/systbls_64.S linux-4.9.207-vs2.3.9.11/arch/sparc/kernel/systbls_64.S
---- linux-4.9.207/arch/sparc/kernel/systbls_64.S 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/sparc/kernel/systbls_64.S 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/sparc/kernel/systbls_64.S linux-4.9/arch/sparc/kernel/systbls_64.S
+--- linux-4.9/arch/sparc/kernel/systbls_64.S 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/sparc/kernel/systbls_64.S 2021-02-24 15:47:45.047741532 +0100
@@ -71,7 +71,7 @@ sys_call_table32:
/*250*/ .word sys_mremap, compat_sys_sysctl, sys_getsid, sys_fdatasync, sys_nis_syscall
.word sys32_sync_file_range, compat_sys_clock_settime, compat_sys_clock_gettime, compat_sys_clock_getres, sys32_clock_nanosleep
/*270*/ .word sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
.word sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
/*280*/ .word sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
-diff -NurpP --minimal linux-4.9.207/arch/um/Kconfig.rest linux-4.9.207-vs2.3.9.11/arch/um/Kconfig.rest
---- linux-4.9.207/arch/um/Kconfig.rest 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/um/Kconfig.rest 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/um/Kconfig.rest linux-4.9/arch/um/Kconfig.rest
+--- linux-4.9/arch/um/Kconfig.rest 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/um/Kconfig.rest 2021-02-24 15:47:45.047741532 +0100
@@ -12,6 +12,8 @@ source "arch/um/Kconfig.net"
source "fs/Kconfig"
source "security/Kconfig"
source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/arch/x86/entry/syscalls/syscall_32.tbl linux-4.9.207-vs2.3.9.11/arch/x86/entry/syscalls/syscall_32.tbl
---- linux-4.9.207/arch/x86/entry/syscalls/syscall_32.tbl 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/x86/entry/syscalls/syscall_32.tbl 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/x86/Kconfig linux-4.9/arch/x86/Kconfig
+--- linux-4.9/arch/x86/Kconfig 2021-02-24 15:47:30.980634795 +0100
++++ linux-4.9/arch/x86/Kconfig 2021-02-24 15:47:45.047741532 +0100
+@@ -2810,6 +2810,8 @@ source "fs/Kconfig"
+
+ source "arch/x86/Kconfig.debug"
+
++source "kernel/vserver/Kconfig"
++
+ source "security/Kconfig"
+
+ source "crypto/Kconfig"
+diff -urNp -x '*.orig' linux-4.9/arch/x86/entry/syscalls/syscall_32.tbl linux-4.9/arch/x86/entry/syscalls/syscall_32.tbl
+--- linux-4.9/arch/x86/entry/syscalls/syscall_32.tbl 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/x86/entry/syscalls/syscall_32.tbl 2021-02-24 15:47:45.047741532 +0100
@@ -279,7 +279,7 @@
270 i386 tgkill sys_tgkill
271 i386 utimes sys_utimes compat_sys_utimes
274 i386 mbind sys_mbind
275 i386 get_mempolicy sys_get_mempolicy compat_sys_get_mempolicy
276 i386 set_mempolicy sys_set_mempolicy
-diff -NurpP --minimal linux-4.9.207/arch/x86/entry/syscalls/syscall_64.tbl linux-4.9.207-vs2.3.9.11/arch/x86/entry/syscalls/syscall_64.tbl
---- linux-4.9.207/arch/x86/entry/syscalls/syscall_64.tbl 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/x86/entry/syscalls/syscall_64.tbl 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/arch/x86/entry/syscalls/syscall_64.tbl linux-4.9/arch/x86/entry/syscalls/syscall_64.tbl
+--- linux-4.9/arch/x86/entry/syscalls/syscall_64.tbl 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/arch/x86/entry/syscalls/syscall_64.tbl 2021-02-24 15:47:45.047741532 +0100
@@ -242,7 +242,7 @@
233 common epoll_ctl sys_epoll_ctl
234 common tgkill sys_tgkill
237 common mbind sys_mbind
238 common set_mempolicy sys_set_mempolicy
239 common get_mempolicy sys_get_mempolicy
-diff -NurpP --minimal linux-4.9.207/arch/x86/Kconfig linux-4.9.207-vs2.3.9.11/arch/x86/Kconfig
---- linux-4.9.207/arch/x86/Kconfig 2019-12-25 15:27:31.878374518 +0000
-+++ linux-4.9.207-vs2.3.9.11/arch/x86/Kconfig 2019-12-25 15:37:44.298553484 +0000
-@@ -2810,6 +2810,8 @@ source "fs/Kconfig"
-
- source "arch/x86/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-4.9.207/block/ioprio.c linux-4.9.207-vs2.3.9.11/block/ioprio.c
---- linux-4.9.207/block/ioprio.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/block/ioprio.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/block/ioprio.c linux-4.9/block/ioprio.c
+--- linux-4.9/block/ioprio.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/block/ioprio.c 2021-02-24 15:47:45.047741532 +0100
@@ -28,6 +28,7 @@
#include <linux/syscalls.h>
#include <linux/security.h>
tmpio = get_task_ioprio(p);
if (tmpio < 0)
continue;
-diff -NurpP --minimal linux-4.9.207/Documentation/vserver/debug.txt linux-4.9.207-vs2.3.9.11/Documentation/vserver/debug.txt
---- linux-4.9.207/Documentation/vserver/debug.txt 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/Documentation/vserver/debug.txt 2018-10-20 04:58:12.000000000 +0000
-@@ -0,0 +1,154 @@
-+
-+debug_cvirt:
-+
-+ 2 4 "vx_map_tgid: %p/%llx: %d -> %d"
-+ "vx_rmap_tgid: %p/%llx: %d -> %d"
-+
-+debug_dlim:
-+
-+ 0 1 "ALLOC (%p,#%d)%c inode (%d)"
-+ "FREE (%p,#%d)%c inode"
-+ 1 2 "ALLOC (%p,#%d)%c %lld bytes (%d)"
-+ "FREE (%p,#%d)%c %lld bytes"
-+ 2 4 "ADJUST: %lld,%lld on %ld,%ld [mult=%d]"
-+ 3 8 "ext3_has_free_blocks(%p): %lu<%lu+1, %c, %u!=%u r=%d"
-+ "ext3_has_free_blocks(%p): free=%lu, root=%lu"
-+ "rcu_free_dl_info(%p)"
-+ 4 10 "alloc_dl_info(%p,%d) = %p"
-+ "dealloc_dl_info(%p)"
-+ "get_dl_info(%p[#%d.%d])"
-+ "put_dl_info(%p[#%d.%d])"
-+ 5 20 "alloc_dl_info(%p,%d)*"
-+ 6 40 "__hash_dl_info: %p[#%d]"
-+ "__unhash_dl_info: %p[#%d]"
-+ 7 80 "locate_dl_info(%p,#%d) = %p"
-+
-+debug_misc:
-+
-+ 0 1 "destroy_dqhash: %p [#0x%08x] c=%d"
-+ "new_dqhash: %p [#0x%08x]"
-+ "vroot[%d]_clr_dev: dev=%p[%lu,%d:%d]"
-+ "vroot[%d]_get_real_bdev: dev=%p[%lu,%d:%d]"
-+ "vroot[%d]_set_dev: dev=%p[%lu,%d:%d]"
-+ "vroot_get_real_bdev not set"
-+ 1 2 "cow_break_link(?%s?)"
-+ "temp copy ?%s?"
-+ 2 4 "dentry_open(new): %p"
-+ "dentry_open(old): %p"
-+ "lookup_create(new): %p"
-+ "old path ?%s?"
-+ "path_lookup(old): %d"
-+ "vfs_create(new): %d"
-+ "vfs_rename: %d"
-+ "vfs_sendfile: %d"
-+ 3 8 "fput(new_file=%p[#%d])"
-+ "fput(old_file=%p[#%d])"
-+ 4 10 "vx_info_kill(%p[#%d],%d,%d) = %d"
-+ "vx_info_kill(%p[#%d],%d,%d)*"
-+ 5 20 "vs_reboot(%p[#%d],%d)"
-+ 6 40 "dropping task %p[#%u,%u] for %p[#%u,%u]"
-+
-+debug_net:
-+
-+ 2 4 "nx_addr_conflict(%p,%p) %d.%d,%d.%d"
-+ 3 8 "inet_bind(%p) %d.%d.%d.%d, %d.%d.%d.%d, %d.%d.%d.%d"
-+ "inet_bind(%p)* %p,%p;%lx %d.%d.%d.%d"
-+ 4 10 "ip_route_connect(%p) %p,%p;%lx"
-+ 5 20 "__addr_in_socket(%p,%d.%d.%d.%d) %p:%d.%d.%d.%d %p;%lx"
-+ 6 40 "sk,egf: %p [#%d] (from %d)"
-+ "sk,egn: %p [#%d] (from %d)"
-+ "sk,req: %p [#%d] (from %d)"
-+ "sk: %p [#%d] (from %d)"
-+ "tw: %p [#%d] (from %d)"
-+ 7 80 "__sock_recvmsg: %p[%p,%p,%p;%d]:%d/%d"
-+ "__sock_sendmsg: %p[%p,%p,%p;%d]:%d/%d"
-+
-+debug_nid:
-+
-+ 0 1 "__lookup_nx_info(#%u): %p[#%u]"
-+ "alloc_nx_info(%d) = %p"
-+ "create_nx_info(%d) (dynamic rejected)"
-+ "create_nx_info(%d) = %p (already there)"
-+ "create_nx_info(%d) = %p (new)"
-+ "dealloc_nx_info(%p)"
-+ 1 2 "alloc_nx_info(%d)*"
-+ "create_nx_info(%d)*"
-+ 2 4 "get_nx_info(%p[#%d.%d])"
-+ "put_nx_info(%p[#%d.%d])"
-+ 3 8 "claim_nx_info(%p[#%d.%d.%d]) %p"
-+ "clr_nx_info(%p[#%d.%d])"
-+ "init_nx_info(%p[#%d.%d])"
-+ "release_nx_info(%p[#%d.%d.%d]) %p"
-+ "set_nx_info(%p[#%d.%d])"
-+ 4 10 "__hash_nx_info: %p[#%d]"
-+ "__nx_dynamic_id: [#%d]"
-+ "__unhash_nx_info: %p[#%d.%d.%d]"
-+ 5 20 "moved task %p into nxi:%p[#%d]"
-+ "nx_migrate_task(%p,%p[#%d.%d.%d])"
-+ "task_get_nx_info(%p)"
-+ 6 40 "nx_clear_persistent(%p[#%d])"
-+
-+debug_quota:
-+
-+ 0 1 "quota_sync_dqh(%p,%d) discard inode %p"
-+ 1 2 "quota_sync_dqh(%p,%d)"
-+ "sync_dquots(%p,%d)"
-+ "sync_dquots_dqh(%p,%d)"
-+ 3 8 "do_quotactl(%p,%d,cmd=%d,id=%d,%p)"
-+
-+debug_switch:
-+
-+ 0 1 "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]"
-+ 1 2 "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]"
-+ 4 10 "%s: (%s %s) returned %s with %d"
-+
-+debug_tag:
-+
-+ 7 80 "dx_parse_tag(?%s?): %d:#%d"
-+ "dx_propagate_tag(%p[#%lu.%d]): %d,%d"
-+
-+debug_xid:
-+
-+ 0 1 "__lookup_vx_info(#%u): %p[#%u]"
-+ "alloc_vx_info(%d) = %p"
-+ "alloc_vx_info(%d)*"
-+ "create_vx_info(%d) (dynamic rejected)"
-+ "create_vx_info(%d) = %p (already there)"
-+ "create_vx_info(%d) = %p (new)"
-+ "dealloc_vx_info(%p)"
-+ "loc_vx_info(%d) = %p (found)"
-+ "loc_vx_info(%d) = %p (new)"
-+ "loc_vx_info(%d) = %p (not available)"
-+ 1 2 "create_vx_info(%d)*"
-+ "loc_vx_info(%d)*"
-+ 2 4 "get_vx_info(%p[#%d.%d])"
-+ "put_vx_info(%p[#%d.%d])"
-+ 3 8 "claim_vx_info(%p[#%d.%d.%d]) %p"
-+ "clr_vx_info(%p[#%d.%d])"
-+ "init_vx_info(%p[#%d.%d])"
-+ "release_vx_info(%p[#%d.%d.%d]) %p"
-+ "set_vx_info(%p[#%d.%d])"
-+ 4 10 "__hash_vx_info: %p[#%d]"
-+ "__unhash_vx_info: %p[#%d.%d.%d]"
-+ "__vx_dynamic_id: [#%d]"
-+ 5 20 "enter_vx_info(%p[#%d],%p) %p[#%d,%p]"
-+ "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]"
-+ "moved task %p into vxi:%p[#%d]"
-+ "task_get_vx_info(%p)"
-+ "vx_migrate_task(%p,%p[#%d.%d])"
-+ 6 40 "vx_clear_persistent(%p[#%d])"
-+ "vx_exit_init(%p[#%d],%p[#%d,%d,%d])"
-+ "vx_set_init(%p[#%d],%p[#%d,%d,%d])"
-+ "vx_set_persistent(%p[#%d])"
-+ "vx_set_reaper(%p[#%d],%p[#%d,%d])"
-+ 7 80 "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]"
-+
-+
-+debug_limit:
-+
-+ n 2^n "vx_acc_cres[%5d,%s,%2d]: %5d%s"
-+ "vx_cres_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
-+
-+ m 2^m "vx_acc_page[%5d,%s,%2d]: %5d%s"
-+ "vx_acc_pages[%5d,%s,%2d]: %5d += %5d"
-+ "vx_pages_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
-diff -NurpP --minimal linux-4.9.207/drivers/block/Kconfig linux-4.9.207-vs2.3.9.11/drivers/block/Kconfig
---- linux-4.9.207/drivers/block/Kconfig 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/block/Kconfig 2018-10-20 04:58:13.000000000 +0000
-@@ -273,6 +273,13 @@ config BLK_DEV_CRYPTOLOOP
-
- source "drivers/block/drbd/Kconfig"
-
-+config BLK_DEV_VROOT
-+ tristate "Virtual Root device support"
-+ depends on QUOTACTL
-+ ---help---
-+ Saying Y here will allow you to use quota/fs ioctls on a shared
-+ partition within a virtual server without compromising security.
+diff -urNp -x '*.orig' linux-4.9/drivers/block/Kconfig linux-4.9/drivers/block/Kconfig
+--- linux-4.9/drivers/block/Kconfig 2021-02-24 15:47:31.113972298 +0100
++++ linux-4.9/drivers/block/Kconfig 2021-02-24 15:47:45.047741532 +0100
+@@ -273,6 +273,13 @@ config BLK_DEV_CRYPTOLOOP
+
+ source "drivers/block/drbd/Kconfig"
+
++config BLK_DEV_VROOT
++ tristate "Virtual Root device support"
++ depends on QUOTACTL
++ ---help---
++ Saying Y here will allow you to use quota/fs ioctls on a shared
++ partition within a virtual server without compromising security.
+
config BLK_DEV_NBD
tristate "Network block device support"
depends on NET
-diff -NurpP --minimal linux-4.9.207/drivers/block/loop.c linux-4.9.207-vs2.3.9.11/drivers/block/loop.c
---- linux-4.9.207/drivers/block/loop.c 2019-12-25 15:27:36.368301926 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/block/loop.c 2019-12-25 15:37:45.418535409 +0000
+diff -urNp -x '*.orig' linux-4.9/drivers/block/Makefile linux-4.9/drivers/block/Makefile
+--- linux-4.9/drivers/block/Makefile 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/drivers/block/Makefile 2021-02-24 15:47:45.051074969 +0100
+@@ -31,6 +31,7 @@ obj-$(CONFIG_VIRTIO_BLK) += virtio_blk.o
+
+ obj-$(CONFIG_BLK_DEV_SX8) += sx8.o
+ obj-$(CONFIG_BLK_DEV_HD) += hd.o
++obj-$(CONFIG_BLK_DEV_VROOT) += vroot.o
+
+ obj-$(CONFIG_XEN_BLKDEV_FRONTEND) += xen-blkfront.o
+ obj-$(CONFIG_XEN_BLKDEV_BACKEND) += xen-blkback/
+diff -urNp -x '*.orig' linux-4.9/drivers/block/loop.c linux-4.9/drivers/block/loop.c
+--- linux-4.9/drivers/block/loop.c 2021-02-24 15:47:31.117305737 +0100
++++ linux-4.9/drivers/block/loop.c 2021-02-24 15:47:45.051074969 +0100
@@ -76,6 +76,7 @@
#include <linux/miscdevice.h>
#include <linux/falloc.h>
atomic_inc(&lo->lo_refcnt);
out:
mutex_unlock(&loop_index_mutex);
-diff -NurpP --minimal linux-4.9.207/drivers/block/loop.h linux-4.9.207-vs2.3.9.11/drivers/block/loop.h
---- linux-4.9.207/drivers/block/loop.h 2019-12-25 15:27:36.388301601 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/block/loop.h 2019-10-05 14:58:39.110412393 +0000
+diff -urNp -x '*.orig' linux-4.9/drivers/block/loop.h linux-4.9/drivers/block/loop.h
+--- linux-4.9/drivers/block/loop.h 2021-02-24 15:47:31.117305737 +0100
++++ linux-4.9/drivers/block/loop.h 2021-02-24 15:47:45.051074969 +0100
@@ -43,6 +43,7 @@ struct loop_device {
struct loop_func_table *lo_encryption;
__u32 lo_init[2];
int (*ioctl)(struct loop_device *, int cmd,
unsigned long arg);
-diff -NurpP --minimal linux-4.9.207/drivers/block/Makefile linux-4.9.207-vs2.3.9.11/drivers/block/Makefile
---- linux-4.9.207/drivers/block/Makefile 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/block/Makefile 2018-10-20 04:58:13.000000000 +0000
-@@ -31,6 +31,7 @@ obj-$(CONFIG_VIRTIO_BLK) += virtio_blk.o
-
- obj-$(CONFIG_BLK_DEV_SX8) += sx8.o
- obj-$(CONFIG_BLK_DEV_HD) += hd.o
-+obj-$(CONFIG_BLK_DEV_VROOT) += vroot.o
-
- obj-$(CONFIG_XEN_BLKDEV_FRONTEND) += xen-blkfront.o
- obj-$(CONFIG_XEN_BLKDEV_BACKEND) += xen-blkback/
-diff -NurpP --minimal linux-4.9.207/drivers/block/vroot.c linux-4.9.207-vs2.3.9.11/drivers/block/vroot.c
---- linux-4.9.207/drivers/block/vroot.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/block/vroot.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/drivers/block/vroot.c linux-4.9/drivers/block/vroot.c
+--- linux-4.9/drivers/block/vroot.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/drivers/block/vroot.c 2021-02-24 15:47:45.051074969 +0100
@@ -0,0 +1,291 @@
+/*
+ * linux/drivers/block/vroot.c
+
+#endif
+
-diff -NurpP --minimal linux-4.9.207/drivers/md/dm.c linux-4.9.207-vs2.3.9.11/drivers/md/dm.c
---- linux-4.9.207/drivers/md/dm.c 2019-12-25 15:28:01.727891912 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/md/dm.c 2019-12-25 15:37:45.988526209 +0000
-@@ -22,6 +22,7 @@
- #include <linux/wait.h>
- #include <linux/pr.h>
- #include <linux/vmalloc.h>
-+#include <linux/vs_base.h>
-
- #define DM_MSG_PREFIX "core"
-
-@@ -300,6 +301,7 @@ int dm_deleting_md(struct mapped_device
- static int dm_blk_open(struct block_device *bdev, fmode_t mode)
- {
- struct mapped_device *md;
-+ int ret = -ENXIO;
-
- spin_lock(&_minor_lock);
-
-@@ -308,17 +310,19 @@ static int dm_blk_open(struct block_devi
- goto out;
-
- if (test_bit(DMF_FREEING, &md->flags) ||
-- dm_deleting_md(md)) {
-- md = NULL;
-+ dm_deleting_md(md))
-+ goto out;
-+
-+ ret = -EACCES;
-+ if (!vx_check(md->xid, VS_IDENT|VS_HOSTID))
- goto out;
-- }
-
- dm_get(md);
- atomic_inc(&md->open_count);
-+ ret = 0;
- out:
- spin_unlock(&_minor_lock);
--
-- return md ? 0 : -ENXIO;
-+ return ret;
- }
-
- static void dm_blk_close(struct gendisk *disk, fmode_t mode)
-@@ -744,6 +748,14 @@ int dm_set_geometry(struct mapped_device
- return 0;
- }
-
-+/*
-+ * Get the xid associated with a dm device
-+ */
-+vxid_t dm_get_xid(struct mapped_device *md)
-+{
-+ return md->xid;
-+}
-+
- /*-----------------------------------------------------------------
- * CRUD START:
- * A more elegant soln is in the works that uses the queue
-@@ -1549,6 +1561,7 @@ static struct mapped_device *alloc_dev(i
- INIT_LIST_HEAD(&md->uevent_list);
- INIT_LIST_HEAD(&md->table_devices);
- spin_lock_init(&md->uevent_lock);
-+ md->xid = vx_current_xid();
-
- md->queue = blk_alloc_queue_node(GFP_KERNEL, numa_node_id);
- if (!md->queue)
-diff -NurpP --minimal linux-4.9.207/drivers/md/dm-core.h linux-4.9.207-vs2.3.9.11/drivers/md/dm-core.h
---- linux-4.9.207/drivers/md/dm-core.h 2019-12-25 15:28:01.677892718 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/md/dm-core.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/drivers/md/dm-core.h linux-4.9/drivers/md/dm-core.h
+--- linux-4.9/drivers/md/dm-core.h 2021-02-24 15:47:31.450649498 +0100
++++ linux-4.9/drivers/md/dm-core.h 2021-02-24 15:47:45.051074969 +0100
@@ -52,6 +52,7 @@ struct mapped_device {
atomic_t holders;
struct dm_target *immutable_target;
struct target_type *immutable_target_type;
-diff -NurpP --minimal linux-4.9.207/drivers/md/dm.h linux-4.9.207-vs2.3.9.11/drivers/md/dm.h
---- linux-4.9.207/drivers/md/dm.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/md/dm.h 2018-10-20 04:58:13.000000000 +0000
-@@ -45,6 +45,8 @@ struct dm_dev_internal {
- struct dm_table;
- struct dm_md_mempools;
-
-+vxid_t dm_get_xid(struct mapped_device *md);
-+
- /*-----------------------------------------------------------------
- * Internal table functions.
- *---------------------------------------------------------------*/
-diff -NurpP --minimal linux-4.9.207/drivers/md/dm-ioctl.c linux-4.9.207-vs2.3.9.11/drivers/md/dm-ioctl.c
---- linux-4.9.207/drivers/md/dm-ioctl.c 2019-12-25 15:28:01.687892558 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/md/dm-ioctl.c 2019-02-22 08:37:51.173126752 +0000
+diff -urNp -x '*.orig' linux-4.9/drivers/md/dm-ioctl.c linux-4.9/drivers/md/dm-ioctl.c
+--- linux-4.9/drivers/md/dm-ioctl.c 2021-02-24 15:47:31.450649498 +0100
++++ linux-4.9/drivers/md/dm-ioctl.c 2021-02-24 15:47:45.051074969 +0100
@@ -16,6 +16,7 @@
#include <linux/dm-ioctl.h>
#include <linux/hdreg.h>
if (old_nl)
old_nl->next = (uint32_t) ((void *) nl -
(void *) old_nl);
-@@ -1799,8 +1811,8 @@ static int ctl_ioctl(uint command, struc
+@@ -1800,8 +1812,8 @@ static int ctl_ioctl(uint command, struc
size_t input_param_size;
struct dm_ioctl param_kernel;
return -EACCES;
if (_IOC_TYPE(command) != DM_IOCTL)
-diff -NurpP --minimal linux-4.9.207/drivers/net/tun.c linux-4.9.207-vs2.3.9.11/drivers/net/tun.c
---- linux-4.9.207/drivers/net/tun.c 2019-12-25 15:28:13.097708081 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/net/tun.c 2019-10-05 14:58:41.040381546 +0000
-@@ -65,6 +65,7 @@
- #include <linux/nsproxy.h>
- #include <linux/virtio_net.h>
- #include <linux/rcupdate.h>
-+#include <linux/vs_network.h>
- #include <net/net_namespace.h>
- #include <net/netns/generic.h>
- #include <net/rtnetlink.h>
-@@ -194,6 +195,7 @@ struct tun_struct {
- unsigned int flags;
- kuid_t owner;
- kgid_t group;
-+ vnid_t nid;
+diff -urNp -x '*.orig' linux-4.9/drivers/md/dm.c linux-4.9/drivers/md/dm.c
+--- linux-4.9/drivers/md/dm.c 2021-02-24 15:47:31.457316373 +0100
++++ linux-4.9/drivers/md/dm.c 2021-02-24 15:47:45.051074969 +0100
+@@ -22,6 +22,7 @@
+ #include <linux/wait.h>
+ #include <linux/pr.h>
+ #include <linux/vmalloc.h>
++#include <linux/vs_base.h>
- struct net_device *dev;
- netdev_features_t set_features;
-@@ -490,6 +492,7 @@ static inline bool tun_not_capable(struc
- return ((uid_valid(tun->owner) && !uid_eq(cred->euid, tun->owner)) ||
- (gid_valid(tun->group) && !in_egroup_p(tun->group))) &&
- !ns_capable(net->user_ns, CAP_NET_ADMIN);
-+ /* !cap_raised(current_cap(), CAP_NET_ADMIN) */
- }
+ #define DM_MSG_PREFIX "core"
- static void tun_set_real_num_queues(struct tun_struct *tun)
-@@ -1558,6 +1561,7 @@ static void tun_setup(struct net_device
+@@ -300,6 +301,7 @@ int dm_deleting_md(struct mapped_device
+ static int dm_blk_open(struct block_device *bdev, fmode_t mode)
+ {
+ struct mapped_device *md;
++ int ret = -ENXIO;
- tun->owner = INVALID_UID;
- tun->group = INVALID_GID;
-+ tun->nid = nx_current_nid();
+ spin_lock(&_minor_lock);
+
+@@ -308,17 +310,19 @@ static int dm_blk_open(struct block_devi
+ goto out;
+
+ if (test_bit(DMF_FREEING, &md->flags) ||
+- dm_deleting_md(md)) {
+- md = NULL;
++ dm_deleting_md(md))
++ goto out;
++
++ ret = -EACCES;
++ if (!vx_check(md->xid, VS_IDENT|VS_HOSTID))
+ goto out;
+- }
+
+ dm_get(md);
+ atomic_inc(&md->open_count);
++ ret = 0;
+ out:
+ spin_unlock(&_minor_lock);
+-
+- return md ? 0 : -ENXIO;
++ return ret;
+ }
+
+ static void dm_blk_close(struct gendisk *disk, fmode_t mode)
+@@ -744,6 +748,14 @@ int dm_set_geometry(struct mapped_device
+ return 0;
+ }
+
++/*
++ * Get the xid associated with a dm device
++ */
++vxid_t dm_get_xid(struct mapped_device *md)
++{
++ return md->xid;
++}
++
+ /*-----------------------------------------------------------------
+ * CRUD START:
+ * A more elegant soln is in the works that uses the queue
+@@ -1549,6 +1561,7 @@ static struct mapped_device *alloc_dev(i
+ INIT_LIST_HEAD(&md->uevent_list);
+ INIT_LIST_HEAD(&md->table_devices);
+ spin_lock_init(&md->uevent_lock);
++ md->xid = vx_current_xid();
+
+ md->queue = blk_alloc_queue_node(GFP_KERNEL, numa_node_id);
+ if (!md->queue)
+diff -urNp -x '*.orig' linux-4.9/drivers/md/dm.h linux-4.9/drivers/md/dm.h
+--- linux-4.9/drivers/md/dm.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/drivers/md/dm.h 2021-02-24 15:47:45.051074969 +0100
+@@ -45,6 +45,8 @@ struct dm_dev_internal {
+ struct dm_table;
+ struct dm_md_mempools;
+
++vxid_t dm_get_xid(struct mapped_device *md);
++
+ /*-----------------------------------------------------------------
+ * Internal table functions.
+ *---------------------------------------------------------------*/
+diff -urNp -x '*.orig' linux-4.9/drivers/net/tun.c linux-4.9/drivers/net/tun.c
+--- linux-4.9/drivers/net/tun.c 2021-02-24 15:47:31.743992008 +0100
++++ linux-4.9/drivers/net/tun.c 2021-02-24 15:47:45.051074969 +0100
+@@ -65,6 +65,7 @@
+ #include <linux/nsproxy.h>
+ #include <linux/virtio_net.h>
+ #include <linux/rcupdate.h>
++#include <linux/vs_network.h>
+ #include <net/net_namespace.h>
+ #include <net/netns/generic.h>
+ #include <net/rtnetlink.h>
+@@ -194,6 +195,7 @@ struct tun_struct {
+ unsigned int flags;
+ kuid_t owner;
+ kgid_t group;
++ vnid_t nid;
+
+ struct net_device *dev;
+ netdev_features_t set_features;
+@@ -490,6 +492,7 @@ static inline bool tun_not_capable(struc
+ return ((uid_valid(tun->owner) && !uid_eq(cred->euid, tun->owner)) ||
+ (gid_valid(tun->group) && !in_egroup_p(tun->group))) &&
+ !ns_capable(net->user_ns, CAP_NET_ADMIN);
++ /* !cap_raised(current_cap(), CAP_NET_ADMIN) */
+ }
+
+ static void tun_set_real_num_queues(struct tun_struct *tun)
+@@ -1569,6 +1572,7 @@ static void tun_setup(struct net_device
+
+ tun->owner = INVALID_UID;
+ tun->group = INVALID_GID;
++ tun->nid = nx_current_nid();
dev->ethtool_ops = &tun_ethtool_ops;
dev->destructor = tun_free_netdev;
-@@ -1771,7 +1775,7 @@ static int tun_set_iff(struct net *net,
+@@ -1782,7 +1786,7 @@ static int tun_set_iff(struct net *net,
int queues = ifr->ifr_flags & IFF_MULTI_QUEUE ?
MAX_TAP_QUEUES : 1;
return -EPERM;
err = security_tun_dev_create();
if (err < 0)
-@@ -2140,6 +2144,16 @@ static long __tun_chr_ioctl(struct file
+@@ -2151,6 +2155,16 @@ static long __tun_chr_ioctl(struct file
from_kgid(&init_user_ns, tun->group));
break;
case TUNSETLINK:
/* Only allow setting the type when the interface is down */
if (tun->dev->flags & IFF_UP) {
-diff -NurpP --minimal linux-4.9.207/drivers/scsi/cxgbi/libcxgbi.c linux-4.9.207-vs2.3.9.11/drivers/scsi/cxgbi/libcxgbi.c
---- linux-4.9.207/drivers/scsi/cxgbi/libcxgbi.c 2019-12-25 15:28:19.947597331 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/scsi/cxgbi/libcxgbi.c 2019-10-05 14:58:43.270345911 +0000
-@@ -776,7 +776,8 @@ static struct cxgbi_sock *cxgbi_check_ro
+diff -urNp -x '*.orig' linux-4.9/drivers/scsi/cxgbi/libcxgbi.c linux-4.9/drivers/scsi/cxgbi/libcxgbi.c
+--- linux-4.9/drivers/scsi/cxgbi/libcxgbi.c 2021-02-24 15:47:31.947331702 +0100
++++ linux-4.9/drivers/scsi/cxgbi/libcxgbi.c 2021-02-24 15:47:45.051074969 +0100
+@@ -777,7 +777,8 @@ static struct cxgbi_sock *cxgbi_check_ro
struct inet6_dev *idev = ip6_dst_idev((struct dst_entry *)rt);
err = ipv6_dev_get_saddr(&init_net, idev ? idev->dev : NULL,
if (err) {
pr_info("failed to get source address to reach %pI6\n",
&daddr6->sin6_addr);
-diff -NurpP --minimal linux-4.9.207/drivers/tty/sysrq.c linux-4.9.207-vs2.3.9.11/drivers/tty/sysrq.c
---- linux-4.9.207/drivers/tty/sysrq.c 2019-12-25 15:28:24.267527483 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/tty/sysrq.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/drivers/tty/sysrq.c linux-4.9/drivers/tty/sysrq.c
+--- linux-4.9/drivers/tty/sysrq.c 2021-02-24 15:47:32.084002644 +0100
++++ linux-4.9/drivers/tty/sysrq.c 2021-02-24 15:47:45.051074969 +0100
@@ -47,6 +47,7 @@
#include <linux/syscalls.h>
#include <linux/of.h>
else
retval = -1;
return retval;
-diff -NurpP --minimal linux-4.9.207/drivers/tty/tty_io.c linux-4.9.207-vs2.3.9.11/drivers/tty/tty_io.c
---- linux-4.9.207/drivers/tty/tty_io.c 2019-12-25 15:28:24.287527162 +0000
-+++ linux-4.9.207-vs2.3.9.11/drivers/tty/tty_io.c 2019-10-05 14:58:43.980334565 +0000
+diff -urNp -x '*.orig' linux-4.9/drivers/tty/tty_io.c linux-4.9/drivers/tty/tty_io.c
+--- linux-4.9/drivers/tty/tty_io.c 2021-02-24 15:47:32.084002644 +0100
++++ linux-4.9/drivers/tty/tty_io.c 2021-02-24 15:47:45.054408406 +0100
@@ -104,6 +104,7 @@
#include <linux/kmod.h>
#undef TTY_DEBUG_HANGUP
#ifdef TTY_DEBUG_HANGUP
-@@ -2318,7 +2319,8 @@ static int tiocsti(struct tty_struct *tt
+@@ -2321,7 +2322,8 @@ static int tiocsti(struct tty_struct *tt
char ch, mbz = 0;
struct tty_ldisc *ld;
if (get_user(ch, p))
return -EFAULT;
@@ -2634,6 +2636,7 @@ static int tiocspgrp(struct tty_struct *
- return -ENOTTY;
+
if (get_user(pgrp_nr, p))
return -EFAULT;
+ pgrp_nr = vx_rmap_pid(pgrp_nr);
if (pgrp_nr < 0)
return -EINVAL;
- rcu_read_lock();
-diff -NurpP --minimal linux-4.9.207/fs/attr.c linux-4.9.207-vs2.3.9.11/fs/attr.c
---- linux-4.9.207/fs/attr.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/attr.c 2018-10-20 04:58:13.000000000 +0000
+
+diff -urNp -x '*.orig' linux-4.9/fs/attr.c linux-4.9/fs/attr.c
+--- linux-4.9/fs/attr.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/attr.c 2021-02-24 15:47:45.054408406 +0100
@@ -15,6 +15,9 @@
#include <linux/security.h>
#include <linux/evm.h>
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
return -EPERM;
}
-diff -NurpP --minimal linux-4.9.207/fs/block_dev.c linux-4.9.207-vs2.3.9.11/fs/block_dev.c
---- linux-4.9.207/fs/block_dev.c 2019-12-25 15:28:35.697342685 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/block_dev.c 2019-02-22 08:37:54.463070814 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/block_dev.c linux-4.9/fs/block_dev.c
+--- linux-4.9/fs/block_dev.c 2021-02-24 15:47:32.207339836 +0100
++++ linux-4.9/fs/block_dev.c 2021-02-24 15:47:45.054408406 +0100
@@ -31,6 +31,7 @@
#include <linux/dax.h>
#include <linux/badblocks.h>
if (bdev) {
spin_lock(&bdev_lock);
if (!inode->i_bdev) {
-diff -NurpP --minimal linux-4.9.207/fs/btrfs/ctree.h linux-4.9.207-vs2.3.9.11/fs/btrfs/ctree.h
---- linux-4.9.207/fs/btrfs/ctree.h 2019-12-25 15:28:35.767341551 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/btrfs/ctree.h 2019-02-22 08:37:54.473070642 +0000
-@@ -1321,6 +1321,8 @@ static inline u32 BTRFS_MAX_XATTR_SIZE(c
+diff -urNp -x '*.orig' linux-4.9/fs/btrfs/ctree.h linux-4.9/fs/btrfs/ctree.h
+--- linux-4.9/fs/btrfs/ctree.h 2021-02-24 15:47:32.210673274 +0100
++++ linux-4.9/fs/btrfs/ctree.h 2021-02-24 15:47:45.054408406 +0100
+@@ -1319,6 +1319,8 @@ static inline u32 BTRFS_MAX_XATTR_SIZE(c
#define BTRFS_DEFAULT_COMMIT_INTERVAL (30)
#define BTRFS_DEFAULT_MAX_INLINE (2048)
#define btrfs_clear_opt(o, opt) ((o) &= ~BTRFS_MOUNT_##opt)
#define btrfs_set_opt(o, opt) ((o) |= BTRFS_MOUNT_##opt)
#define btrfs_raw_test_opt(o, opt) ((o) & BTRFS_MOUNT_##opt)
-@@ -1671,6 +1673,7 @@ BTRFS_SETGET_FUNCS(inode_block_group, st
+@@ -1669,6 +1671,7 @@ BTRFS_SETGET_FUNCS(inode_block_group, st
BTRFS_SETGET_FUNCS(inode_nlink, struct btrfs_inode_item, nlink, 32);
BTRFS_SETGET_FUNCS(inode_uid, struct btrfs_inode_item, uid, 32);
BTRFS_SETGET_FUNCS(inode_gid, struct btrfs_inode_item, gid, 32);
BTRFS_SETGET_FUNCS(inode_mode, struct btrfs_inode_item, mode, 32);
BTRFS_SETGET_FUNCS(inode_rdev, struct btrfs_inode_item, rdev, 64);
BTRFS_SETGET_FUNCS(inode_flags, struct btrfs_inode_item, flags, 64);
-@@ -1718,6 +1721,10 @@ BTRFS_SETGET_FUNCS(extent_flags, struct
+@@ -1716,6 +1719,10 @@ BTRFS_SETGET_FUNCS(extent_flags, struct
BTRFS_SETGET_FUNCS(extent_refs_v0, struct btrfs_extent_item_v0, refs, 32);
BTRFS_SETGET_FUNCS(tree_block_level, struct btrfs_tree_block_info, level, 8);
-@@ -3201,6 +3208,7 @@ int btrfs_ioctl_get_supported_features(v
+@@ -3199,6 +3206,7 @@ int btrfs_ioctl_get_supported_features(v
void btrfs_update_iflags(struct inode *inode);
void btrfs_inherit_iflags(struct inode *inode, struct inode *dir);
int btrfs_is_empty_uuid(u8 *uuid);
int btrfs_defrag_file(struct inode *inode, struct file *file,
struct btrfs_ioctl_defrag_range_args *range,
u64 newer_than, unsigned long max_pages);
-diff -NurpP --minimal linux-4.9.207/fs/btrfs/disk-io.c linux-4.9.207-vs2.3.9.11/fs/btrfs/disk-io.c
---- linux-4.9.207/fs/btrfs/disk-io.c 2019-12-25 15:28:35.787341229 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/btrfs/disk-io.c 2019-02-22 08:37:54.473070642 +0000
-@@ -2706,6 +2706,9 @@ int open_ctree(struct super_block *sb,
+diff -urNp -x '*.orig' linux-4.9/fs/btrfs/disk-io.c linux-4.9/fs/btrfs/disk-io.c
+--- linux-4.9/fs/btrfs/disk-io.c 2021-02-24 15:47:32.210673274 +0100
++++ linux-4.9/fs/btrfs/disk-io.c 2021-02-24 15:47:45.054408406 +0100
+@@ -2712,6 +2712,9 @@ int open_ctree(struct super_block *sb,
goto fail_alloc;
}
features = btrfs_super_incompat_flags(disk_super) &
~BTRFS_FEATURE_INCOMPAT_SUPP;
if (features) {
-diff -NurpP --minimal linux-4.9.207/fs/btrfs/inode.c linux-4.9.207-vs2.3.9.11/fs/btrfs/inode.c
---- linux-4.9.207/fs/btrfs/inode.c 2019-12-25 15:28:35.847340258 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/btrfs/inode.c 2019-12-25 15:37:51.118443417 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/btrfs/inode.c linux-4.9/fs/btrfs/inode.c
+--- linux-4.9/fs/btrfs/inode.c 2021-02-24 15:47:32.217340149 +0100
++++ linux-4.9/fs/btrfs/inode.c 2021-02-24 15:47:45.057741845 +0100
@@ -43,6 +43,7 @@
#include <linux/blkdev.h>
#include <linux/posix_acl_xattr.h>
#include "ctree.h"
#include "disk-io.h"
#include "transaction.h"
-@@ -3701,6 +3702,9 @@ static int btrfs_read_locked_inode(struc
+@@ -3717,6 +3718,9 @@ static int btrfs_read_locked_inode(struc
unsigned long ptr;
int maybe_acls;
u32 rdev;
int ret;
bool filled = false;
int first_xattr_slot;
-@@ -3733,8 +3737,14 @@ static int btrfs_read_locked_inode(struc
+@@ -3749,8 +3753,14 @@ static int btrfs_read_locked_inode(struc
struct btrfs_inode_item);
inode->i_mode = btrfs_inode_mode(leaf, inode_item);
set_nlink(inode, btrfs_inode_nlink(leaf, inode_item));
btrfs_i_size_write(inode, btrfs_inode_size(leaf, inode_item));
inode->i_atime.tv_sec = btrfs_timespec_sec(leaf, &inode_item->atime);
-@@ -3889,11 +3899,18 @@ static void fill_inode_item(struct btrfs
+@@ -3905,11 +3915,18 @@ static void fill_inode_item(struct btrfs
struct inode *inode)
{
struct btrfs_map_token token;
btrfs_set_token_inode_size(leaf, item, BTRFS_I(inode)->disk_i_size,
&token);
btrfs_set_token_inode_mode(leaf, item, inode->i_mode, &token);
-@@ -10649,6 +10666,7 @@ static const struct inode_operations btr
+@@ -10687,6 +10704,7 @@ static const struct inode_operations btr
.mknod = btrfs_mknod,
.listxattr = btrfs_listxattr,
.permission = btrfs_permission,
.get_acl = btrfs_get_acl,
.set_acl = btrfs_set_acl,
.update_time = btrfs_update_time,
-@@ -10657,6 +10675,7 @@ static const struct inode_operations btr
+@@ -10695,6 +10713,7 @@ static const struct inode_operations btr
static const struct inode_operations btrfs_dir_ro_inode_operations = {
.lookup = btrfs_lookup,
.permission = btrfs_permission,
.update_time = btrfs_update_time,
};
-@@ -10722,6 +10741,7 @@ static const struct inode_operations btr
+@@ -10760,6 +10779,7 @@ static const struct inode_operations btr
.listxattr = btrfs_listxattr,
.permission = btrfs_permission,
.fiemap = btrfs_fiemap,
.get_acl = btrfs_get_acl,
.set_acl = btrfs_set_acl,
.update_time = btrfs_update_time,
-diff -NurpP --minimal linux-4.9.207/fs/btrfs/ioctl.c linux-4.9.207-vs2.3.9.11/fs/btrfs/ioctl.c
---- linux-4.9.207/fs/btrfs/ioctl.c 2019-12-25 15:28:35.847340258 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/btrfs/ioctl.c 2019-10-05 14:58:45.120316346 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/btrfs/ioctl.c linux-4.9/fs/btrfs/ioctl.c
+--- linux-4.9/fs/btrfs/ioctl.c 2021-02-24 15:47:32.217340149 +0100
++++ linux-4.9/fs/btrfs/ioctl.c 2021-02-24 15:47:45.057741845 +0100
@@ -110,10 +110,13 @@ static unsigned int btrfs_flags_to_ioctl
{
unsigned int iflags = 0;
if (flags & FS_APPEND_FL)
ip->flags |= BTRFS_INODE_APPEND;
else
-diff -NurpP --minimal linux-4.9.207/fs/btrfs/super.c linux-4.9.207-vs2.3.9.11/fs/btrfs/super.c
---- linux-4.9.207/fs/btrfs/super.c 2019-12-25 15:28:35.857340098 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/btrfs/super.c 2019-02-22 08:37:54.503070133 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/btrfs/super.c linux-4.9/fs/btrfs/super.c
+--- linux-4.9/fs/btrfs/super.c 2021-02-24 15:47:32.224007024 +0100
++++ linux-4.9/fs/btrfs/super.c 2021-02-24 15:47:45.057741845 +0100
@@ -327,7 +327,7 @@ enum {
#ifdef CONFIG_BTRFS_DEBUG
Opt_fragment_data, Opt_fragment_metadata, Opt_fragment_all,
case Opt_err:
btrfs_info(root->fs_info,
"unrecognized mount option '%s'", p);
-@@ -1754,6 +1773,12 @@ static int btrfs_remount(struct super_bl
+@@ -1760,6 +1779,12 @@ static int btrfs_remount(struct super_bl
btrfs_resize_thread_pool(fs_info,
fs_info->thread_pool_size, old_thread_pool_size);
if ((*flags & MS_RDONLY) == (sb->s_flags & MS_RDONLY))
goto out;
-diff -NurpP --minimal linux-4.9.207/fs/char_dev.c linux-4.9.207-vs2.3.9.11/fs/char_dev.c
---- linux-4.9.207/fs/char_dev.c 2019-12-25 15:28:36.037337186 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/char_dev.c 2019-10-05 14:58:45.140316026 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/char_dev.c linux-4.9/fs/char_dev.c
+--- linux-4.9/fs/char_dev.c 2021-02-24 15:47:32.230673899 +0100
++++ linux-4.9/fs/char_dev.c 2021-02-24 15:47:45.057741845 +0100
@@ -21,6 +21,8 @@
#include <linux/mutex.h>
#include <linux/backing-dev.h>
if (!kobj)
return -ENXIO;
new = container_of(kobj, struct cdev, kobj);
-diff -NurpP --minimal linux-4.9.207/fs/dcache.c linux-4.9.207-vs2.3.9.11/fs/dcache.c
---- linux-4.9.207/fs/dcache.c 2019-12-25 15:28:36.257333629 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/dcache.c 2019-10-05 14:58:45.150315864 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/dcache.c linux-4.9/fs/dcache.c
+--- linux-4.9/fs/dcache.c 2021-02-24 15:47:32.247341088 +0100
++++ linux-4.9/fs/dcache.c 2021-02-24 15:47:45.061075282 +0100
@@ -39,6 +39,7 @@
#include <linux/ratelimit.h>
#include <linux/list_lru.h>
}
}
return D_WALK_CONTINUE;
-diff -NurpP --minimal linux-4.9.207/fs/devpts/inode.c linux-4.9.207-vs2.3.9.11/fs/devpts/inode.c
---- linux-4.9.207/fs/devpts/inode.c 2019-12-25 15:28:36.287333144 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/devpts/inode.c 2019-10-05 14:58:45.150315864 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/devpts/inode.c linux-4.9/fs/devpts/inode.c
+--- linux-4.9/fs/devpts/inode.c 2021-02-24 15:47:32.247341088 +0100
++++ linux-4.9/fs/devpts/inode.c 2021-02-24 15:47:45.061075282 +0100
@@ -27,6 +27,7 @@
#include <linux/parser.h>
#include <linux/fsnotify.h>
sprintf(s, "%d", index);
-diff -NurpP --minimal linux-4.9.207/fs/ext2/balloc.c linux-4.9.207-vs2.3.9.11/fs/ext2/balloc.c
---- linux-4.9.207/fs/ext2/balloc.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/balloc.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/balloc.c linux-4.9/fs/ext2/balloc.c
+--- linux-4.9/fs/ext2/balloc.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ext2/balloc.c 2021-02-24 15:47:45.061075282 +0100
@@ -693,7 +693,6 @@ ext2_try_to_allocate(struct super_block
start = 0;
end = EXT2_BLOCKS_PER_GROUP(sb);
BUG_ON(start > EXT2_BLOCKS_PER_GROUP(sb));
repeat:
-diff -NurpP --minimal linux-4.9.207/fs/ext2/ext2.h linux-4.9.207-vs2.3.9.11/fs/ext2/ext2.h
---- linux-4.9.207/fs/ext2/ext2.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/ext2.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/ext2.h linux-4.9/fs/ext2/ext2.h
+--- linux-4.9/fs/ext2/ext2.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ext2/ext2.h 2021-02-24 15:47:45.061075282 +0100
@@ -247,8 +247,12 @@ struct ext2_group_desc
#define EXT2_NOTAIL_FL FS_NOTAIL_FL /* file tail should not be merged */
#define EXT2_DIRSYNC_FL FS_DIRSYNC_FL /* dirsync behaviour (directories only) */
/* ioctl.c */
extern long ext2_ioctl(struct file *, unsigned int, unsigned long);
-diff -NurpP --minimal linux-4.9.207/fs/ext2/file.c linux-4.9.207-vs2.3.9.11/fs/ext2/file.c
---- linux-4.9.207/fs/ext2/file.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/file.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/file.c linux-4.9/fs/ext2/file.c
+--- linux-4.9/fs/ext2/file.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ext2/file.c 2021-02-24 15:47:45.061075282 +0100
@@ -247,4 +247,5 @@ const struct inode_operations ext2_file_
.get_acl = ext2_get_acl,
.set_acl = ext2_set_acl,
.fiemap = ext2_fiemap,
+ .sync_flags = ext2_sync_flags,
};
-diff -NurpP --minimal linux-4.9.207/fs/ext2/ialloc.c linux-4.9.207-vs2.3.9.11/fs/ext2/ialloc.c
---- linux-4.9.207/fs/ext2/ialloc.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/ialloc.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/ialloc.c linux-4.9/fs/ext2/ialloc.c
+--- linux-4.9/fs/ext2/ialloc.c 2021-02-24 15:47:32.254007963 +0100
++++ linux-4.9/fs/ext2/ialloc.c 2021-02-24 15:47:45.061075282 +0100
@@ -17,6 +17,7 @@
#include <linux/backing-dev.h>
#include <linux/buffer_head.h>
#include "ext2.h"
#include "xattr.h"
#include "acl.h"
-@@ -551,6 +552,7 @@ got:
+@@ -552,6 +553,7 @@ got:
inode->i_mode = mode;
inode->i_uid = current_fsuid();
inode->i_gid = dir->i_gid;
} else
inode_init_owner(inode, dir, mode);
-diff -NurpP --minimal linux-4.9.207/fs/ext2/inode.c linux-4.9.207-vs2.3.9.11/fs/ext2/inode.c
---- linux-4.9.207/fs/ext2/inode.c 2019-12-25 15:28:36.507329586 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/inode.c 2019-12-25 15:37:51.438438255 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/inode.c linux-4.9/fs/ext2/inode.c
+--- linux-4.9/fs/ext2/inode.c 2021-02-24 15:47:32.254007963 +0100
++++ linux-4.9/fs/ext2/inode.c 2021-02-24 15:47:45.061075282 +0100
@@ -35,6 +35,7 @@
#include <linux/iomap.h>
#include <linux/namei.h>
error = dquot_transfer(inode, iattr);
if (error)
return error;
-diff -NurpP --minimal linux-4.9.207/fs/ext2/ioctl.c linux-4.9.207-vs2.3.9.11/fs/ext2/ioctl.c
---- linux-4.9.207/fs/ext2/ioctl.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/ioctl.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/ioctl.c linux-4.9/fs/ext2/ioctl.c
+--- linux-4.9/fs/ext2/ioctl.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ext2/ioctl.c 2021-02-24 15:47:45.061075282 +0100
@@ -17,6 +17,16 @@
#include <asm/uaccess.h>
flags |= oldflags & ~EXT2_FL_USER_MODIFIABLE;
ei->i_flags = flags;
-diff -NurpP --minimal linux-4.9.207/fs/ext2/namei.c linux-4.9.207-vs2.3.9.11/fs/ext2/namei.c
---- linux-4.9.207/fs/ext2/namei.c 2019-12-25 15:28:36.517329425 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/namei.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/namei.c linux-4.9/fs/ext2/namei.c
+--- linux-4.9/fs/ext2/namei.c 2021-02-24 15:47:32.254007963 +0100
++++ linux-4.9/fs/ext2/namei.c 2021-02-24 15:47:45.061075282 +0100
@@ -32,6 +32,7 @@
#include <linux/pagemap.h>
.get_acl = ext2_get_acl,
.set_acl = ext2_set_acl,
};
-diff -NurpP --minimal linux-4.9.207/fs/ext2/super.c linux-4.9.207-vs2.3.9.11/fs/ext2/super.c
---- linux-4.9.207/fs/ext2/super.c 2019-12-25 15:28:36.537329101 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext2/super.c 2019-10-05 14:58:45.150315864 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext2/super.c linux-4.9/fs/ext2/super.c
+--- linux-4.9/fs/ext2/super.c 2021-02-24 15:47:32.254007963 +0100
++++ linux-4.9/fs/ext2/super.c 2021-02-24 15:47:45.061075282 +0100
@@ -411,7 +411,8 @@ enum {
Opt_err_ro, Opt_nouid32, Opt_nocheck, Opt_debug,
Opt_oldalloc, Opt_orlov, Opt_nobh, Opt_user_xattr, Opt_nouser_xattr,
sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
((sbi->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
-diff -NurpP --minimal linux-4.9.207/fs/ext4/ext4.h linux-4.9.207-vs2.3.9.11/fs/ext4/ext4.h
---- linux-4.9.207/fs/ext4/ext4.h 2019-12-25 15:28:36.597328134 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext4/ext4.h 2018-10-20 11:46:17.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext4/ext4.h linux-4.9/fs/ext4/ext4.h
+--- linux-4.9/fs/ext4/ext4.h 2021-02-24 15:47:32.254007963 +0100
++++ linux-4.9/fs/ext4/ext4.h 2021-02-24 15:47:45.064408719 +0100
@@ -392,8 +392,11 @@ struct flex_groups {
#define EXT4_EXTENTS_FL 0x00080000 /* Inode uses extents */
#define EXT4_EA_INODE_FL 0x00200000 /* Inode used for large EA */
#define EXT4_MOUNT_DELALLOC 0x8000000 /* Delalloc support */
#define EXT4_MOUNT_DATA_ERR_ABORT 0x10000000 /* Abort on file data write */
#define EXT4_MOUNT_BLOCK_VALIDITY 0x20000000 /* Block validity checking */
-@@ -2492,6 +2497,7 @@ extern int ext4_punch_hole(struct inode
+@@ -2527,6 +2532,7 @@ extern int ext4_punch_hole(struct inode
extern int ext4_truncate_restart_trans(handle_t *, struct inode *, int nblocks);
extern void ext4_set_inode_flags(struct inode *);
extern void ext4_get_inode_flags(struct ext4_inode_info *);
extern int ext4_alloc_da_blocks(struct inode *inode);
extern void ext4_set_aops(struct inode *inode);
extern int ext4_writepage_trans_blocks(struct inode *);
-diff -NurpP --minimal linux-4.9.207/fs/ext4/file.c linux-4.9.207-vs2.3.9.11/fs/ext4/file.c
---- linux-4.9.207/fs/ext4/file.c 2019-12-25 15:28:36.617327809 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext4/file.c 2019-10-05 14:58:45.150315864 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext4/file.c linux-4.9/fs/ext4/file.c
+--- linux-4.9/fs/ext4/file.c 2021-02-24 15:47:32.257341400 +0100
++++ linux-4.9/fs/ext4/file.c 2021-02-24 15:47:45.064408719 +0100
@@ -698,5 +698,6 @@ const struct inode_operations ext4_file_
.get_acl = ext4_get_acl,
.set_acl = ext4_set_acl,
+ .sync_flags = ext4_sync_flags,
};
-diff -NurpP --minimal linux-4.9.207/fs/ext4/ialloc.c linux-4.9.207-vs2.3.9.11/fs/ext4/ialloc.c
---- linux-4.9.207/fs/ext4/ialloc.c 2019-12-25 15:28:36.617327809 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext4/ialloc.c 2018-10-20 05:55:42.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext4/ialloc.c linux-4.9/fs/ext4/ialloc.c
+--- linux-4.9/fs/ext4/ialloc.c 2021-02-24 15:47:32.257341400 +0100
++++ linux-4.9/fs/ext4/ialloc.c 2021-02-24 15:47:45.064408719 +0100
@@ -21,6 +21,7 @@
#include <linux/random.h>
#include <linux/bitops.h>
#include <asm/byteorder.h>
#include "ext4.h"
-@@ -777,6 +778,7 @@ struct inode *__ext4_new_inode(handle_t
+@@ -780,6 +781,7 @@ struct inode *__ext4_new_inode(handle_t
inode->i_mode = mode;
inode->i_uid = current_fsuid();
inode->i_gid = dir->i_gid;
} else
inode_init_owner(inode, dir, mode);
-diff -NurpP --minimal linux-4.9.207/fs/ext4/inode.c linux-4.9.207-vs2.3.9.11/fs/ext4/inode.c
---- linux-4.9.207/fs/ext4/inode.c 2019-12-25 15:28:36.667327000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext4/inode.c 2019-12-25 15:37:51.518436962 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext4/inode.c linux-4.9/fs/ext4/inode.c
+--- linux-4.9/fs/ext4/inode.c 2021-02-24 15:47:32.260674838 +0100
++++ linux-4.9/fs/ext4/inode.c 2021-02-24 15:47:45.064408719 +0100
@@ -37,6 +37,7 @@
#include <linux/printk.h>
#include <linux/slab.h>
#include "ext4_jbd2.h"
#include "xattr.h"
-@@ -4390,12 +4391,15 @@ void ext4_set_inode_flags(struct inode *
+@@ -4399,12 +4400,15 @@ void ext4_set_inode_flags(struct inode *
unsigned int flags = EXT4_I(inode)->i_flags;
unsigned int new_fl = 0;
if (flags & EXT4_NOATIME_FL)
new_fl |= S_NOATIME;
if (flags & EXT4_DIRSYNC_FL)
-@@ -4403,31 +4407,52 @@ void ext4_set_inode_flags(struct inode *
+@@ -4412,31 +4416,52 @@ void ext4_set_inode_flags(struct inode *
if (test_opt(inode->i_sb, DAX) && S_ISREG(inode->i_mode))
new_fl |= S_DAX;
inode_set_flags(inode, new_fl,
} while (cmpxchg(&ei->i_flags, old_fl, new_fl) != old_fl);
}
-@@ -4553,8 +4578,10 @@ struct inode *ext4_iget(struct super_blo
+@@ -4584,8 +4609,10 @@ struct inode *__ext4_iget(struct super_b
i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
}
ei->i_projid = make_kprojid(&init_user_ns, i_projid);
set_nlink(inode, le16_to_cpu(raw_inode->i_links_count));
-@@ -4870,8 +4897,10 @@ static int ext4_do_update_inode(handle_t
+@@ -4909,8 +4936,10 @@ static int ext4_do_update_inode(handle_t
ext4_get_inode_flags(ei);
raw_inode->i_mode = cpu_to_le16(inode->i_mode);
i_projid = from_kprojid(&init_user_ns, ei->i_projid);
if (!(test_opt(inode->i_sb, NO_UID32))) {
raw_inode->i_uid_low = cpu_to_le16(low_16_bits(i_uid));
-@@ -4895,6 +4924,9 @@ static int ext4_do_update_inode(handle_t
+@@ -4934,6 +4963,9 @@ static int ext4_do_update_inode(handle_t
raw_inode->i_uid_high = 0;
raw_inode->i_gid_high = 0;
}
raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
EXT4_INODE_SET_XTIME(i_ctime, inode, raw_inode);
-@@ -5152,7 +5184,8 @@ int ext4_setattr(struct dentry *dentry,
+@@ -5191,7 +5223,8 @@ int ext4_setattr(struct dentry *dentry,
return error;
}
if ((ia_valid & ATTR_UID && !uid_eq(attr->ia_uid, inode->i_uid)) ||
handle_t *handle;
/* (user+group)*(old+new) structure, inode write (sb,
-@@ -5175,6 +5208,8 @@ int ext4_setattr(struct dentry *dentry,
+@@ -5214,6 +5247,8 @@ int ext4_setattr(struct dentry *dentry,
inode->i_uid = attr->ia_uid;
if (attr->ia_valid & ATTR_GID)
inode->i_gid = attr->ia_gid;
error = ext4_mark_inode_dirty(handle, inode);
ext4_journal_stop(handle);
}
-diff -NurpP --minimal linux-4.9.207/fs/ext4/ioctl.c linux-4.9.207-vs2.3.9.11/fs/ext4/ioctl.c
---- linux-4.9.207/fs/ext4/ioctl.c 2019-12-25 15:28:36.707326353 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext4/ioctl.c 2019-10-05 14:58:45.150315864 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext4/ioctl.c linux-4.9/fs/ext4/ioctl.c
+--- linux-4.9/fs/ext4/ioctl.c 2021-02-24 15:47:32.260674838 +0100
++++ linux-4.9/fs/ext4/ioctl.c 2021-02-24 15:47:45.064408719 +0100
@@ -15,6 +15,7 @@
#include <linux/file.h>
#include <linux/quotaops.h>
inode_lock(inode);
err = ext4_ioctl_setflags(inode, flags);
inode_unlock(inode);
-diff -NurpP --minimal linux-4.9.207/fs/ext4/namei.c linux-4.9.207-vs2.3.9.11/fs/ext4/namei.c
---- linux-4.9.207/fs/ext4/namei.c 2019-12-25 15:28:36.737325868 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext4/namei.c 2019-10-05 14:58:45.150315864 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ext4/namei.c linux-4.9/fs/ext4/namei.c
+--- linux-4.9/fs/ext4/namei.c 2021-02-24 15:47:32.260674838 +0100
++++ linux-4.9/fs/ext4/namei.c 2021-02-24 15:47:45.064408719 +0100
@@ -33,6 +33,7 @@
#include <linux/quotaops.h>
#include <linux/buffer_head.h>
#include "ext4.h"
#include "ext4_jbd2.h"
-@@ -1474,6 +1475,7 @@ restart:
+@@ -1457,6 +1458,7 @@ restart:
REQ_META | REQ_PRIO,
1, &bh);
}
}
if ((bh = bh_use[ra_ptr++]) == NULL)
goto next;
-@@ -3943,6 +3945,7 @@ const struct inode_operations ext4_dir_i
+@@ -3935,6 +3937,7 @@ const struct inode_operations ext4_dir_i
.get_acl = ext4_get_acl,
.set_acl = ext4_set_acl,
.fiemap = ext4_fiemap,
};
const struct inode_operations ext4_special_inode_operations = {
-diff -NurpP --minimal linux-4.9.207/fs/ext4/super.c linux-4.9.207-vs2.3.9.11/fs/ext4/super.c
---- linux-4.9.207/fs/ext4/super.c 2019-12-25 15:28:36.737325868 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ext4/super.c 2019-10-05 14:58:45.150315864 +0000
-@@ -1292,6 +1292,7 @@ enum {
+diff -urNp -x '*.orig' linux-4.9/fs/ext4/super.c linux-4.9/fs/ext4/super.c
+--- linux-4.9/fs/ext4/super.c 2021-02-24 15:47:32.264008276 +0100
++++ linux-4.9/fs/ext4/super.c 2021-02-24 15:47:45.067742158 +0100
+@@ -1294,6 +1294,7 @@ enum {
Opt_dioread_nolock, Opt_dioread_lock,
Opt_discard, Opt_nodiscard, Opt_init_itable, Opt_noinit_itable,
Opt_max_dir_size_kb, Opt_nojournal_checksum,
};
static const match_table_t tokens = {
-@@ -1378,6 +1379,9 @@ static const match_table_t tokens = {
+@@ -1380,6 +1381,9 @@ static const match_table_t tokens = {
{Opt_removed, "reservation"}, /* mount option from ext2/3 */
{Opt_removed, "noreservation"}, /* mount option from ext2/3 */
{Opt_removed, "journal=%u"}, /* mount option from ext2/3 */
{Opt_err, NULL},
};
-@@ -1623,6 +1627,20 @@ static int handle_mount_opt(struct super
+@@ -1625,6 +1629,20 @@ static int handle_mount_opt(struct super
case Opt_nolazytime:
sb->s_flags &= ~MS_LAZYTIME;
return 1;
}
for (m = ext4_mount_opts; m->token != Opt_err; m++)
-@@ -3598,6 +3616,9 @@ static int ext4_fill_super(struct super_
+@@ -3645,6 +3663,9 @@ static int ext4_fill_super(struct super_
sb->s_iflags |= SB_I_CGROUPWB;
}
sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
(test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
-@@ -4996,6 +5017,14 @@ static int ext4_remount(struct super_blo
+@@ -5032,6 +5053,14 @@ static int ext4_remount(struct super_blo
if (sbi->s_mount_flags & EXT4_MF_FS_ABORTED)
ext4_abort(sb, "Abort forced by user");
sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
(test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
-diff -NurpP --minimal linux-4.9.207/fs/fcntl.c linux-4.9.207-vs2.3.9.11/fs/fcntl.c
---- linux-4.9.207/fs/fcntl.c 2019-12-25 15:28:36.887323442 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/fcntl.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/fcntl.c linux-4.9/fs/fcntl.c
+--- linux-4.9/fs/fcntl.c 2021-02-24 15:47:32.270675151 +0100
++++ linux-4.9/fs/fcntl.c 2021-02-24 15:47:45.067742158 +0100
@@ -22,6 +22,7 @@
#include <linux/pid_namespace.h>
#include <linux/user_namespace.h>
if (unlikely(f.file->f_mode & FMODE_PATH)) {
if (!check_fcntl_cmd(cmd))
-diff -NurpP --minimal linux-4.9.207/fs/file.c linux-4.9.207-vs2.3.9.11/fs/file.c
---- linux-4.9.207/fs/file.c 2019-12-25 15:28:36.907323120 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/file.c 2019-10-05 14:58:45.150315864 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/file.c linux-4.9/fs/file.c
+--- linux-4.9/fs/file.c 2021-02-24 15:47:32.270675151 +0100
++++ linux-4.9/fs/file.c 2021-02-24 15:47:45.067742158 +0100
@@ -22,6 +22,7 @@
#include <linux/spinlock.h>
#include <linux/rcupdate.h>
return fd;
-diff -NurpP --minimal linux-4.9.207/fs/file_table.c linux-4.9.207-vs2.3.9.11/fs/file_table.c
---- linux-4.9.207/fs/file_table.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/file_table.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/file_table.c linux-4.9/fs/file_table.c
+--- linux-4.9/fs/file_table.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/file_table.c 2021-02-24 15:47:45.067742158 +0100
@@ -26,6 +26,8 @@
#include <linux/task_work.h>
#include <linux/ima.h>
file_free(file);
}
}
-diff -NurpP --minimal linux-4.9.207/fs/fs_struct.c linux-4.9.207-vs2.3.9.11/fs/fs_struct.c
---- linux-4.9.207/fs/fs_struct.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/fs_struct.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/fs_struct.c linux-4.9/fs/fs_struct.c
+--- linux-4.9/fs/fs_struct.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/fs_struct.c 2021-02-24 15:47:45.067742158 +0100
@@ -4,6 +4,7 @@
#include <linux/path.h>
#include <linux/slab.h>
}
return fs;
}
-diff -NurpP --minimal linux-4.9.207/fs/gfs2/file.c linux-4.9.207-vs2.3.9.11/fs/gfs2/file.c
---- linux-4.9.207/fs/gfs2/file.c 2019-12-25 15:28:37.037321018 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/gfs2/file.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/gfs2/file.c linux-4.9/fs/gfs2/file.c
+--- linux-4.9/fs/gfs2/file.c 2021-02-24 15:47:32.277342026 +0100
++++ linux-4.9/fs/gfs2/file.c 2021-02-24 15:47:45.067742158 +0100
@@ -137,6 +137,9 @@ static const u32 fsflags_to_gfs2[32] = {
[12] = GFS2_DIF_EXHASH,
[14] = GFS2_DIF_INHERIT_JDATA,
static long gfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
{
switch(cmd) {
-diff -NurpP --minimal linux-4.9.207/fs/gfs2/inode.h linux-4.9.207-vs2.3.9.11/fs/gfs2/inode.h
---- linux-4.9.207/fs/gfs2/inode.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/gfs2/inode.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/gfs2/inode.h linux-4.9/fs/gfs2/inode.h
+--- linux-4.9/fs/gfs2/inode.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/gfs2/inode.h 2021-02-24 15:47:45.067742158 +0100
@@ -117,6 +117,7 @@ extern const struct file_operations gfs2
extern const struct file_operations gfs2_dir_fops_nolock;
#ifdef CONFIG_GFS2_FS_LOCKING_DLM
extern const struct file_operations gfs2_file_fops;
-diff -NurpP --minimal linux-4.9.207/fs/hostfs/hostfs.h linux-4.9.207-vs2.3.9.11/fs/hostfs/hostfs.h
---- linux-4.9.207/fs/hostfs/hostfs.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/hostfs/hostfs.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/hostfs/hostfs.h linux-4.9/fs/hostfs/hostfs.h
+--- linux-4.9/fs/hostfs/hostfs.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/hostfs/hostfs.h 2021-02-24 15:47:45.067742158 +0100
@@ -42,6 +42,7 @@ struct hostfs_iattr {
unsigned short ia_mode;
uid_t ia_uid;
loff_t ia_size;
struct timespec ia_atime;
struct timespec ia_mtime;
-diff -NurpP --minimal linux-4.9.207/fs/inode.c linux-4.9.207-vs2.3.9.11/fs/inode.c
---- linux-4.9.207/fs/inode.c 2019-12-25 15:28:37.147319239 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/inode.c 2019-10-05 14:58:45.170315544 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/inode.c linux-4.9/fs/inode.c
+--- linux-4.9/fs/inode.c 2021-02-24 15:47:32.280675463 +0100
++++ linux-4.9/fs/inode.c 2021-02-24 15:47:45.067742158 +0100
@@ -18,6 +18,7 @@
#include <linux/buffer_head.h> /* for inode_has_buffers */
#include <linux/ratelimit.h>
+ /* essential because of inode slab reuse */
inode->i_blkbits = sb->s_blocksize_bits;
inode->i_flags = 0;
- atomic_set(&inode->i_count, 1);
-@@ -144,6 +147,7 @@ int inode_init_always(struct super_block
+ atomic64_set(&inode->i_sequence, 0);
+@@ -145,6 +148,7 @@ int inode_init_always(struct super_block
inode->i_opflags |= IOP_XATTR;
i_uid_write(inode, 0);
i_gid_write(inode, 0);
atomic_set(&inode->i_writecount, 0);
inode->i_size = 0;
inode->i_blocks = 0;
-@@ -155,6 +159,7 @@ int inode_init_always(struct super_block
+@@ -156,6 +160,7 @@ int inode_init_always(struct super_block
inode->i_link = NULL;
inode->i_dir_seq = 0;
inode->i_rdev = 0;
inode->dirtied_when = 0;
#ifdef CONFIG_CGROUP_WRITEBACK
-@@ -479,6 +484,8 @@ void __insert_inode_hash(struct inode *i
+@@ -480,6 +485,8 @@ void __insert_inode_hash(struct inode *i
}
EXPORT_SYMBOL(__insert_inode_hash);
/**
* __remove_inode_hash - remove an inode from the hash
* @inode: inode to unhash
-@@ -1982,9 +1989,11 @@ void init_special_inode(struct inode *in
+@@ -1983,9 +1990,11 @@ void init_special_inode(struct inode *in
if (S_ISCHR(mode)) {
inode->i_fop = &def_chr_fops;
inode->i_rdev = rdev;
} else if (S_ISFIFO(mode))
inode->i_fop = &pipefifo_fops;
else if (S_ISSOCK(mode))
-@@ -2019,6 +2028,7 @@ void inode_init_owner(struct inode *inod
+@@ -2020,6 +2029,7 @@ void inode_init_owner(struct inode *inod
} else
inode->i_gid = current_fsgid();
inode->i_mode = mode;
}
EXPORT_SYMBOL(inode_init_owner);
-diff -NurpP --minimal linux-4.9.207/fs/ioctl.c linux-4.9.207-vs2.3.9.11/fs/ioctl.c
---- linux-4.9.207/fs/ioctl.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ioctl.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ioctl.c linux-4.9/fs/ioctl.c
+--- linux-4.9/fs/ioctl.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ioctl.c 2021-02-24 15:47:45.067742158 +0100
@@ -15,6 +15,9 @@
#include <linux/writeback.h>
#include <linux/buffer_head.h>
#include "internal.h"
#include <asm/ioctls.h>
-diff -NurpP --minimal linux-4.9.207/fs/jfs/file.c linux-4.9.207-vs2.3.9.11/fs/jfs/file.c
---- linux-4.9.207/fs/jfs/file.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/file.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/file.c linux-4.9/fs/jfs/file.c
+--- linux-4.9/fs/jfs/file.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/jfs/file.c 2021-02-24 15:47:45.067742158 +0100
@@ -113,7 +113,8 @@ int jfs_setattr(struct dentry *dentry, s
return rc;
}
};
const struct file_operations jfs_file_operations = {
-diff -NurpP --minimal linux-4.9.207/fs/jfs/ioctl.c linux-4.9.207-vs2.3.9.11/fs/jfs/ioctl.c
---- linux-4.9.207/fs/jfs/ioctl.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/ioctl.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/ioctl.c linux-4.9/fs/jfs/ioctl.c
+--- linux-4.9/fs/jfs/ioctl.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/jfs/ioctl.c 2021-02-24 15:47:45.067742158 +0100
@@ -12,6 +12,7 @@
#include <linux/time.h>
#include <linux/sched.h>
flags |= oldflags & ~JFS_FL_USER_MODIFIABLE;
jfs_inode->mode2 = flags;
-diff -NurpP --minimal linux-4.9.207/fs/jfs/jfs_dinode.h linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_dinode.h
---- linux-4.9.207/fs/jfs/jfs_dinode.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_dinode.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/jfs_dinode.h linux-4.9/fs/jfs/jfs_dinode.h
+--- linux-4.9/fs/jfs/jfs_dinode.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/jfs/jfs_dinode.h 2021-02-24 15:47:45.067742158 +0100
@@ -161,9 +161,13 @@ struct dinode {
#define JFS_APPEND_FL 0x01000000 /* writes to file may only append */
#define JFS_FL_INHERIT 0x03C80000
/* These are identical to EXT[23]_IOC_GETFLAGS/SETFLAGS */
-diff -NurpP --minimal linux-4.9.207/fs/jfs/jfs_filsys.h linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_filsys.h
---- linux-4.9.207/fs/jfs/jfs_filsys.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_filsys.h 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/jfs_filsys.h linux-4.9/fs/jfs/jfs_filsys.h
+--- linux-4.9/fs/jfs/jfs_filsys.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/jfs/jfs_filsys.h 2021-02-24 15:47:45.067742158 +0100
@@ -266,6 +266,7 @@
#define JFS_NAME_MAX 255
#define JFS_PATH_MAX BPSIZE
/*
* file system state (superblock state)
-diff -NurpP --minimal linux-4.9.207/fs/jfs/jfs_imap.c linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_imap.c
---- linux-4.9.207/fs/jfs/jfs_imap.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_imap.c 2018-10-20 04:58:13.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/jfs_imap.c linux-4.9/fs/jfs/jfs_imap.c
+--- linux-4.9/fs/jfs/jfs_imap.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/jfs/jfs_imap.c 2021-02-24 15:47:45.071075595 +0100
@@ -46,6 +46,7 @@
#include <linux/pagemap.h>
#include <linux/quotaops.h>
jfs_get_inode_flags(jfs_ip);
/*
* mode2 is only needed for storing the higher order bits.
-diff -NurpP --minimal linux-4.9.207/fs/jfs/jfs_inode.c linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_inode.c
---- linux-4.9.207/fs/jfs/jfs_inode.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_inode.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/jfs_inode.c linux-4.9/fs/jfs/jfs_inode.c
+--- linux-4.9/fs/jfs/jfs_inode.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/jfs/jfs_inode.c 2021-02-24 15:47:45.071075595 +0100
@@ -18,6 +18,7 @@
#include <linux/fs.h>
}
/*
-diff -NurpP --minimal linux-4.9.207/fs/jfs/jfs_inode.h linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_inode.h
---- linux-4.9.207/fs/jfs/jfs_inode.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/jfs_inode.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/jfs_inode.h linux-4.9/fs/jfs/jfs_inode.h
+--- linux-4.9/fs/jfs/jfs_inode.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/jfs/jfs_inode.h 2021-02-24 15:47:45.071075595 +0100
@@ -39,6 +39,7 @@ extern struct dentry *jfs_fh_to_dentry(s
extern struct dentry *jfs_fh_to_parent(struct super_block *sb, struct fid *fid,
int fh_len, int fh_type);
extern int jfs_get_block(struct inode *, sector_t, struct buffer_head *, int);
extern int jfs_setattr(struct dentry *, struct iattr *);
-diff -NurpP --minimal linux-4.9.207/fs/jfs/namei.c linux-4.9.207-vs2.3.9.11/fs/jfs/namei.c
---- linux-4.9.207/fs/jfs/namei.c 2019-12-25 15:28:37.197318432 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/namei.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/namei.c linux-4.9/fs/jfs/namei.c
+--- linux-4.9/fs/jfs/namei.c 2021-02-24 15:47:32.287342339 +0100
++++ linux-4.9/fs/jfs/namei.c 2021-02-24 15:47:45.071075595 +0100
@@ -22,6 +22,7 @@
#include <linux/ctype.h>
#include <linux/quotaops.h>
};
const struct file_operations jfs_dir_operations = {
-diff -NurpP --minimal linux-4.9.207/fs/jfs/super.c linux-4.9.207-vs2.3.9.11/fs/jfs/super.c
---- linux-4.9.207/fs/jfs/super.c 2019-12-25 15:28:37.197318432 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/jfs/super.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/jfs/super.c linux-4.9/fs/jfs/super.c
+--- linux-4.9/fs/jfs/super.c 2021-02-24 15:47:32.287342339 +0100
++++ linux-4.9/fs/jfs/super.c 2021-02-24 15:47:45.071075595 +0100
@@ -206,7 +206,8 @@ enum {
Opt_integrity, Opt_nointegrity, Opt_iocharset, Opt_resize,
Opt_resize_nosize, Opt_errors, Opt_ignore, Opt_err, Opt_quota,
if (newLVSize) {
pr_err("resize option for remount only\n");
-diff -NurpP --minimal linux-4.9.207/fs/libfs.c linux-4.9.207-vs2.3.9.11/fs/libfs.c
---- linux-4.9.207/fs/libfs.c 2019-12-25 15:28:37.237317786 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/libfs.c 2019-10-22 13:49:06.407707139 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/libfs.c linux-4.9/fs/libfs.c
+--- linux-4.9/fs/libfs.c 2021-02-24 15:47:32.287342339 +0100
++++ linux-4.9/fs/libfs.c 2021-02-24 15:47:45.071075595 +0100
@@ -180,7 +180,8 @@ static inline unsigned char dt_type(stru
* both impossible due to the lock on directory.
*/
ssize_t generic_read_dir(struct file *filp, char __user *buf, size_t siz, loff_t *ppos)
{
return -EISDIR;
-diff -NurpP --minimal linux-4.9.207/fs/locks.c linux-4.9.207-vs2.3.9.11/fs/locks.c
---- linux-4.9.207/fs/locks.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/locks.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/locks.c linux-4.9/fs/locks.c
+--- linux-4.9/fs/locks.c 2021-02-24 15:47:32.287342339 +0100
++++ linux-4.9/fs/locks.c 2021-02-24 15:47:45.071075595 +0100
@@ -127,6 +127,8 @@
#include <linux/pid_namespace.h>
#include <linux/hashtable.h>
return 0;
}
-diff -NurpP --minimal linux-4.9.207/fs/mount.h linux-4.9.207-vs2.3.9.11/fs/mount.h
---- linux-4.9.207/fs/mount.h 2019-12-25 15:28:37.257317461 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/mount.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/mount.h linux-4.9/fs/mount.h
+--- linux-4.9/fs/mount.h 2021-02-24 15:47:32.287342339 +0100
++++ linux-4.9/fs/mount.h 2021-02-24 15:47:45.071075595 +0100
@@ -69,6 +69,7 @@ struct mount {
struct hlist_head mnt_pins;
struct fs_pin mnt_umount;
};
#define MNT_NS_INTERNAL ERR_PTR(-EINVAL) /* distinct from any mnt_namespace */
-diff -NurpP --minimal linux-4.9.207/fs/namei.c linux-4.9.207-vs2.3.9.11/fs/namei.c
---- linux-4.9.207/fs/namei.c 2019-12-25 15:28:37.257317461 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/namei.c 2019-02-22 08:37:55.023061290 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/namei.c linux-4.9/fs/namei.c
+--- linux-4.9/fs/namei.c 2021-02-24 15:47:32.290675776 +0100
++++ linux-4.9/fs/namei.c 2021-02-24 15:47:45.071075595 +0100
@@ -37,9 +37,19 @@
#include <linux/hash.h>
#include <linux/bitops.h>
retval = do_inode_permission(inode, mask);
if (retval)
return retval;
-@@ -2824,7 +2925,7 @@ static int may_delete(struct inode *dir,
+@@ -2825,7 +2926,7 @@ static int may_delete(struct inode *dir,
return -EPERM;
if (check_sticky(dir, inode) || IS_APPEND(inode) ||
return -EPERM;
if (isdir) {
if (!d_is_dir(victim))
-@@ -2912,19 +3013,25 @@ int vfs_create(struct inode *dir, struct
+@@ -2913,19 +3014,25 @@ int vfs_create(struct inode *dir, struct
bool want_excl)
{
int error = may_create(dir, dentry);
return error;
}
EXPORT_SYMBOL(vfs_create);
-@@ -2962,6 +3069,15 @@ static int may_open(struct path *path, i
+@@ -2963,6 +3070,15 @@ static int may_open(struct path *path, i
break;
}
error = inode_permission(inode, MAY_OPEN | acc_mode);
if (error)
return error;
-@@ -3420,6 +3536,16 @@ finish_open:
+@@ -3423,6 +3539,16 @@ finish_open:
}
finish_open_created:
error = may_open(&nd->path, acc_mode, open_flag);
if (error)
goto out;
BUG_ON(*opened & FILE_OPENED); /* once it's opened, it's opened */
-@@ -3523,6 +3649,9 @@ static struct file *path_openat(struct n
+@@ -3526,6 +3652,9 @@ static struct file *path_openat(struct n
int opened = 0;
int error;
file = get_empty_filp();
if (IS_ERR(file))
return file;
-@@ -3556,6 +3685,12 @@ static struct file *path_openat(struct n
+@@ -3559,6 +3688,12 @@ static struct file *path_openat(struct n
}
}
terminate_walk(nd);
out2:
if (!(opened & FILE_OPENED)) {
BUG_ON(!error);
-@@ -3676,6 +3811,11 @@ static struct dentry *filename_create(in
+@@ -3679,6 +3814,11 @@ static struct dentry *filename_create(in
goto fail;
}
putname(name);
return dentry;
fail:
dput(dentry);
-@@ -3794,6 +3934,7 @@ retry:
+@@ -3797,6 +3937,7 @@ retry:
error = vfs_mknod(path.dentry->d_inode,dentry,mode,0);
break;
}
out:
done_path_create(&path, dentry);
if (retry_estale(error, lookup_flags)) {
-@@ -4215,7 +4356,7 @@ int vfs_link(struct dentry *old_dentry,
+@@ -4218,7 +4359,7 @@ int vfs_link(struct dentry *old_dentry,
/*
* A link to an append-only or immutable file cannot be created.
*/
return -EPERM;
/*
* Updating the link count will likely cause i_uid and i_gid to
-@@ -4745,6 +4886,326 @@ const char *vfs_get_link(struct dentry *
+@@ -4748,6 +4889,326 @@ const char *vfs_get_link(struct dentry *
}
EXPORT_SYMBOL(vfs_get_link);
/* get the link contents into pagecache */
const char *page_get_link(struct dentry *dentry, struct inode *inode,
struct delayed_call *callback)
-diff -NurpP --minimal linux-4.9.207/fs/namespace.c linux-4.9.207-vs2.3.9.11/fs/namespace.c
---- linux-4.9.207/fs/namespace.c 2019-12-25 15:28:37.257317461 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/namespace.c 2019-02-22 08:37:55.023061290 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/namespace.c linux-4.9/fs/namespace.c
+--- linux-4.9/fs/namespace.c 2021-02-24 15:47:32.290675776 +0100
++++ linux-4.9/fs/namespace.c 2021-02-24 15:47:45.074409033 +0100
@@ -24,6 +24,11 @@
#include <linux/magic.h>
#include <linux/bootmem.h>
free_mnt_ns(ns);
}
-diff -NurpP --minimal linux-4.9.207/fs/nfs/client.c linux-4.9.207-vs2.3.9.11/fs/nfs/client.c
---- linux-4.9.207/fs/nfs/client.c 2019-12-25 15:28:37.347316006 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfs/client.c 2019-10-05 14:58:45.410311711 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfs/client.c linux-4.9/fs/nfs/client.c
+--- linux-4.9/fs/nfs/client.c 2021-02-24 15:47:32.290675776 +0100
++++ linux-4.9/fs/nfs/client.c 2021-02-24 15:47:45.074409033 +0100
@@ -586,6 +586,9 @@ int nfs_init_server_rpcclient(struct nfs
if (server->flags & NFS_MOUNT_SOFT)
server->client->cl_softrtry = 1;
server->maxfilesize = fsinfo->maxfilesize;
server->time_delta = fsinfo->time_delta;
-diff -NurpP --minimal linux-4.9.207/fs/nfs/dir.c linux-4.9.207-vs2.3.9.11/fs/nfs/dir.c
---- linux-4.9.207/fs/nfs/dir.c 2019-12-25 15:28:37.357315845 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfs/dir.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfs/dir.c linux-4.9/fs/nfs/dir.c
+--- linux-4.9/fs/nfs/dir.c 2021-02-24 15:47:32.294009214 +0100
++++ linux-4.9/fs/nfs/dir.c 2021-02-24 15:47:45.074409033 +0100
@@ -37,6 +37,7 @@
#include <linux/sched.h>
#include <linux/kmemleak.h>
#include "delegation.h"
#include "iostat.h"
-@@ -1420,6 +1421,7 @@ struct dentry *nfs_lookup(struct inode *
+@@ -1431,6 +1432,7 @@ struct dentry *nfs_lookup(struct inode *
/* Success: notify readdir to use READDIRPLUS */
nfs_advise_use_readdirplus(dir);
no_entry:
res = d_splice_alias(inode, dentry);
if (res != NULL) {
-diff -NurpP --minimal linux-4.9.207/fs/nfs/inode.c linux-4.9.207-vs2.3.9.11/fs/nfs/inode.c
---- linux-4.9.207/fs/nfs/inode.c 2019-12-25 15:28:37.417314874 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfs/inode.c 2019-10-05 14:58:45.430311390 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfs/inode.c linux-4.9/fs/nfs/inode.c
+--- linux-4.9/fs/nfs/inode.c 2021-02-24 15:47:32.294009214 +0100
++++ linux-4.9/fs/nfs/inode.c 2021-02-24 15:47:45.074409033 +0100
@@ -38,6 +38,7 @@
#include <linux/slab.h>
#include <linux/compat.h>
if (fattr->valid & NFS_ATTR_FATTR_NLINK) {
if (inode->i_nlink != fattr->nlink) {
invalid |= NFS_INO_INVALID_ATTR;
-diff -NurpP --minimal linux-4.9.207/fs/nfs/nfs3xdr.c linux-4.9.207-vs2.3.9.11/fs/nfs/nfs3xdr.c
---- linux-4.9.207/fs/nfs/nfs3xdr.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfs/nfs3xdr.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfs/nfs3xdr.c linux-4.9/fs/nfs/nfs3xdr.c
+--- linux-4.9/fs/nfs/nfs3xdr.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/nfs/nfs3xdr.c 2021-02-24 15:47:45.074409033 +0100
@@ -20,6 +20,7 @@
#include <linux/nfs3.h>
#include <linux/nfs_fs.h>
}
/*
-diff -NurpP --minimal linux-4.9.207/fs/nfs/super.c linux-4.9.207-vs2.3.9.11/fs/nfs/super.c
---- linux-4.9.207/fs/nfs/super.c 2019-12-25 15:28:37.507313419 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfs/super.c 2019-10-05 14:58:45.430311390 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfs/super.c linux-4.9/fs/nfs/super.c
+--- linux-4.9/fs/nfs/super.c 2021-02-24 15:47:32.300676089 +0100
++++ linux-4.9/fs/nfs/super.c 2021-02-24 15:47:45.074409033 +0100
@@ -54,6 +54,7 @@
#include <linux/parser.h>
#include <linux/nsproxy.h>
/*
* options that take text values
-diff -NurpP --minimal linux-4.9.207/fs/nfsd/auth.c linux-4.9.207-vs2.3.9.11/fs/nfsd/auth.c
---- linux-4.9.207/fs/nfsd/auth.c 2019-12-25 15:28:37.537312933 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfsd/auth.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfsd/auth.c linux-4.9/fs/nfsd/auth.c
+--- linux-4.9/fs/nfsd/auth.c 2021-02-24 15:47:32.300676089 +0100
++++ linux-4.9/fs/nfsd/auth.c 2021-02-24 15:47:45.074409033 +0100
@@ -1,6 +1,7 @@
/* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */
rqgi = rqstp->rq_cred.cr_group_info;
-diff -NurpP --minimal linux-4.9.207/fs/nfsd/nfs3xdr.c linux-4.9.207-vs2.3.9.11/fs/nfsd/nfs3xdr.c
---- linux-4.9.207/fs/nfsd/nfs3xdr.c 2019-12-25 15:28:37.557312612 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfsd/nfs3xdr.c 2019-10-05 14:58:45.440311232 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfsd/nfs3xdr.c linux-4.9/fs/nfsd/nfs3xdr.c
+--- linux-4.9/fs/nfsd/nfs3xdr.c 2021-02-24 15:47:32.300676089 +0100
++++ linux-4.9/fs/nfsd/nfs3xdr.c 2021-02-24 15:47:45.077742470 +0100
@@ -8,6 +8,7 @@
#include <linux/namei.h>
if (S_ISLNK(stat->mode) && stat->size > NFS3_MAXPATHLEN) {
p = xdr_encode_hyper(p, (u64) NFS3_MAXPATHLEN);
} else {
-diff -NurpP --minimal linux-4.9.207/fs/nfsd/nfs4xdr.c linux-4.9.207-vs2.3.9.11/fs/nfsd/nfs4xdr.c
---- linux-4.9.207/fs/nfsd/nfs4xdr.c 2019-12-25 15:28:37.557312612 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfsd/nfs4xdr.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfsd/nfs4xdr.c linux-4.9/fs/nfsd/nfs4xdr.c
+--- linux-4.9/fs/nfsd/nfs4xdr.c 2021-02-24 15:47:32.304009527 +0100
++++ linux-4.9/fs/nfsd/nfs4xdr.c 2021-02-24 15:47:45.077742470 +0100
@@ -40,6 +40,7 @@
#include <linux/utsname.h>
#include <linux/pagemap.h>
if (status)
goto out;
}
-diff -NurpP --minimal linux-4.9.207/fs/nfsd/nfsxdr.c linux-4.9.207-vs2.3.9.11/fs/nfsd/nfsxdr.c
---- linux-4.9.207/fs/nfsd/nfsxdr.c 2019-12-25 15:28:37.567312448 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/nfsd/nfsxdr.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/nfsd/nfsxdr.c linux-4.9/fs/nfsd/nfsxdr.c
+--- linux-4.9/fs/nfsd/nfsxdr.c 2021-02-24 15:47:32.307342964 +0100
++++ linux-4.9/fs/nfsd/nfsxdr.c 2021-02-24 15:47:45.077742470 +0100
@@ -7,6 +7,7 @@
#include "vfs.h"
#include "xdr.h"
if (S_ISLNK(type) && stat->size > NFS_MAXPATHLEN) {
*p++ = htonl(NFS_MAXPATHLEN);
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/dlmglue.c linux-4.9.207-vs2.3.9.11/fs/ocfs2/dlmglue.c
---- linux-4.9.207/fs/ocfs2/dlmglue.c 2019-12-25 15:28:37.857307760 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/dlmglue.c 2019-12-25 15:37:51.918430506 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/dlmglue.c linux-4.9/fs/ocfs2/dlmglue.c
+--- linux-4.9/fs/ocfs2/dlmglue.c 2021-02-24 15:47:32.314009840 +0100
++++ linux-4.9/fs/ocfs2/dlmglue.c 2021-02-24 15:47:45.077742470 +0100
@@ -2120,6 +2120,7 @@ static void __ocfs2_stuff_meta_lvb(struc
lvb->lvb_iclusters = cpu_to_be32(oi->ip_clusters);
lvb->lvb_iuid = cpu_to_be32(i_uid_read(inode));
inode->i_mode = be16_to_cpu(lvb->lvb_imode);
set_nlink(inode, be16_to_cpu(lvb->lvb_inlink));
ocfs2_unpack_timespec(&inode->i_atime,
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/dlmglue.h linux-4.9.207-vs2.3.9.11/fs/ocfs2/dlmglue.h
---- linux-4.9.207/fs/ocfs2/dlmglue.h 2019-12-25 15:28:37.857307760 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/dlmglue.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/dlmglue.h linux-4.9/fs/ocfs2/dlmglue.h
+--- linux-4.9/fs/ocfs2/dlmglue.h 2021-02-24 15:47:32.314009840 +0100
++++ linux-4.9/fs/ocfs2/dlmglue.h 2021-02-24 15:47:45.077742470 +0100
@@ -46,7 +46,8 @@ struct ocfs2_meta_lvb {
__be16 lvb_inlink;
__be32 lvb_iattr;
};
#define OCFS2_QINFO_LVB_VERSION 1
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/file.c linux-4.9.207-vs2.3.9.11/fs/ocfs2/file.c
---- linux-4.9.207/fs/ocfs2/file.c 2019-12-25 15:28:37.877307439 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/file.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/file.c linux-4.9/fs/ocfs2/file.c
+--- linux-4.9/fs/ocfs2/file.c 2021-02-24 15:47:32.314009840 +0100
++++ linux-4.9/fs/ocfs2/file.c 2021-02-24 15:47:45.077742470 +0100
@@ -1151,7 +1151,7 @@ int ocfs2_setattr(struct dentry *dentry,
attr->ia_valid &= ~ATTR_SIZE;
if (!(attr->ia_valid & OCFS2_VALID_ATTRS))
return 0;
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/inode.c linux-4.9.207-vs2.3.9.11/fs/ocfs2/inode.c
---- linux-4.9.207/fs/ocfs2/inode.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/inode.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/inode.c linux-4.9/fs/ocfs2/inode.c
+--- linux-4.9/fs/ocfs2/inode.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ocfs2/inode.c 2021-02-24 15:47:45.077742470 +0100
@@ -28,6 +28,7 @@
#include <linux/highmem.h>
#include <linux/pagemap.h>
/* Fast symlinks will have i_size but no allocated clusters. */
if (S_ISLNK(inode->i_mode) && !fe->i_clusters) {
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/inode.h linux-4.9.207-vs2.3.9.11/fs/ocfs2/inode.h
---- linux-4.9.207/fs/ocfs2/inode.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/inode.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/inode.h linux-4.9/fs/ocfs2/inode.h
+--- linux-4.9/fs/ocfs2/inode.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ocfs2/inode.h 2021-02-24 15:47:45.077742470 +0100
@@ -155,6 +155,7 @@ int ocfs2_mark_inode_dirty(handle_t *han
void ocfs2_set_inode_flags(struct inode *inode);
static inline blkcnt_t ocfs2_inode_sector_count(struct inode *inode)
{
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/ioctl.c linux-4.9.207-vs2.3.9.11/fs/ocfs2/ioctl.c
---- linux-4.9.207/fs/ocfs2/ioctl.c 2019-12-25 15:28:37.887307275 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/ioctl.c 2019-12-25 15:37:51.918430506 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/ioctl.c linux-4.9/fs/ocfs2/ioctl.c
+--- linux-4.9/fs/ocfs2/ioctl.c 2021-02-24 15:47:32.314009840 +0100
++++ linux-4.9/fs/ocfs2/ioctl.c 2021-02-24 15:47:45.077742470 +0100
@@ -76,7 +76,41 @@ static int ocfs2_get_inode_attr(struct i
return status;
}
long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
{
struct inode *inode = file_inode(filp);
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/namei.c linux-4.9.207-vs2.3.9.11/fs/ocfs2/namei.c
---- linux-4.9.207/fs/ocfs2/namei.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/namei.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/namei.c linux-4.9/fs/ocfs2/namei.c
+--- linux-4.9/fs/ocfs2/namei.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/ocfs2/namei.c 2021-02-24 15:47:45.081075908 +0100
@@ -41,6 +41,7 @@
#include <linux/slab.h>
#include <linux/highmem.h>
fe->i_mode = cpu_to_le16(inode->i_mode);
if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode))
fe->id1.dev1.i_rdev = cpu_to_le64(huge_encode_dev(dev));
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/ocfs2_fs.h linux-4.9.207-vs2.3.9.11/fs/ocfs2/ocfs2_fs.h
---- linux-4.9.207/fs/ocfs2/ocfs2_fs.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/ocfs2_fs.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/ocfs2.h linux-4.9/fs/ocfs2/ocfs2.h
+--- linux-4.9/fs/ocfs2/ocfs2.h 2021-02-24 15:47:32.317343277 +0100
++++ linux-4.9/fs/ocfs2/ocfs2.h 2021-02-24 15:47:45.081075908 +0100
+@@ -289,6 +289,7 @@ enum ocfs2_mount_options
+ OCFS2_MOUNT_JOURNAL_ASYNC_COMMIT = 1 << 15, /* Journal Async Commit */
+ OCFS2_MOUNT_ERRORS_CONT = 1 << 16, /* Return EIO to the calling process on error */
+ OCFS2_MOUNT_ERRORS_ROFS = 1 << 17, /* Change filesystem to read-only on error */
++ OCFS2_MOUNT_TAGGED = 1 << 18, /* use tagging */
+ };
+
+ #define OCFS2_OSB_SOFT_RO 0x0001
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/ocfs2_fs.h linux-4.9/fs/ocfs2/ocfs2_fs.h
+--- linux-4.9/fs/ocfs2/ocfs2_fs.h 2021-02-24 15:47:32.317343277 +0100
++++ linux-4.9/fs/ocfs2/ocfs2_fs.h 2021-02-24 15:47:45.081075908 +0100
@@ -275,6 +275,11 @@
#define OCFS2_TOPDIR_FL FS_TOPDIR_FL /* Top of directory hierarchies*/
#define OCFS2_RESERVED_FL FS_RESERVED_FL /* reserved for ext2 lib */
#define OCFS2_FL_VISIBLE FS_FL_USER_VISIBLE /* User visible flags */
#define OCFS2_FL_MODIFIABLE FS_FL_USER_MODIFIABLE /* User modifiable flags */
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/ocfs2.h linux-4.9.207-vs2.3.9.11/fs/ocfs2/ocfs2.h
---- linux-4.9.207/fs/ocfs2/ocfs2.h 2019-12-25 15:28:37.907306953 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/ocfs2.h 2018-10-20 04:58:14.000000000 +0000
-@@ -289,6 +289,7 @@ enum ocfs2_mount_options
- OCFS2_MOUNT_JOURNAL_ASYNC_COMMIT = 1 << 15, /* Journal Async Commit */
- OCFS2_MOUNT_ERRORS_CONT = 1 << 16, /* Return EIO to the calling process on error */
- OCFS2_MOUNT_ERRORS_ROFS = 1 << 17, /* Change filesystem to read-only on error */
-+ OCFS2_MOUNT_TAGGED = 1 << 18, /* use tagging */
- };
-
- #define OCFS2_OSB_SOFT_RO 0x0001
-diff -NurpP --minimal linux-4.9.207/fs/ocfs2/super.c linux-4.9.207-vs2.3.9.11/fs/ocfs2/super.c
---- linux-4.9.207/fs/ocfs2/super.c 2019-12-25 15:28:37.927306628 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/ocfs2/super.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/ocfs2/super.c linux-4.9/fs/ocfs2/super.c
+--- linux-4.9/fs/ocfs2/super.c 2021-02-24 15:47:32.317343277 +0100
++++ linux-4.9/fs/ocfs2/super.c 2021-02-24 15:47:45.081075908 +0100
@@ -188,6 +188,7 @@ enum {
Opt_dir_resv_level,
Opt_journal_async_commit,
default:
mlog(ML_ERROR,
"Unrecognized mount option \"%s\" "
-diff -NurpP --minimal linux-4.9.207/fs/open.c linux-4.9.207-vs2.3.9.11/fs/open.c
---- linux-4.9.207/fs/open.c 2019-12-25 15:28:37.947306307 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/open.c 2019-10-05 14:58:45.460310912 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/open.c linux-4.9/fs/open.c
+--- linux-4.9/fs/open.c 2021-02-24 15:47:32.320676715 +0100
++++ linux-4.9/fs/open.c 2021-02-24 15:47:45.081075908 +0100
@@ -31,6 +31,11 @@
#include <linux/ima.h>
#include <linux/dnotify.h>
error = chown_common(&path, user, group);
mnt_drop_write(path.mnt);
out_release:
-diff -NurpP --minimal linux-4.9.207/fs/proc/array.c linux-4.9.207-vs2.3.9.11/fs/proc/array.c
---- linux-4.9.207/fs/proc/array.c 2019-12-25 15:28:37.987305658 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/array.c 2019-10-05 14:58:45.660307716 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/array.c linux-4.9/fs/proc/array.c
+--- linux-4.9/fs/proc/array.c 2021-02-24 15:47:32.324010153 +0100
++++ linux-4.9/fs/proc/array.c 2021-02-24 15:47:45.081075908 +0100
@@ -86,6 +86,8 @@
#include <linux/string_helpers.h>
#include <linux/user_namespace.h>
seq_printf(m, "%d (%s) %c", pid_nr_ns(pid, ns), tcomm, state);
seq_put_decimal_ll(m, " ", ppid);
seq_put_decimal_ll(m, " ", pgid);
-diff -NurpP --minimal linux-4.9.207/fs/proc/base.c linux-4.9.207-vs2.3.9.11/fs/proc/base.c
---- linux-4.9.207/fs/proc/base.c 2019-12-25 15:28:37.987305658 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/base.c 2019-10-05 14:58:45.660307716 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/base.c linux-4.9/fs/proc/base.c
+--- linux-4.9/fs/proc/base.c 2021-02-24 15:47:32.324010153 +0100
++++ linux-4.9/fs/proc/base.c 2021-02-24 15:47:45.081075908 +0100
@@ -87,6 +87,8 @@
#include <linux/slab.h>
#include <linux/flex_array.h>
ns = dentry->d_sb->s_fs_info;
rcu_read_lock();
-diff -NurpP --minimal linux-4.9.207/fs/proc/generic.c linux-4.9.207-vs2.3.9.11/fs/proc/generic.c
---- linux-4.9.207/fs/proc/generic.c 2019-12-25 15:28:37.987305658 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/generic.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/generic.c linux-4.9/fs/proc/generic.c
+--- linux-4.9/fs/proc/generic.c 2021-02-24 15:47:32.324010153 +0100
++++ linux-4.9/fs/proc/generic.c 2021-02-24 15:47:45.081075908 +0100
@@ -22,6 +22,7 @@
#include <linux/bitops.h>
#include <linux/spinlock.h>
} else {
kfree(ent);
ent = NULL;
-diff -NurpP --minimal linux-4.9.207/fs/proc/inode.c linux-4.9.207-vs2.3.9.11/fs/proc/inode.c
---- linux-4.9.207/fs/proc/inode.c 2019-12-25 15:28:37.997305497 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/inode.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/inode.c linux-4.9/fs/proc/inode.c
+--- linux-4.9/fs/proc/inode.c 2021-02-24 15:47:32.324010153 +0100
++++ linux-4.9/fs/proc/inode.c 2021-02-24 15:47:45.081075908 +0100
@@ -433,6 +433,8 @@ struct inode *proc_get_inode(struct supe
inode->i_uid = de->uid;
inode->i_gid = de->gid;
if (de->size)
inode->i_size = de->size;
if (de->nlink)
-diff -NurpP --minimal linux-4.9.207/fs/proc/internal.h linux-4.9.207-vs2.3.9.11/fs/proc/internal.h
---- linux-4.9.207/fs/proc/internal.h 2019-12-25 15:28:38.017305173 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/internal.h 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/internal.h linux-4.9/fs/proc/internal.h
+--- linux-4.9/fs/proc/internal.h 2021-02-24 15:47:32.324010153 +0100
++++ linux-4.9/fs/proc/internal.h 2021-02-24 15:47:45.084409345 +0100
@@ -14,6 +14,7 @@
#include <linux/spinlock.h>
#include <linux/atomic.h>
/*
* base.c
-diff -NurpP --minimal linux-4.9.207/fs/proc/loadavg.c linux-4.9.207-vs2.3.9.11/fs/proc/loadavg.c
---- linux-4.9.207/fs/proc/loadavg.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/loadavg.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/loadavg.c linux-4.9/fs/proc/loadavg.c
+--- linux-4.9/fs/proc/loadavg.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/proc/loadavg.c 2021-02-24 15:47:45.084409345 +0100
@@ -12,15 +12,27 @@
static int loadavg_proc_show(struct seq_file *m, void *v)
task_active_pid_ns(current)->last_pid);
return 0;
}
-diff -NurpP --minimal linux-4.9.207/fs/proc/meminfo.c linux-4.9.207-vs2.3.9.11/fs/proc/meminfo.c
---- linux-4.9.207/fs/proc/meminfo.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/meminfo.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/meminfo.c linux-4.9/fs/proc/meminfo.c
+--- linux-4.9/fs/proc/meminfo.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/proc/meminfo.c 2021-02-24 15:47:45.084409345 +0100
@@ -55,7 +55,8 @@ static int meminfo_proc_show(struct seq_
si_swapinfo(&i);
committed = percpu_counter_read_positive(&vm_committed_as);
total_swapcache_pages() - i.bufferram;
if (cached < 0)
cached = 0;
-diff -NurpP --minimal linux-4.9.207/fs/proc/root.c linux-4.9.207-vs2.3.9.11/fs/proc/root.c
---- linux-4.9.207/fs/proc/root.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/root.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/root.c linux-4.9/fs/proc/root.c
+--- linux-4.9/fs/proc/root.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/proc/root.c 2021-02-24 15:47:45.084409345 +0100
@@ -20,9 +20,14 @@
#include <linux/mount.h>
#include <linux/pid_namespace.h>
.subdir = RB_ROOT,
.name = "/proc",
};
-diff -NurpP --minimal linux-4.9.207/fs/proc/self.c linux-4.9.207-vs2.3.9.11/fs/proc/self.c
---- linux-4.9.207/fs/proc/self.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/self.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/self.c linux-4.9/fs/proc/self.c
+--- linux-4.9/fs/proc/self.c 2021-02-24 15:47:32.324010153 +0100
++++ linux-4.9/fs/proc/self.c 2021-02-24 15:47:45.084409345 +0100
@@ -1,6 +1,7 @@
#include <linux/sched.h>
#include <linux/slab.h>
#include "internal.h"
/*
-@@ -54,6 +55,8 @@ int proc_setup_self(struct super_block *
+@@ -61,6 +62,8 @@ int proc_setup_self(struct super_block *
self = d_alloc_name(s->s_root, "self");
if (self) {
- struct inode *inode = new_inode_pseudo(s);
+ struct inode *inode = new_inode(s);
+
+ // self->vx_flags = IATTR_PROC_SYMLINK;
if (inode) {
inode->i_ino = self_inum;
inode->i_mtime = inode->i_atime = inode->i_ctime = current_time(inode);
-diff -NurpP --minimal linux-4.9.207/fs/proc/stat.c linux-4.9.207-vs2.3.9.11/fs/proc/stat.c
---- linux-4.9.207/fs/proc/stat.c 2019-12-25 15:28:38.017305173 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/stat.c 2019-10-13 15:58:54.758080005 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/stat.c linux-4.9/fs/proc/stat.c
+--- linux-4.9/fs/proc/stat.c 2021-02-24 15:47:32.324010153 +0100
++++ linux-4.9/fs/proc/stat.c 2021-02-24 15:47:45.084409345 +0100
@@ -9,8 +9,10 @@
#include <linux/slab.h>
#include <linux/time.h>
/* Copy values here to work around gcc-2.95.3, gcc-2.96 */
user = kcpustat_cpu(i).cpustat[CPUTIME_USER];
nice = kcpustat_cpu(i).cpustat[CPUTIME_NICE];
-diff -NurpP --minimal linux-4.9.207/fs/proc/uptime.c linux-4.9.207-vs2.3.9.11/fs/proc/uptime.c
---- linux-4.9.207/fs/proc/uptime.c 2019-12-25 15:28:38.017305173 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc/uptime.c 2019-10-13 16:02:19.324763467 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc/uptime.c linux-4.9/fs/proc/uptime.c
+--- linux-4.9/fs/proc/uptime.c 2021-02-24 15:47:32.327343590 +0100
++++ linux-4.9/fs/proc/uptime.c 2021-02-24 15:47:45.084409345 +0100
@@ -5,6 +5,7 @@
#include <linux/seq_file.h>
#include <linux/time.h>
seq_printf(m, "%lu.%02lu %lu.%02lu\n",
(unsigned long) uptime.tv_sec,
(uptime.tv_nsec / (NSEC_PER_SEC / 100)),
-diff -NurpP --minimal linux-4.9.207/fs/proc_namespace.c linux-4.9.207-vs2.3.9.11/fs/proc_namespace.c
---- linux-4.9.207/fs/proc_namespace.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/proc_namespace.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/proc_namespace.c linux-4.9/fs/proc_namespace.c
+--- linux-4.9/fs/proc_namespace.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/proc_namespace.c 2021-02-24 15:47:45.084409345 +0100
@@ -46,6 +46,8 @@ static int show_sb_opts(struct seq_file
{ MS_DIRSYNC, ",dirsync" },
{ MS_MANDLOCK, ",mand" },
/* file system type */
seq_puts(m, "with fstype ");
show_type(m, sb);
-diff -NurpP --minimal linux-4.9.207/fs/quota/dquot.c linux-4.9.207-vs2.3.9.11/fs/quota/dquot.c
---- linux-4.9.207/fs/quota/dquot.c 2019-12-25 15:28:38.017305173 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/quota/dquot.c 2019-12-25 15:37:52.028428731 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/quota/dquot.c linux-4.9/fs/quota/dquot.c
+--- linux-4.9/fs/quota/dquot.c 2021-02-24 15:47:32.327343590 +0100
++++ linux-4.9/fs/quota/dquot.c 2021-02-24 15:47:45.084409345 +0100
@@ -1659,6 +1659,9 @@ int __dquot_alloc_space(struct inode *in
int reserve = flags & DQUOT_SPACE_RESERVE;
struct dquot **dquots;
if (!dquot_active(inode))
return;
-diff -NurpP --minimal linux-4.9.207/fs/quota/quota.c linux-4.9.207-vs2.3.9.11/fs/quota/quota.c
---- linux-4.9.207/fs/quota/quota.c 2019-12-25 15:28:38.027305012 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/quota/quota.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/quota/quota.c linux-4.9/fs/quota/quota.c
+--- linux-4.9/fs/quota/quota.c 2021-02-24 15:47:32.327343590 +0100
++++ linux-4.9/fs/quota/quota.c 2021-02-24 15:47:45.084409345 +0100
@@ -8,6 +8,7 @@
#include <linux/fs.h>
#include <linux/namei.h>
if (quotactl_cmd_write(cmd))
sb = get_super_thawed(bdev);
else
-diff -NurpP --minimal linux-4.9.207/fs/stat.c linux-4.9.207-vs2.3.9.11/fs/stat.c
---- linux-4.9.207/fs/stat.c 2019-12-25 15:28:38.087304041 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/stat.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/stat.c linux-4.9/fs/stat.c
+--- linux-4.9/fs/stat.c 2021-02-24 15:47:32.334010466 +0100
++++ linux-4.9/fs/stat.c 2021-02-24 15:47:45.084409345 +0100
@@ -26,6 +26,7 @@ void generic_fillattr(struct inode *inod
stat->nlink = inode->i_nlink;
stat->uid = inode->i_uid;
stat->rdev = inode->i_rdev;
stat->size = i_size_read(inode);
stat->atime = inode->i_atime;
-diff -NurpP --minimal linux-4.9.207/fs/statfs.c linux-4.9.207-vs2.3.9.11/fs/statfs.c
---- linux-4.9.207/fs/statfs.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/statfs.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/statfs.c linux-4.9/fs/statfs.c
+--- linux-4.9/fs/statfs.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/statfs.c 2021-02-24 15:47:45.084409345 +0100
@@ -7,6 +7,8 @@
#include <linux/statfs.h>
#include <linux/security.h>
return retval;
}
-diff -NurpP --minimal linux-4.9.207/fs/super.c linux-4.9.207-vs2.3.9.11/fs/super.c
---- linux-4.9.207/fs/super.c 2019-12-25 15:28:38.087304041 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/super.c 2019-10-13 10:11:07.125382902 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/super.c linux-4.9/fs/super.c
+--- linux-4.9/fs/super.c 2021-02-24 15:47:32.334010466 +0100
++++ linux-4.9/fs/super.c 2021-02-24 15:47:45.084409345 +0100
@@ -34,6 +34,8 @@
#include <linux/fsnotify.h>
#include <linux/lockdep.h>
error = security_sb_kern_mount(sb, flags, secdata);
if (error)
goto out_sb;
-diff -NurpP --minimal linux-4.9.207/fs/utimes.c linux-4.9.207-vs2.3.9.11/fs/utimes.c
---- linux-4.9.207/fs/utimes.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/utimes.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/utimes.c linux-4.9/fs/utimes.c
+--- linux-4.9/fs/utimes.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/fs/utimes.c 2021-02-24 15:47:45.084409345 +0100
@@ -8,6 +8,8 @@
#include <linux/stat.h>
#include <linux/utime.h>
if (times && times[0].tv_nsec == UTIME_NOW &&
times[1].tv_nsec == UTIME_NOW)
times = NULL;
-diff -NurpP --minimal linux-4.9.207/fs/xattr.c linux-4.9.207-vs2.3.9.11/fs/xattr.c
---- linux-4.9.207/fs/xattr.c 2019-12-25 15:28:38.177302586 +0000
-+++ linux-4.9.207-vs2.3.9.11/fs/xattr.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/fs/xattr.c linux-4.9/fs/xattr.c
+--- linux-4.9/fs/xattr.c 2021-02-24 15:47:32.340677341 +0100
++++ linux-4.9/fs/xattr.c 2021-02-24 15:47:45.084409345 +0100
@@ -21,6 +21,7 @@
#include <linux/audit.h>
#include <linux/vmalloc.h>
return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
return 0;
}
-diff -NurpP --minimal linux-4.9.207/include/linux/capability.h linux-4.9.207-vs2.3.9.11/include/linux/capability.h
---- linux-4.9.207/include/linux/capability.h 2019-12-25 15:28:38.667294664 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/capability.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/capability.h linux-4.9/include/linux/capability.h
+--- linux-4.9/include/linux/capability.h 2021-02-24 15:47:32.377345154 +0100
++++ linux-4.9/include/linux/capability.h 2021-02-24 15:47:45.084409345 +0100
@@ -78,7 +78,8 @@ extern const kernel_cap_t __cap_init_eff
#else /* HAND-CODED capability initializers */
# define CAP_EMPTY_SET ((kernel_cap_t){{ 0, 0 }})
# define CAP_FULL_SET ((kernel_cap_t){{ ~0, CAP_LAST_U32_VALID_MASK }})
-diff -NurpP --minimal linux-4.9.207/include/linux/cred.h linux-4.9.207-vs2.3.9.11/include/linux/cred.h
---- linux-4.9.207/include/linux/cred.h 2019-12-25 15:28:38.737293533 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/cred.h 2019-10-05 14:58:45.680307395 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/cred.h linux-4.9/include/linux/cred.h
+--- linux-4.9/include/linux/cred.h 2021-02-24 15:47:32.380678592 +0100
++++ linux-4.9/include/linux/cred.h 2021-02-24 15:47:45.087742783 +0100
@@ -156,6 +156,7 @@ extern void exit_creds(struct task_struc
extern int copy_creds(struct task_struct *, unsigned long);
extern const struct cred *get_task_cred(struct task_struct *);
/**
* get_new_cred - Get a reference on a new set of credentials
* @cred: The new credentials to reference
-diff -NurpP --minimal linux-4.9.207/include/linux/dcache.h linux-4.9.207-vs2.3.9.11/include/linux/dcache.h
---- linux-4.9.207/include/linux/dcache.h 2019-12-25 15:28:38.737293533 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/dcache.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/dcache.h linux-4.9/include/linux/dcache.h
+--- linux-4.9/include/linux/dcache.h 2021-02-24 15:47:32.380678592 +0100
++++ linux-4.9/include/linux/dcache.h 2021-02-24 15:47:45.087742783 +0100
@@ -308,8 +308,10 @@ extern char *dentry_path(struct dentry *
*/
static inline struct dentry *dget_dlock(struct dentry *dentry)
return dentry;
}
-diff -NurpP --minimal linux-4.9.207/include/linux/devpts_fs.h linux-4.9.207-vs2.3.9.11/include/linux/devpts_fs.h
---- linux-4.9.207/include/linux/devpts_fs.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/devpts_fs.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/devpts_fs.h linux-4.9/include/linux/devpts_fs.h
+--- linux-4.9/include/linux/devpts_fs.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/devpts_fs.h 2021-02-24 15:47:45.087742783 +0100
@@ -34,5 +34,4 @@ void devpts_pty_kill(struct dentry *);
#endif
-
#endif /* _LINUX_DEVPTS_FS_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/fs.h linux-4.9.207-vs2.3.9.11/include/linux/fs.h
---- linux-4.9.207/include/linux/fs.h 2019-12-25 15:28:38.777292887 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/fs.h 2019-10-05 14:58:45.690307237 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/fs.h linux-4.9/include/linux/fs.h
+--- linux-4.9/include/linux/fs.h 2021-02-24 15:47:32.384012030 +0100
++++ linux-4.9/include/linux/fs.h 2021-02-24 15:47:45.087742783 +0100
@@ -231,6 +231,7 @@ typedef int (dio_iodone_t)(struct kiocb
#define ATTR_OPEN (1 << 15) /* Truncating from open(O_TRUNC) */
#define ATTR_TIMES_SET (1 << 16)
loff_t i_size;
struct timespec i_atime;
struct timespec i_mtime;
-@@ -845,14 +850,19 @@ static inline void i_size_write(struct i
+@@ -846,14 +851,19 @@ static inline void i_size_write(struct i
#endif
}
}
extern struct block_device *I_BDEV(struct inode *inode);
-@@ -909,6 +919,7 @@ struct file {
+@@ -910,6 +920,7 @@ struct file {
loff_t f_pos;
struct fown_struct f_owner;
const struct cred *f_cred;
struct file_ra_state f_ra;
u64 f_version;
-@@ -1043,6 +1054,7 @@ struct file_lock {
+@@ -1044,6 +1055,7 @@ struct file_lock {
struct file *fl_file;
loff_t fl_start;
loff_t fl_end;
struct fasync_struct * fl_fasync; /* for lease break notifications */
/* for lease breaks: */
-@@ -1476,6 +1488,11 @@ static inline gid_t i_gid_read(const str
+@@ -1477,6 +1489,11 @@ static inline gid_t i_gid_read(const str
return from_kgid(inode->i_sb->s_user_ns, inode->i_gid);
}
static inline void i_uid_write(struct inode *inode, uid_t uid)
{
inode->i_uid = make_kuid(inode->i_sb->s_user_ns, uid);
-@@ -1765,6 +1782,7 @@ struct inode_operations {
+@@ -1766,6 +1783,7 @@ struct inode_operations {
int (*setattr) (struct dentry *, struct iattr *);
int (*getattr) (struct vfsmount *mnt, struct dentry *, struct kstat *);
ssize_t (*listxattr) (struct dentry *, char *, size_t);
int (*fiemap)(struct inode *, struct fiemap_extent_info *, u64 start,
u64 len);
int (*update_time)(struct inode *, struct timespec *, int);
-@@ -1779,6 +1797,7 @@ ssize_t rw_copy_check_uvector(int type,
+@@ -1780,6 +1798,7 @@ ssize_t rw_copy_check_uvector(int type,
unsigned long nr_segs, unsigned long fast_segs,
struct iovec *fast_pointer,
struct iovec **ret_pointer);
extern ssize_t __vfs_read(struct file *, char __user *, size_t, loff_t *);
extern ssize_t __vfs_write(struct file *, const char __user *, size_t, loff_t *);
-@@ -1850,6 +1869,14 @@ struct super_operations {
+@@ -1851,6 +1870,14 @@ struct super_operations {
#else
#define S_DAX 0 /* Make all the DAX code disappear */
#endif
/*
* Note that nosuid etc flags are inode-specific: setting some file-system
-@@ -1874,10 +1901,13 @@ struct super_operations {
+@@ -1875,10 +1902,13 @@ struct super_operations {
#define IS_MANDLOCK(inode) __IS_FLG(inode, MS_MANDLOCK)
#define IS_NOATIME(inode) __IS_FLG(inode, MS_RDONLY|MS_NOATIME)
#define IS_I_VERSION(inode) __IS_FLG(inode, MS_I_VERSION)
#define IS_POSIXACL(inode) __IS_FLG(inode, MS_POSIXACL)
#define IS_DEADDIR(inode) ((inode)->i_flags & S_DEAD)
-@@ -1897,6 +1927,16 @@ static inline bool HAS_UNMAPPED_ID(struc
+@@ -1898,6 +1928,16 @@ static inline bool HAS_UNMAPPED_ID(struc
return !uid_valid(inode->i_uid) || !gid_valid(inode->i_gid);
}
/*
* Inode state bits. Protected by inode->i_lock
*
-@@ -2162,6 +2202,9 @@ extern struct kobject *fs_kobj;
+@@ -2167,6 +2207,9 @@ extern struct kobject *fs_kobj;
extern int locks_mandatory_locked(struct file *);
extern int locks_mandatory_area(struct inode *, struct file *, loff_t, loff_t, unsigned char);
/*
* Candidates for mandatory locking have the setgid bit set
* but no group execute bit - an otherwise meaningless combination.
-@@ -2342,7 +2385,7 @@ struct filename {
+@@ -2347,7 +2390,7 @@ struct filename {
const char iname[];
};
extern int do_truncate(struct dentry *, loff_t start, unsigned int time_attrs,
struct file *filp);
extern int vfs_fallocate(struct file *file, int mode, loff_t offset,
-@@ -2973,6 +3016,7 @@ extern int dcache_dir_open(struct inode
+@@ -2978,6 +3021,7 @@ extern int dcache_dir_open(struct inode
extern int dcache_dir_close(struct inode *, struct file *);
extern loff_t dcache_dir_lseek(struct file *, loff_t, int);
extern int dcache_readdir(struct file *, struct dir_context *);
extern int simple_setattr(struct dentry *, struct iattr *);
extern int simple_getattr(struct vfsmount *, struct dentry *, struct kstat *);
extern int simple_statfs(struct dentry *, struct kstatfs *);
-diff -NurpP --minimal linux-4.9.207/include/linux/init_task.h linux-4.9.207-vs2.3.9.11/include/linux/init_task.h
---- linux-4.9.207/include/linux/init_task.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/init_task.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/init_task.h linux-4.9/include/linux/init_task.h
+--- linux-4.9/include/linux/init_task.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/init_task.h 2021-02-24 15:47:45.087742783 +0100
@@ -271,6 +271,10 @@ extern struct task_group root_task_group
INIT_VTIME(tsk) \
INIT_NUMA_BALANCING(tsk) \
}
-diff -NurpP --minimal linux-4.9.207/include/linux/ipc.h linux-4.9.207-vs2.3.9.11/include/linux/ipc.h
---- linux-4.9.207/include/linux/ipc.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/ipc.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/ipc.h linux-4.9/include/linux/ipc.h
+--- linux-4.9/include/linux/ipc.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/ipc.h 2021-02-24 15:47:45.087742783 +0100
@@ -16,6 +16,7 @@ struct kern_ipc_perm
key_t key;
kuid_t uid;
kuid_t cuid;
kgid_t cgid;
umode_t mode;
-diff -NurpP --minimal linux-4.9.207/include/linux/memcontrol.h linux-4.9.207-vs2.3.9.11/include/linux/memcontrol.h
---- linux-4.9.207/include/linux/memcontrol.h 2019-12-25 15:28:39.087287874 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/memcontrol.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/memcontrol.h linux-4.9/include/linux/memcontrol.h
+--- linux-4.9/include/linux/memcontrol.h 2021-02-24 15:47:32.397345780 +0100
++++ linux-4.9/include/linux/memcontrol.h 2021-02-24 15:47:45.087742783 +0100
@@ -92,6 +92,7 @@ enum mem_cgroup_events_target {
MEM_CGROUP_NTARGETS,
};
static inline bool mm_match_cgroup(struct mm_struct *mm,
struct mem_cgroup *memcg)
{
-diff -NurpP --minimal linux-4.9.207/include/linux/mount.h linux-4.9.207-vs2.3.9.11/include/linux/mount.h
---- linux-4.9.207/include/linux/mount.h 2019-12-25 15:28:39.377283185 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/mount.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/mount.h linux-4.9/include/linux/mount.h
+--- linux-4.9/include/linux/mount.h 2021-02-24 15:47:32.400679218 +0100
++++ linux-4.9/include/linux/mount.h 2021-02-24 15:47:45.087742783 +0100
@@ -63,6 +63,9 @@ struct mnt_namespace;
#define MNT_MARKED 0x4000000
#define MNT_UMOUNT 0x8000000
struct vfsmount {
struct dentry *mnt_root; /* root of the mounted tree */
struct super_block *mnt_sb; /* pointer to superblock */
-diff -NurpP --minimal linux-4.9.207/include/linux/netdevice.h linux-4.9.207-vs2.3.9.11/include/linux/netdevice.h
---- linux-4.9.207/include/linux/netdevice.h 2019-12-25 15:28:39.397282861 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/netdevice.h 2019-12-25 15:37:52.148426794 +0000
-@@ -2489,6 +2489,7 @@ static inline int dev_recursion_level(vo
-
- struct net_device *dev_get_by_index(struct net *net, int ifindex);
- struct net_device *__dev_get_by_index(struct net *net, int ifindex);
-+struct net_device *dev_get_by_index_real_rcu(struct net *net, int ifindex);
- struct net_device *dev_get_by_index_rcu(struct net *net, int ifindex);
- int netdev_get_name(struct net *net, char *name, int ifindex);
- int dev_restart(struct net_device *dev);
-diff -NurpP --minimal linux-4.9.207/include/linux/net.h linux-4.9.207-vs2.3.9.11/include/linux/net.h
---- linux-4.9.207/include/linux/net.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/net.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/net.h linux-4.9/include/linux/net.h
+--- linux-4.9/include/linux/net.h 2021-02-24 15:47:32.400679218 +0100
++++ linux-4.9/include/linux/net.h 2021-02-24 15:47:45.091076220 +0100
@@ -44,6 +44,7 @@ struct net;
#define SOCK_NOSPACE 2
#define SOCK_PASSCRED 3
#ifndef ARCH_HAS_SOCKET_TYPES
/**
-diff -NurpP --minimal linux-4.9.207/include/linux/nsproxy.h linux-4.9.207-vs2.3.9.11/include/linux/nsproxy.h
---- linux-4.9.207/include/linux/nsproxy.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/nsproxy.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/netdevice.h linux-4.9/include/linux/netdevice.h
+--- linux-4.9/include/linux/netdevice.h 2021-02-24 15:47:33.074033615 +0100
++++ linux-4.9/include/linux/netdevice.h 2021-02-24 15:47:45.087742783 +0100
+@@ -2489,6 +2489,7 @@ static inline int dev_recursion_level(vo
+
+ struct net_device *dev_get_by_index(struct net *net, int ifindex);
+ struct net_device *__dev_get_by_index(struct net *net, int ifindex);
++struct net_device *dev_get_by_index_real_rcu(struct net *net, int ifindex);
+ struct net_device *dev_get_by_index_rcu(struct net *net, int ifindex);
+ int netdev_get_name(struct net *net, char *name, int ifindex);
+ int dev_restart(struct net_device *dev);
+diff -urNp -x '*.orig' linux-4.9/include/linux/nsproxy.h linux-4.9/include/linux/nsproxy.h
+--- linux-4.9/include/linux/nsproxy.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/nsproxy.h 2021-02-24 15:47:45.091076220 +0100
@@ -3,6 +3,7 @@
#include <linux/spinlock.h>
}
#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/pid.h linux-4.9.207-vs2.3.9.11/include/linux/pid.h
---- linux-4.9.207/include/linux/pid.h 2019-12-25 15:28:39.507281083 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/pid.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/pid.h linux-4.9/include/linux/pid.h
+--- linux-4.9/include/linux/pid.h 2021-02-24 15:47:32.407346093 +0100
++++ linux-4.9/include/linux/pid.h 2021-02-24 15:47:45.091076220 +0100
@@ -10,7 +10,8 @@ enum pid_type
PIDTYPE_SID,
PIDTYPE_MAX,
pid_t pid_vnr(struct pid *pid);
#define do_each_pid_task(pid, type, task) \
-diff -NurpP --minimal linux-4.9.207/include/linux/quotaops.h linux-4.9.207-vs2.3.9.11/include/linux/quotaops.h
---- linux-4.9.207/include/linux/quotaops.h 2019-12-25 15:28:39.587279789 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/quotaops.h 2019-12-25 15:37:52.158426633 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/quotaops.h linux-4.9/include/linux/quotaops.h
+--- linux-4.9/include/linux/quotaops.h 2021-02-24 15:47:32.410679531 +0100
++++ linux-4.9/include/linux/quotaops.h 2021-02-24 15:47:45.091076220 +0100
@@ -8,6 +8,7 @@
#define _LINUX_QUOTAOPS_
}
static inline int dquot_claim_space_nodirty(struct inode *inode, qsize_t number)
-diff -NurpP --minimal linux-4.9.207/include/linux/sched.h linux-4.9.207-vs2.3.9.11/include/linux/sched.h
---- linux-4.9.207/include/linux/sched.h 2019-12-25 15:28:39.727277526 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/sched.h 2019-10-05 14:58:45.710306917 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/sched.h linux-4.9/include/linux/sched.h
+--- linux-4.9/include/linux/sched.h 2021-02-24 15:47:32.414012968 +0100
++++ linux-4.9/include/linux/sched.h 2021-02-24 15:47:45.091076220 +0100
@@ -1719,6 +1719,14 @@ struct task_struct {
#endif
struct seccomp seccomp;
+ vtag_t tag;
+
/* Thread group tracking */
- u32 parent_exec_id;
- u32 self_exec_id;
-@@ -2112,6 +2120,11 @@ struct pid_namespace;
+ u64 parent_exec_id;
+ u64 self_exec_id;
+@@ -2114,6 +2122,11 @@ struct pid_namespace;
pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type,
struct pid_namespace *ns);
static inline pid_t task_pid_nr(struct task_struct *tsk)
{
return tsk->pid;
-@@ -2125,7 +2138,8 @@ static inline pid_t task_pid_nr_ns(struc
+@@ -2127,7 +2140,8 @@ static inline pid_t task_pid_nr_ns(struc
static inline pid_t task_pid_vnr(struct task_struct *tsk)
{
}
-diff -NurpP --minimal linux-4.9.207/include/linux/shmem_fs.h linux-4.9.207-vs2.3.9.11/include/linux/shmem_fs.h
---- linux-4.9.207/include/linux/shmem_fs.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/shmem_fs.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/shmem_fs.h linux-4.9/include/linux/shmem_fs.h
+--- linux-4.9/include/linux/shmem_fs.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/shmem_fs.h 2021-02-24 15:47:45.091076220 +0100
@@ -10,6 +10,9 @@
/* inode in-kernel data */
struct shmem_inode_info {
spinlock_t lock;
unsigned int seals; /* shmem seals */
-diff -NurpP --minimal linux-4.9.207/include/linux/stat.h linux-4.9.207-vs2.3.9.11/include/linux/stat.h
---- linux-4.9.207/include/linux/stat.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/stat.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/stat.h linux-4.9/include/linux/stat.h
+--- linux-4.9/include/linux/stat.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/stat.h 2021-02-24 15:47:45.091076220 +0100
@@ -25,6 +25,7 @@ struct kstat {
unsigned int nlink;
kuid_t uid;
dev_t rdev;
loff_t size;
struct timespec atime;
-diff -NurpP --minimal linux-4.9.207/include/linux/sunrpc/auth.h linux-4.9.207-vs2.3.9.11/include/linux/sunrpc/auth.h
---- linux-4.9.207/include/linux/sunrpc/auth.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/sunrpc/auth.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/sunrpc/auth.h linux-4.9/include/linux/sunrpc/auth.h
+--- linux-4.9/include/linux/sunrpc/auth.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/sunrpc/auth.h 2021-02-24 15:47:45.091076220 +0100
@@ -46,6 +46,7 @@ enum {
struct auth_cred {
kuid_t uid;
struct group_info *group_info;
const char *principal;
unsigned long ac_flags;
-diff -NurpP --minimal linux-4.9.207/include/linux/sunrpc/clnt.h linux-4.9.207-vs2.3.9.11/include/linux/sunrpc/clnt.h
---- linux-4.9.207/include/linux/sunrpc/clnt.h 2019-12-25 15:28:39.857275424 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/sunrpc/clnt.h 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/sunrpc/clnt.h linux-4.9/include/linux/sunrpc/clnt.h
+--- linux-4.9/include/linux/sunrpc/clnt.h 2021-02-24 15:47:32.417346405 +0100
++++ linux-4.9/include/linux/sunrpc/clnt.h 2021-02-24 15:47:45.091076220 +0100
@@ -52,7 +52,8 @@ struct rpc_clnt {
cl_discrtry : 1,/* disconnect before retry */
cl_noretranstimeo: 1,/* No retransmit timeouts */
struct rpc_rtt * cl_rtt; /* RTO estimator data */
const struct rpc_timeout *cl_timeout; /* Timeout strategy */
-diff -NurpP --minimal linux-4.9.207/include/linux/types.h linux-4.9.207-vs2.3.9.11/include/linux/types.h
---- linux-4.9.207/include/linux/types.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/types.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/types.h linux-4.9/include/linux/types.h
+--- linux-4.9/include/linux/types.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/types.h 2021-02-24 15:47:45.091076220 +0100
@@ -32,6 +32,9 @@ typedef __kernel_uid32_t uid_t;
typedef __kernel_gid32_t gid_t;
typedef __kernel_uid16_t uid16_t;
typedef unsigned long uintptr_t;
-diff -NurpP --minimal linux-4.9.207/include/linux/uidgid.h linux-4.9.207-vs2.3.9.11/include/linux/uidgid.h
---- linux-4.9.207/include/linux/uidgid.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/uidgid.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/uidgid.h linux-4.9/include/linux/uidgid.h
+--- linux-4.9/include/linux/uidgid.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/linux/uidgid.h 2021-02-24 15:47:45.091076220 +0100
@@ -21,13 +21,17 @@ typedef struct {
uid_t val;
} kuid_t;
static inline uid_t from_kuid_munged(struct user_namespace *to, kuid_t kuid)
{
uid_t uid = from_kuid(to, kuid);
-diff -NurpP --minimal linux-4.9.207/include/linux/vroot.h linux-4.9.207-vs2.3.9.11/include/linux/vroot.h
---- linux-4.9.207/include/linux/vroot.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vroot.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/vroot.h linux-4.9/include/linux/vroot.h
+--- linux-4.9/include/linux/vroot.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vroot.h 2021-02-24 15:47:45.091076220 +0100
@@ -0,0 +1,51 @@
+
+/*
+#define VROOT_CLR_DEV 0x5601
+
+#endif /* _LINUX_VROOT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_base.h linux-4.9.207-vs2.3.9.11/include/linux/vs_base.h
---- linux-4.9.207/include/linux/vs_base.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_base.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_base.h linux-4.9/include/linux/vs_base.h
+--- linux-4.9/include/linux/vs_base.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_base.h 2021-02-24 15:47:45.091076220 +0100
@@ -0,0 +1,10 @@
+#ifndef _VS_BASE_H
+#define _VS_BASE_H
+#else
+#warning duplicate inclusion
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_context.h linux-4.9.207-vs2.3.9.11/include/linux/vs_context.h
---- linux-4.9.207/include/linux/vs_context.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_context.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_context.h linux-4.9/include/linux/vs_context.h
+--- linux-4.9/include/linux/vs_context.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_context.h 2021-02-24 15:47:45.091076220 +0100
@@ -0,0 +1,242 @@
+#ifndef _VS_CONTEXT_H
+#define _VS_CONTEXT_H
+#else
+#warning duplicate inclusion
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_cowbl.h linux-4.9.207-vs2.3.9.11/include/linux/vs_cowbl.h
---- linux-4.9.207/include/linux/vs_cowbl.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_cowbl.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_cowbl.h linux-4.9/include/linux/vs_cowbl.h
+--- linux-4.9/include/linux/vs_cowbl.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_cowbl.h 2021-02-24 15:47:45.094409658 +0100
@@ -0,0 +1,48 @@
+#ifndef _VS_COWBL_H
+#define _VS_COWBL_H
+#else
+#warning duplicate inclusion
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_cvirt.h linux-4.9.207-vs2.3.9.11/include/linux/vs_cvirt.h
---- linux-4.9.207/include/linux/vs_cvirt.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_cvirt.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_cvirt.h linux-4.9/include/linux/vs_cvirt.h
+--- linux-4.9/include/linux/vs_cvirt.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_cvirt.h 2021-02-24 15:47:45.094409658 +0100
@@ -0,0 +1,50 @@
+#ifndef _VS_CVIRT_H
+#define _VS_CVIRT_H
+#else
+#warning duplicate inclusion
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_device.h linux-4.9.207-vs2.3.9.11/include/linux/vs_device.h
---- linux-4.9.207/include/linux/vs_device.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_device.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_device.h linux-4.9/include/linux/vs_device.h
+--- linux-4.9/include/linux/vs_device.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_device.h 2021-02-24 15:47:45.094409658 +0100
@@ -0,0 +1,45 @@
+#ifndef _VS_DEVICE_H
+#define _VS_DEVICE_H
+#else
+#warning duplicate inclusion
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_dlimit.h linux-4.9.207-vs2.3.9.11/include/linux/vs_dlimit.h
---- linux-4.9.207/include/linux/vs_dlimit.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_dlimit.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_dlimit.h linux-4.9/include/linux/vs_dlimit.h
+--- linux-4.9/include/linux/vs_dlimit.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_dlimit.h 2021-02-24 15:47:45.094409658 +0100
@@ -0,0 +1,215 @@
+#ifndef _VS_DLIMIT_H
+#define _VS_DLIMIT_H
+#else
+#warning duplicate inclusion
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/base.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/base.h
---- linux-4.9.207/include/linux/vserver/base.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/base.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,184 @@
-+#ifndef _VSERVER_BASE_H
-+#define _VSERVER_BASE_H
-+
-+
-+/* context state changes */
-+
-+enum {
-+ VSC_STARTUP = 1,
-+ VSC_SHUTDOWN,
-+
-+ VSC_NETUP,
-+ VSC_NETDOWN,
-+};
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_inet.h linux-4.9/include/linux/vs_inet.h
+--- linux-4.9/include/linux/vs_inet.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_inet.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,364 @@
++#ifndef _VS_INET_H
++#define _VS_INET_H
+
++#include "vserver/base.h"
++#include "vserver/network.h"
++#include "vserver/debug.h"
+
++#define IPI_LOOPBACK htonl(INADDR_LOOPBACK)
+
-+#define vx_task_xid(t) ((t)->xid)
++#define NXAV4(a) NIPQUAD((a)->ip[0]), NIPQUAD((a)->ip[1]), \
++ NIPQUAD((a)->mask), (a)->type
++#define NXAV4_FMT "[" NIPQUAD_FMT "-" NIPQUAD_FMT "/" NIPQUAD_FMT ":%04x]"
+
-+#define vx_current_xid() vx_task_xid(current)
++#define NIPQUAD(addr) \
++ ((unsigned char *)&addr)[0], \
++ ((unsigned char *)&addr)[1], \
++ ((unsigned char *)&addr)[2], \
++ ((unsigned char *)&addr)[3]
+
-+#define current_vx_info() (current->vx_info)
++#define NIPQUAD_FMT "%u.%u.%u.%u"
+
+
-+#define nx_task_nid(t) ((t)->nid)
++static inline
++int v4_addr_match(struct nx_addr_v4 *nxa, __be32 addr, uint16_t tmask)
++{
++ __be32 ip = nxa->ip[0].s_addr;
++ __be32 mask = nxa->mask.s_addr;
++ __be32 bcast = ip | ~mask;
++ int ret = 0;
+
-+#define nx_current_nid() nx_task_nid(current)
++ switch (nxa->type & tmask) {
++ case NXA_TYPE_MASK:
++ ret = (ip == (addr & mask));
++ break;
++ case NXA_TYPE_ADDR:
++ ret = 3;
++ if (addr == ip)
++ break;
++ /* fall through to broadcast */
++ case NXA_MOD_BCAST:
++ ret = ((tmask & NXA_MOD_BCAST) && (addr == bcast));
++ break;
++ case NXA_TYPE_RANGE:
++ ret = ((nxa->ip[0].s_addr <= addr) &&
++ (nxa->ip[1].s_addr > addr));
++ break;
++ case NXA_TYPE_ANY:
++ ret = 2;
++ break;
++ }
+
-+#define current_nx_info() (current->nx_info)
++ vxdprintk(VXD_CBIT(net, 0),
++ "v4_addr_match(%p" NXAV4_FMT "," NIPQUAD_FMT ",%04x) = %d",
++ nxa, NXAV4(nxa), NIPQUAD(addr), tmask, ret);
++ return ret;
++}
+
++static inline
++int v4_addr_in_nx_info(struct nx_info *nxi, __be32 addr, uint16_t tmask)
++{
++ struct nx_addr_v4 *nxa;
++ unsigned long irqflags;
++ int ret = 1;
+
-+/* generic flag merging */
++ if (!nxi)
++ goto out;
+
-+#define vs_check_flags(v, m, f) (((v) & (m)) ^ (f))
++ ret = 2;
++ /* allow 127.0.0.1 when remapping lback */
++ if ((tmask & NXA_LOOPBACK) &&
++ (addr == IPI_LOOPBACK) &&
++ nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
++ goto out;
++ ret = 3;
++ /* check for lback address */
++ if ((tmask & NXA_MOD_LBACK) &&
++ (nxi->v4_lback.s_addr == addr))
++ goto out;
++ ret = 4;
++ /* check for broadcast address */
++ if ((tmask & NXA_MOD_BCAST) &&
++ (nxi->v4_bcast.s_addr == addr))
++ goto out;
++ ret = 5;
+
-+#define vs_mask_flags(v, f, m) (((v) & ~(m)) | ((f) & (m)))
++ /* check for v4 addresses */
++ spin_lock_irqsave(&nxi->addr_lock, irqflags);
++ for (nxa = &nxi->v4; nxa; nxa = nxa->next)
++ if (v4_addr_match(nxa, addr, tmask))
++ goto out_unlock;
++ ret = 0;
++out_unlock:
++ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
++out:
++ vxdprintk(VXD_CBIT(net, 0),
++ "v4_addr_in_nx_info(%p[#%u]," NIPQUAD_FMT ",%04x) = %d",
++ nxi, nxi ? nxi->nx_id : 0, NIPQUAD(addr), tmask, ret);
++ return ret;
++}
+
-+#define vs_mask_mask(v, f, m) (((v) & ~(m)) | ((v) & (f) & (m)))
++static inline
++int v4_nx_addr_match(struct nx_addr_v4 *nxa, struct nx_addr_v4 *addr, uint16_t mask)
++{
++ /* FIXME: needs full range checks */
++ return v4_addr_match(nxa, addr->ip[0].s_addr, mask);
++}
+
-+#define vs_check_bit(v, n) ((v) & (1LL << (n)))
++static inline
++int v4_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v4 *nxa, uint16_t mask)
++{
++ struct nx_addr_v4 *ptr;
++ unsigned long irqflags;
++ int ret = 1;
+
++ spin_lock_irqsave(&nxi->addr_lock, irqflags);
++ for (ptr = &nxi->v4; ptr; ptr = ptr->next)
++ if (v4_nx_addr_match(ptr, nxa, mask))
++ goto out_unlock;
++ ret = 0;
++out_unlock:
++ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
++ return ret;
++}
+
-+/* context flags */
++#include <net/inet_sock.h>
+
-+#define __vx_flags(v) ((v) ? (v)->vx_flags : 0)
-+
-+#define vx_current_flags() __vx_flags(current_vx_info())
-+
-+#define vx_info_flags(v, m, f) \
-+ vs_check_flags(__vx_flags(v), m, f)
++/*
++ * Check if a given address matches for a socket
++ *
++ * nxi: the socket's nx_info if any
++ * addr: to be verified address
++ */
++static inline
++int v4_sock_addr_match (
++ struct nx_info *nxi,
++ struct inet_sock *inet,
++ __be32 addr)
++{
++ __be32 saddr = inet->inet_rcv_saddr;
++ __be32 bcast = nxi ? nxi->v4_bcast.s_addr : INADDR_BROADCAST;
+
-+#define task_vx_flags(t, m, f) \
-+ ((t) && vx_info_flags((t)->vx_info, m, f))
++ if (addr && (saddr == addr || bcast == addr))
++ return 1;
++ if (!saddr)
++ return v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND);
++ return 0;
++}
+
-+#define vx_flags(m, f) vx_info_flags(current_vx_info(), m, f)
+
++/* inet related checks and helpers */
+
-+/* context caps */
+
-+#define __vx_ccaps(v) ((v) ? (v)->vx_ccaps : 0)
++struct in_ifaddr;
++struct net_device;
++struct sock;
+
-+#define vx_current_ccaps() __vx_ccaps(current_vx_info())
++#ifdef CONFIG_INET
+
-+#define vx_info_ccaps(v, c) (__vx_ccaps(v) & (c))
++#include <linux/netdevice.h>
++#include <linux/inetdevice.h>
++#include <net/inet_sock.h>
++#include <net/inet_timewait_sock.h>
+
-+#define vx_ccaps(c) vx_info_ccaps(current_vx_info(), (c))
+
++int dev_in_nx_info(struct net_device *, struct nx_info *);
++int v4_dev_in_nx_info(struct net_device *, struct nx_info *);
++int nx_v4_addr_conflict(struct nx_info *, struct nx_info *);
+
+
-+/* network flags */
++/*
++ * check if address is covered by socket
++ *
++ * sk: the socket to check against
++ * addr: the address in question (must be != 0)
++ */
+
-+#define __nx_flags(n) ((n) ? (n)->nx_flags : 0)
++static inline
++int __v4_addr_match_socket(const struct sock *sk, struct nx_addr_v4 *nxa)
++{
++ struct nx_info *nxi = sk->sk_nx_info;
++ __be32 saddr = sk->sk_rcv_saddr;
+
-+#define nx_current_flags() __nx_flags(current_nx_info())
++ vxdprintk(VXD_CBIT(net, 5),
++ "__v4_addr_in_socket(%p," NXAV4_FMT ") %p:" NIPQUAD_FMT " %p;%lx",
++ sk, NXAV4(nxa), nxi, NIPQUAD(saddr), sk->sk_socket,
++ (sk->sk_socket?sk->sk_socket->flags:0));
+
-+#define nx_info_flags(n, m, f) \
-+ vs_check_flags(__nx_flags(n), m, f)
++ if (saddr) { /* direct address match */
++ return v4_addr_match(nxa, saddr, -1);
++ } else if (nxi) { /* match against nx_info */
++ return v4_nx_addr_in_nx_info(nxi, nxa, -1);
++ } else { /* unrestricted any socket */
++ return 1;
++ }
++}
+
-+#define task_nx_flags(t, m, f) \
-+ ((t) && nx_info_flags((t)->nx_info, m, f))
+
-+#define nx_flags(m, f) nx_info_flags(current_nx_info(), m, f)
+
++static inline
++int nx_dev_visible(struct nx_info *nxi, struct net_device *dev)
++{
++ vxdprintk(VXD_CBIT(net, 1),
++ "nx_dev_visible(%p[#%u],%p " VS_Q("%s") ") %d",
++ nxi, nxi ? nxi->nx_id : 0, dev, dev->name,
++ nxi ? dev_in_nx_info(dev, nxi) : 0);
+
-+/* network caps */
++ if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
++ return 1;
++ if (dev_in_nx_info(dev, nxi))
++ return 1;
++ return 0;
++}
+
-+#define __nx_ncaps(n) ((n) ? (n)->nx_ncaps : 0)
+
-+#define nx_current_ncaps() __nx_ncaps(current_nx_info())
++static inline
++int v4_ifa_in_nx_info(struct in_ifaddr *ifa, struct nx_info *nxi)
++{
++ if (!nxi)
++ return 1;
++ if (!ifa)
++ return 0;
++ return v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW);
++}
+
-+#define nx_info_ncaps(n, c) (__nx_ncaps(n) & (c))
++static inline
++int nx_v4_ifa_visible(struct nx_info *nxi, struct in_ifaddr *ifa)
++{
++ vxdprintk(VXD_CBIT(net, 1), "nx_v4_ifa_visible(%p[#%u],%p) %d",
++ nxi, nxi ? nxi->nx_id : 0, ifa,
++ nxi ? v4_ifa_in_nx_info(ifa, nxi) : 0);
+
-+#define nx_ncaps(c) nx_info_ncaps(current_nx_info(), c)
++ if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
++ return 1;
++ if (v4_ifa_in_nx_info(ifa, nxi))
++ return 1;
++ return 0;
++}
+
+
-+/* context mask capabilities */
++struct nx_v4_sock_addr {
++ __be32 saddr; /* Address used for validation */
++ __be32 baddr; /* Address used for socket bind */
++};
+
-+#define __vx_mcaps(v) ((v) ? (v)->vx_ccaps >> 32UL : ~0 )
++static inline
++int v4_map_sock_addr(struct inet_sock *inet, struct sockaddr_in *addr,
++ struct nx_v4_sock_addr *nsa)
++{
++ struct sock *sk = &inet->sk;
++ struct nx_info *nxi = sk->sk_nx_info;
++ __be32 saddr = addr->sin_addr.s_addr;
++ __be32 baddr = saddr;
+
-+#define vx_info_mcaps(v, c) (__vx_mcaps(v) & (c))
++ vxdprintk(VXD_CBIT(net, 3),
++ "inet_bind(%p)* %p,%p;%lx " NIPQUAD_FMT,
++ sk, sk->sk_nx_info, sk->sk_socket,
++ (sk->sk_socket ? sk->sk_socket->flags : 0),
++ NIPQUAD(saddr));
+
-+#define vx_mcaps(c) vx_info_mcaps(current_vx_info(), c)
++ if (nxi) {
++ if (saddr == INADDR_ANY) {
++ if (nx_info_flags(nxi, NXF_SINGLE_IP, 0))
++ baddr = nxi->v4.ip[0].s_addr;
++ } else if (saddr == IPI_LOOPBACK) {
++ if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
++ baddr = nxi->v4_lback.s_addr;
++ } else if (!ipv4_is_multicast(saddr) ||
++ !nx_info_ncaps(nxi, NXC_MULTICAST)) {
++ /* normal address bind */
++ if (!v4_addr_in_nx_info(nxi, saddr, NXA_MASK_BIND))
++ return -EADDRNOTAVAIL;
++ }
++ }
+
++ vxdprintk(VXD_CBIT(net, 3),
++ "inet_bind(%p) " NIPQUAD_FMT ", " NIPQUAD_FMT,
++ sk, NIPQUAD(saddr), NIPQUAD(baddr));
+
-+/* context bcap mask */
++ nsa->saddr = saddr;
++ nsa->baddr = baddr;
++ return 0;
++}
+
-+#define __vx_bcaps(v) ((v)->vx_bcaps)
++static inline
++void v4_set_sock_addr(struct inet_sock *inet, struct nx_v4_sock_addr *nsa)
++{
++ inet->inet_saddr = nsa->baddr;
++ inet->inet_rcv_saddr = nsa->baddr;
++}
+
-+#define vx_current_bcaps() __vx_bcaps(current_vx_info())
+
++/*
++ * helper to simplify inet_lookup_listener
++ *
++ * nxi: the socket's nx_info if any
++ * addr: to be verified address
++ * saddr: socket address
++ */
++static inline int v4_inet_addr_match (
++ struct nx_info *nxi,
++ __be32 addr,
++ __be32 saddr)
++{
++ if (addr && (saddr == addr))
++ return 1;
++ if (!saddr)
++ return nxi ? v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND) : 1;
++ return 0;
++}
+
-+/* mask given bcaps */
++static inline __be32 nx_map_sock_lback(struct nx_info *nxi, __be32 addr)
++{
++ if (nx_info_flags(nxi, NXF_HIDE_LBACK, 0) &&
++ (addr == nxi->v4_lback.s_addr))
++ return IPI_LOOPBACK;
++ return addr;
++}
+
-+#define vx_info_mbcaps(v, c) ((v) ? cap_intersect(__vx_bcaps(v), c) : c)
++static inline
++int nx_info_has_v4(struct nx_info *nxi)
++{
++ if (!nxi)
++ return 1;
++ if (NX_IPV4(nxi))
++ return 1;
++ if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
++ return 1;
++ return 0;
++}
+
-+#define vx_mbcaps(c) vx_info_mbcaps(current_vx_info(), c)
++#else /* CONFIG_INET */
+
++static inline
++int nx_dev_visible(struct nx_info *n, struct net_device *d)
++{
++ return 1;
++}
+
-+/* masked cap_bset */
++static inline
++int nx_v4_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
++{
++ return 1;
++}
+
-+#define vx_info_cap_bset(v) vx_info_mbcaps(v, current->cap_bset)
++static inline
++int v4_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
++{
++ return 1;
++}
+
-+#define vx_current_cap_bset() vx_info_cap_bset(current_vx_info())
++static inline
++int nx_info_has_v4(struct nx_info *nxi)
++{
++ return 0;
++}
+
-+#if 0
-+#define vx_info_mbcap(v, b) \
-+ (!vx_info_flags(v, VXF_STATE_SETUP, 0) ? \
-+ vx_info_bcaps(v, b) : (b))
++#endif /* CONFIG_INET */
+
-+#define task_vx_mbcap(t, b) \
-+ vx_info_mbcap((t)->vx_info, (t)->b)
++#define current_nx_info_has_v4() \
++ nx_info_has_v4(current_nx_info())
+
-+#define vx_mbcap(b) task_vx_mbcap(current, b)
++#else
++// #warning duplicate inclusion
+#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_inet6.h linux-4.9/include/linux/vs_inet6.h
+--- linux-4.9/include/linux/vs_inet6.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_inet6.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,264 @@
++#ifndef _VS_INET6_H
++#define _VS_INET6_H
+
-+#define vx_cap_raised(v, c, f) cap_raised(vx_info_mbcaps(v, c), f)
++#include "vserver/base.h"
++#include "vserver/network.h"
++#include "vserver/debug.h"
+
-+#define vx_capable(b, c) (capable(b) || \
-+ (cap_raised(current_cap(), b) && vx_ccaps(c)))
++#include <net/ipv6.h>
+
-+#define vx_ns_capable(n, b, c) (ns_capable(n, b) || \
-+ (cap_raised(current_cap(), b) && vx_ccaps(c)))
++#define NXAV6(a) &(a)->ip, &(a)->mask, (a)->prefix, (a)->type
++#define NXAV6_FMT "[%pI6/%pI6/%d:%04x]"
+
-+#define nx_capable(b, c) (capable(b) || \
-+ (cap_raised(current_cap(), b) && nx_ncaps(c)))
-+
-+#define nx_ns_capable(n, b, c) (ns_capable(n, b) || \
-+ (cap_raised(current_cap(), b) && nx_ncaps(c)))
-+
-+#define vx_task_initpid(t, n) \
-+ ((t)->vx_info && \
-+ ((t)->vx_info->vx_initpid == (n)))
+
-+#define vx_current_initpid(n) vx_task_initpid(current, n)
++#ifdef CONFIG_IPV6
+
++static inline
++int v6_addr_match(struct nx_addr_v6 *nxa,
++ const struct in6_addr *addr, uint16_t mask)
++{
++ int ret = 0;
+
-+/* context unshare mask */
++ switch (nxa->type & mask) {
++ case NXA_TYPE_MASK:
++ ret = ipv6_masked_addr_cmp(&nxa->ip, &nxa->mask, addr);
++ break;
++ case NXA_TYPE_ADDR:
++ ret = ipv6_addr_equal(&nxa->ip, addr);
++ break;
++ case NXA_TYPE_ANY:
++ ret = 1;
++ break;
++ }
++ vxdprintk(VXD_CBIT(net, 0),
++ "v6_addr_match(%p" NXAV6_FMT ",%pI6,%04x) = %d",
++ nxa, NXAV6(nxa), addr, mask, ret);
++ return ret;
++}
+
-+#define __vx_umask(v) ((v)->vx_umask)
++static inline
++int v6_addr_in_nx_info(struct nx_info *nxi,
++ const struct in6_addr *addr, uint16_t mask)
++{
++ struct nx_addr_v6 *nxa;
++ unsigned long irqflags;
++ int ret = 1;
+
-+#define vx_current_umask() __vx_umask(current_vx_info())
++ if (!nxi)
++ goto out;
+
-+#define vx_can_unshare(b, f) (capable(b) || \
-+ (cap_raised(current_cap(), b) && \
-+ !((f) & ~vx_current_umask())))
++ spin_lock_irqsave(&nxi->addr_lock, irqflags);
++ for (nxa = &nxi->v6; nxa; nxa = nxa->next)
++ if (v6_addr_match(nxa, addr, mask))
++ goto out_unlock;
++ ret = 0;
++out_unlock:
++ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
++out:
++ vxdprintk(VXD_CBIT(net, 0),
++ "v6_addr_in_nx_info(%p[#%u],%pI6,%04x) = %d",
++ nxi, nxi ? nxi->nx_id : 0, addr, mask, ret);
++ return ret;
++}
+
-+#define vx_ns_can_unshare(n, b, f) (ns_capable(n, b) || \
-+ (cap_raised(current_cap(), b) && \
-+ !((f) & ~vx_current_umask())))
++static inline
++int v6_nx_addr_match(struct nx_addr_v6 *nxa, struct nx_addr_v6 *addr, uint16_t mask)
++{
++ /* FIXME: needs full range checks */
++ return v6_addr_match(nxa, &addr->ip, mask);
++}
+
-+#define __vx_wmask(v) ((v)->vx_wmask)
++static inline
++int v6_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v6 *nxa, uint16_t mask)
++{
++ struct nx_addr_v6 *ptr;
++ unsigned long irqflags;
++ int ret = 1;
+
-+#define vx_current_wmask() __vx_wmask(current_vx_info())
++ spin_lock_irqsave(&nxi->addr_lock, irqflags);
++ for (ptr = &nxi->v6; ptr; ptr = ptr->next)
++ if (v6_nx_addr_match(ptr, nxa, mask))
++ goto out_unlock;
++ ret = 0;
++out_unlock:
++ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
++ return ret;
++}
+
+
-+#define __vx_state(v) ((v) ? ((v)->vx_state) : 0)
++/*
++ * Check if a given address matches for a socket
++ *
++ * nxi: the socket's nx_info if any
++ * addr: to be verified address
++ */
++static inline
++int v6_sock_addr_match (
++ struct nx_info *nxi,
++ struct inet_sock *inet,
++ struct in6_addr *addr)
++{
++ struct sock *sk = &inet->sk;
++ const struct in6_addr *saddr = inet6_rcv_saddr(sk);
+
-+#define vx_info_state(v, m) (__vx_state(v) & (m))
++ if (!ipv6_addr_any(addr) &&
++ ipv6_addr_equal(saddr, addr))
++ return 1;
++ if (ipv6_addr_any(saddr))
++ return v6_addr_in_nx_info(nxi, addr, -1);
++ return 0;
++}
+
++/*
++ * check if address is covered by socket
++ *
++ * sk: the socket to check against
++ * addr: the address in question (must be != 0)
++ */
+
-+#define __nx_state(n) ((n) ? ((n)->nx_state) : 0)
++static inline
++int __v6_addr_match_socket(const struct sock *sk, struct nx_addr_v6 *nxa)
++{
++ struct nx_info *nxi = sk->sk_nx_info;
++ const struct in6_addr *saddr = inet6_rcv_saddr(sk);
+
-+#define nx_info_state(n, m) (__nx_state(n) & (m))
++ vxdprintk(VXD_CBIT(net, 5),
++ "__v6_addr_in_socket(%p," NXAV6_FMT ") %p:%pI6 %p;%lx",
++ sk, NXAV6(nxa), nxi, saddr, sk->sk_socket,
++ (sk->sk_socket?sk->sk_socket->flags:0));
+
-+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/cacct_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct_cmd.h
---- linux-4.9.207/include/linux/vserver/cacct_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,10 @@
-+#ifndef _VSERVER_CACCT_CMD_H
-+#define _VSERVER_CACCT_CMD_H
++ if (!ipv6_addr_any(saddr)) { /* direct address match */
++ return v6_addr_match(nxa, saddr, -1);
++ } else if (nxi) { /* match against nx_info */
++ return v6_nx_addr_in_nx_info(nxi, nxa, -1);
++ } else { /* unrestricted any socket */
++ return 1;
++ }
++}
+
+
-+#include <linux/compiler.h>
-+#include <uapi/vserver/cacct_cmd.h>
++/* inet related checks and helpers */
+
-+extern int vc_sock_stat(struct vx_info *, void __user *);
+
-+#endif /* _VSERVER_CACCT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/cacct_def.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct_def.h
---- linux-4.9.207/include/linux/vserver/cacct_def.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct_def.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,43 @@
-+#ifndef _VSERVER_CACCT_DEF_H
-+#define _VSERVER_CACCT_DEF_H
++struct in_ifaddr;
++struct net_device;
++struct sock;
+
-+#include <asm/atomic.h>
-+#include <linux/vserver/cacct.h>
+
++#include <linux/netdevice.h>
++#include <linux/inetdevice.h>
++#include <net/inet_timewait_sock.h>
+
-+struct _vx_sock_acc {
-+ atomic_long_t count;
-+ atomic_long_t total;
-+};
+
-+/* context sub struct */
++int dev_in_nx_info(struct net_device *, struct nx_info *);
++int v6_dev_in_nx_info(struct net_device *, struct nx_info *);
++int nx_v6_addr_conflict(struct nx_info *, struct nx_info *);
+
-+struct _vx_cacct {
-+ struct _vx_sock_acc sock[VXA_SOCK_SIZE][3];
-+ atomic_t slab[8];
-+ atomic_t page[6][8];
-+};
+
-+#ifdef CONFIG_VSERVER_DEBUG
+
-+static inline void __dump_vx_cacct(struct _vx_cacct *cacct)
++static inline
++int v6_ifa_in_nx_info(struct inet6_ifaddr *ifa, struct nx_info *nxi)
+{
-+ int i, j;
++ if (!nxi)
++ return 1;
++ if (!ifa)
++ return 0;
++ return v6_addr_in_nx_info(nxi, &ifa->addr, -1);
++}
+
-+ printk("\t_vx_cacct:");
-+ for (i = 0; i < 6; i++) {
-+ struct _vx_sock_acc *ptr = cacct->sock[i];
++static inline
++int nx_v6_ifa_visible(struct nx_info *nxi, struct inet6_ifaddr *ifa)
++{
++ vxdprintk(VXD_CBIT(net, 1), "nx_v6_ifa_visible(%p[#%u],%p) %d",
++ nxi, nxi ? nxi->nx_id : 0, ifa,
++ nxi ? v6_ifa_in_nx_info(ifa, nxi) : 0);
+
-+ printk("\t [%d] =", i);
-+ for (j = 0; j < 3; j++) {
-+ printk(" [%d] = %8lu, %8lu", j,
-+ atomic_long_read(&ptr[j].count),
-+ atomic_long_read(&ptr[j].total));
-+ }
-+ printk("\n");
-+ }
++ if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
++ return 1;
++ if (v6_ifa_in_nx_info(ifa, nxi))
++ return 1;
++ return 0;
+}
+
-+#endif
+
-+#endif /* _VSERVER_CACCT_DEF_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/cacct.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct.h
---- linux-4.9.207/include/linux/vserver/cacct.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,15 @@
-+#ifndef _VSERVER_CACCT_H
-+#define _VSERVER_CACCT_H
++struct nx_v6_sock_addr {
++ struct in6_addr saddr; /* Address used for validation */
++ struct in6_addr baddr; /* Address used for socket bind */
++};
+
++static inline
++int v6_map_sock_addr(struct inet_sock *inet, struct sockaddr_in6 *addr,
++ struct nx_v6_sock_addr *nsa)
++{
++ // struct sock *sk = &inet->sk;
++ // struct nx_info *nxi = sk->sk_nx_info;
++ struct in6_addr saddr = addr->sin6_addr;
++ struct in6_addr baddr = saddr;
+
-+enum sock_acc_field {
-+ VXA_SOCK_UNSPEC = 0,
-+ VXA_SOCK_UNIX,
-+ VXA_SOCK_INET,
-+ VXA_SOCK_INET6,
-+ VXA_SOCK_PACKET,
-+ VXA_SOCK_OTHER,
-+ VXA_SOCK_SIZE /* array size */
-+};
++ nsa->saddr = saddr;
++ nsa->baddr = baddr;
++ return 0;
++}
+
-+#endif /* _VSERVER_CACCT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/cacct_int.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct_int.h
---- linux-4.9.207/include/linux/vserver/cacct_int.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/cacct_int.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,17 @@
-+#ifndef _VSERVER_CACCT_INT_H
-+#define _VSERVER_CACCT_INT_H
++static inline
++void v6_set_sock_addr(struct inet_sock *inet, struct nx_v6_sock_addr *nsa)
++{
++ // struct sock *sk = &inet->sk;
++ // struct in6_addr *saddr = inet6_rcv_saddr(sk);
++
++ // *saddr = nsa->baddr;
++ // inet->inet_saddr = nsa->baddr;
++}
+
+static inline
-+unsigned long vx_sock_count(struct _vx_cacct *cacct, int type, int pos)
++int nx_info_has_v6(struct nx_info *nxi)
+{
-+ return atomic_long_read(&cacct->sock[type][pos].count);
++ if (!nxi)
++ return 1;
++ if (NX_IPV6(nxi))
++ return 1;
++ return 0;
+}
+
++#else /* CONFIG_IPV6 */
+
+static inline
-+unsigned long vx_sock_total(struct _vx_cacct *cacct, int type, int pos)
++int nx_v6_dev_visible(struct nx_info *n, struct net_device *d)
+{
-+ return atomic_long_read(&cacct->sock[type][pos].total);
++ return 1;
+}
+
-+#endif /* _VSERVER_CACCT_INT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/check.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/check.h
---- linux-4.9.207/include/linux/vserver/check.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/check.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,89 @@
-+#ifndef _VSERVER_CHECK_H
-+#define _VSERVER_CHECK_H
-+
-+
-+#define MAX_S_CONTEXT 65535 /* Arbitrary limit */
-+
-+#ifdef CONFIG_VSERVER_DYNAMIC_IDS
-+#define MIN_D_CONTEXT 49152 /* dynamic contexts start here */
-+#else
-+#define MIN_D_CONTEXT 65536
-+#endif
+
-+/* check conditions */
++static inline
++int nx_v6_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
++{
++ return 1;
++}
+
-+#define VS_ADMIN 0x0001
-+#define VS_WATCH 0x0002
-+#define VS_HIDE 0x0004
-+#define VS_HOSTID 0x0008
++static inline
++int v6_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
++{
++ return 1;
++}
+
-+#define VS_IDENT 0x0010
-+#define VS_EQUIV 0x0020
-+#define VS_PARENT 0x0040
-+#define VS_CHILD 0x0080
++static inline
++int nx_info_has_v6(struct nx_info *nxi)
++{
++ return 0;
++}
+
-+#define VS_ARG_MASK 0x00F0
++static inline
++int v6_addr_in_nx_info(struct nx_info *nxi,
++ const struct in6_addr *addr, uint16_t mask)
++{
++ return 0;
++}
+
-+#define VS_DYNAMIC 0x0100
-+#define VS_STATIC 0x0200
++#endif /* CONFIG_IPV6 */
+
-+#define VS_ATR_MASK 0x0F00
++#define current_nx_info_has_v6() \
++ nx_info_has_v6(current_nx_info())
+
-+#ifdef CONFIG_VSERVER_PRIVACY
-+#define VS_ADMIN_P (0)
-+#define VS_WATCH_P (0)
+#else
-+#define VS_ADMIN_P VS_ADMIN
-+#define VS_WATCH_P VS_WATCH
++#warning duplicate inclusion
+#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_limit.h linux-4.9/include/linux/vs_limit.h
+--- linux-4.9/include/linux/vs_limit.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_limit.h 2021-02-24 15:47:45.101076533 +0100
+@@ -0,0 +1,140 @@
++#ifndef _VS_LIMIT_H
++#define _VS_LIMIT_H
+
-+#define VS_HARDIRQ 0x1000
-+#define VS_SOFTIRQ 0x2000
-+#define VS_IRQ 0x4000
++#include "vserver/limit.h"
++#include "vserver/base.h"
++#include "vserver/context.h"
++#include "vserver/debug.h"
++#include "vserver/context.h"
++#include "vserver/limit_int.h"
+
-+#define VS_IRQ_MASK 0xF000
+
-+#include <linux/hardirq.h>
++#define vx_acc_cres(v, d, p, r) \
++ __vx_acc_cres(v, r, d, p, __FILE__, __LINE__)
+
-+/*
-+ * check current context for ADMIN/WATCH and
-+ * optionally against supplied argument
-+ */
-+static inline int __vs_check(int cid, int id, unsigned int mode)
-+{
-+ if (mode & VS_ARG_MASK) {
-+ if ((mode & VS_IDENT) && (id == cid))
-+ return 1;
-+ }
-+ if (mode & VS_ATR_MASK) {
-+ if ((mode & VS_DYNAMIC) &&
-+ (id >= MIN_D_CONTEXT) &&
-+ (id <= MAX_S_CONTEXT))
-+ return 1;
-+ if ((mode & VS_STATIC) &&
-+ (id > 1) && (id < MIN_D_CONTEXT))
-+ return 1;
-+ }
-+ if (mode & VS_IRQ_MASK) {
-+ if ((mode & VS_IRQ) && unlikely(in_interrupt()))
-+ return 1;
-+ if ((mode & VS_HARDIRQ) && unlikely(in_irq()))
-+ return 1;
-+ if ((mode & VS_SOFTIRQ) && unlikely(in_softirq()))
-+ return 1;
-+ }
-+ return (((mode & VS_ADMIN) && (cid == 0)) ||
-+ ((mode & VS_WATCH) && (cid == 1)) ||
-+ ((mode & VS_HOSTID) && (id == 0)));
-+}
++#define vx_acc_cres_cond(x, d, p, r) \
++ __vx_acc_cres(((x) == vx_current_xid()) ? current_vx_info() : 0, \
++ r, d, p, __FILE__, __LINE__)
+
-+#define vx_check(c, m) __vs_check(vx_current_xid(), c, (m) | VS_IRQ)
+
-+#define vx_weak_check(c, m) ((m) ? vx_check(c, m) : 1)
++#define vx_add_cres(v, a, p, r) \
++ __vx_add_cres(v, r, a, p, __FILE__, __LINE__)
++#define vx_sub_cres(v, a, p, r) vx_add_cres(v, -(a), p, r)
+
++#define vx_add_cres_cond(x, a, p, r) \
++ __vx_add_cres(((x) == vx_current_xid()) ? current_vx_info() : 0, \
++ r, a, p, __FILE__, __LINE__)
++#define vx_sub_cres_cond(x, a, p, r) vx_add_cres_cond(x, -(a), p, r)
+
-+#define nx_check(c, m) __vs_check(nx_current_nid(), c, m)
+
-+#define nx_weak_check(c, m) ((m) ? nx_check(c, m) : 1)
++/* process and file limits */
+
-+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/context_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/context_cmd.h
---- linux-4.9.207/include/linux/vserver/context_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/context_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,33 @@
-+#ifndef _VSERVER_CONTEXT_CMD_H
-+#define _VSERVER_CONTEXT_CMD_H
++#define vx_nproc_inc(p) \
++ vx_acc_cres((p)->vx_info, 1, p, RLIMIT_NPROC)
+
-+#include <uapi/vserver/context_cmd.h>
++#define vx_nproc_dec(p) \
++ vx_acc_cres((p)->vx_info,-1, p, RLIMIT_NPROC)
+
-+extern int vc_task_xid(uint32_t);
++#define vx_files_inc(f) \
++ vx_acc_cres_cond((f)->f_xid, 1, f, RLIMIT_NOFILE)
+
-+extern int vc_vx_info(struct vx_info *, void __user *);
++#define vx_files_dec(f) \
++ vx_acc_cres_cond((f)->f_xid,-1, f, RLIMIT_NOFILE)
+
-+extern int vc_ctx_stat(struct vx_info *, void __user *);
++#define vx_locks_inc(l) \
++ vx_acc_cres_cond((l)->fl_xid, 1, l, RLIMIT_LOCKS)
+
-+extern int vc_ctx_create(uint32_t, void __user *);
-+extern int vc_ctx_migrate(struct vx_info *, void __user *);
++#define vx_locks_dec(l) \
++ vx_acc_cres_cond((l)->fl_xid,-1, l, RLIMIT_LOCKS)
+
-+extern int vc_get_cflags(struct vx_info *, void __user *);
-+extern int vc_set_cflags(struct vx_info *, void __user *);
++#define vx_openfd_inc(f) \
++ vx_acc_cres(current_vx_info(), 1, (void *)(long)(f), VLIMIT_OPENFD)
+
-+extern int vc_get_ccaps(struct vx_info *, void __user *);
-+extern int vc_set_ccaps(struct vx_info *, void __user *);
++#define vx_openfd_dec(f) \
++ vx_acc_cres(current_vx_info(),-1, (void *)(long)(f), VLIMIT_OPENFD)
+
-+extern int vc_get_bcaps(struct vx_info *, void __user *);
-+extern int vc_set_bcaps(struct vx_info *, void __user *);
+
-+extern int vc_get_umask(struct vx_info *, void __user *);
-+extern int vc_set_umask(struct vx_info *, void __user *);
++#define vx_cres_avail(v, n, r) \
++ __vx_cres_avail(v, r, n, __FILE__, __LINE__)
+
-+extern int vc_get_wmask(struct vx_info *, void __user *);
-+extern int vc_set_wmask(struct vx_info *, void __user *);
+
-+extern int vc_get_badness(struct vx_info *, void __user *);
-+extern int vc_set_badness(struct vx_info *, void __user *);
++#define vx_nproc_avail(n) \
++ vx_cres_avail(current_vx_info(), n, RLIMIT_NPROC)
+
-+#endif /* _VSERVER_CONTEXT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/context.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/context.h
---- linux-4.9.207/include/linux/vserver/context.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/context.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,110 @@
-+#ifndef _VSERVER_CONTEXT_H
-+#define _VSERVER_CONTEXT_H
++#define vx_files_avail(n) \
++ vx_cres_avail(current_vx_info(), n, RLIMIT_NOFILE)
+
++#define vx_locks_avail(n) \
++ vx_cres_avail(current_vx_info(), n, RLIMIT_LOCKS)
+
-+#include <linux/list.h>
-+#include <linux/spinlock.h>
-+#include <linux/rcupdate.h>
-+#include <uapi/vserver/context.h>
++#define vx_openfd_avail(n) \
++ vx_cres_avail(current_vx_info(), n, VLIMIT_OPENFD)
+
-+#include "limit_def.h"
-+#include "sched_def.h"
-+#include "cvirt_def.h"
-+#include "cacct_def.h"
-+#include "device_def.h"
+
-+#define VX_SPACES 2
++/* dentry limits */
+
-+struct _vx_info_pc {
-+ struct _vx_sched_pc sched_pc;
-+ struct _vx_cvirt_pc cvirt_pc;
-+};
++#define vx_dentry_inc(d) do { \
++ if (d_count(d) == 1) \
++ vx_acc_cres(current_vx_info(), 1, d, VLIMIT_DENTRY); \
++ } while (0)
+
-+struct _vx_space {
-+ unsigned long vx_nsmask; /* assignment mask */
-+ struct nsproxy *vx_nsproxy; /* private namespaces */
-+ struct fs_struct *vx_fs; /* private namespace fs */
-+ const struct cred *vx_cred; /* task credentials */
-+};
++#define vx_dentry_dec(d) do { \
++ if (d_count(d) == 0) \
++ vx_acc_cres(current_vx_info(),-1, d, VLIMIT_DENTRY); \
++ } while (0)
+
-+struct vx_info {
-+ struct hlist_node vx_hlist; /* linked list of contexts */
-+ vxid_t vx_id; /* context id */
-+ atomic_t vx_usecnt; /* usage count */
-+ atomic_t vx_tasks; /* tasks count */
-+ struct vx_info *vx_parent; /* parent context */
-+ int vx_state; /* context state */
++#define vx_dentry_avail(n) \
++ vx_cres_avail(current_vx_info(), n, VLIMIT_DENTRY)
+
-+ struct _vx_space space[VX_SPACES]; /* namespace store */
+
-+ uint64_t vx_flags; /* context flags */
-+ uint64_t vx_ccaps; /* context caps (vserver) */
-+ uint64_t vx_umask; /* unshare mask (guest) */
-+ uint64_t vx_wmask; /* warn mask (guest) */
-+ kernel_cap_t vx_bcaps; /* bounding caps (system) */
++/* socket limits */
+
-+ struct task_struct *vx_reaper; /* guest reaper process */
-+ pid_t vx_initpid; /* PID of guest init */
-+ int64_t vx_badness_bias; /* OOM points bias */
++#define vx_sock_inc(s) \
++ vx_acc_cres((s)->sk_vx_info, 1, s, VLIMIT_NSOCK)
+
-+ struct _vx_limit limit; /* vserver limits */
-+ struct _vx_sched sched; /* vserver scheduler */
-+ struct _vx_cvirt cvirt; /* virtual/bias stuff */
-+ struct _vx_cacct cacct; /* context accounting */
++#define vx_sock_dec(s) \
++ vx_acc_cres((s)->sk_vx_info,-1, s, VLIMIT_NSOCK)
+
-+ struct _vx_device dmap; /* default device map targets */
++#define vx_sock_avail(n) \
++ vx_cres_avail(current_vx_info(), n, VLIMIT_NSOCK)
+
-+#ifndef CONFIG_SMP
-+ struct _vx_info_pc info_pc; /* per cpu data */
-+#else
-+ struct _vx_info_pc *ptr_pc; /* per cpu array */
-+#endif
+
-+ wait_queue_head_t vx_wait; /* context exit waitqueue */
-+ int reboot_cmd; /* last sys_reboot() cmd */
-+ int exit_code; /* last process exit code */
++/* ipc resource limits */
+
-+ char vx_name[65]; /* vserver name */
-+};
++#define vx_ipcmsg_add(v, u, a) \
++ vx_add_cres(v, a, u, RLIMIT_MSGQUEUE)
+
-+#ifndef CONFIG_SMP
-+#define vx_ptr_pc(vxi) (&(vxi)->info_pc)
-+#define vx_per_cpu(vxi, v, id) vx_ptr_pc(vxi)->v
-+#else
-+#define vx_ptr_pc(vxi) ((vxi)->ptr_pc)
-+#define vx_per_cpu(vxi, v, id) per_cpu_ptr(vx_ptr_pc(vxi), id)->v
-+#endif
++#define vx_ipcmsg_sub(v, u, a) \
++ vx_sub_cres(v, a, u, RLIMIT_MSGQUEUE)
+
-+#define vx_cpu(vxi, v) vx_per_cpu(vxi, v, smp_processor_id())
++#define vx_ipcmsg_avail(v, a) \
++ vx_cres_avail(v, a, RLIMIT_MSGQUEUE)
+
+
-+struct vx_info_save {
-+ struct vx_info *vxi;
-+ vxid_t xid;
-+};
-+
++#define vx_ipcshm_add(v, k, a) \
++ vx_add_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
+
-+/* status flags */
++#define vx_ipcshm_sub(v, k, a) \
++ vx_sub_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
+
-+#define VXS_HASHED 0x0001
-+#define VXS_PAUSED 0x0010
-+#define VXS_SHUTDOWN 0x0100
-+#define VXS_HELPER 0x1000
-+#define VXS_RELEASED 0x8000
++#define vx_ipcshm_avail(v, a) \
++ vx_cres_avail(v, a, VLIMIT_SHMEM)
+
+
-+extern void claim_vx_info(struct vx_info *, struct task_struct *);
-+extern void release_vx_info(struct vx_info *, struct task_struct *);
++#define vx_semary_inc(a) \
++ vx_acc_cres(current_vx_info(), 1, a, VLIMIT_SEMARY)
+
-+extern struct vx_info *lookup_vx_info(int);
-+extern struct vx_info *lookup_or_create_vx_info(int);
++#define vx_semary_dec(a) \
++ vx_acc_cres(current_vx_info(), -1, a, VLIMIT_SEMARY)
+
-+extern int get_xid_list(int, unsigned int *, int);
-+extern int xid_is_hashed(vxid_t);
+
-+extern int vx_migrate_task(struct task_struct *, struct vx_info *, int);
++#define vx_nsems_add(a,n) \
++ vx_add_cres(current_vx_info(), n, a, VLIMIT_NSEMS)
+
-+extern long vs_state_change(struct vx_info *, unsigned int);
++#define vx_nsems_sub(a,n) \
++ vx_sub_cres(current_vx_info(), n, a, VLIMIT_NSEMS)
+
+
-+#endif /* _VSERVER_CONTEXT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/cvirt_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/cvirt_cmd.h
---- linux-4.9.207/include/linux/vserver/cvirt_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/cvirt_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,13 @@
-+#ifndef _VSERVER_CVIRT_CMD_H
-+#define _VSERVER_CVIRT_CMD_H
++#else
++#warning duplicate inclusion
++#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_network.h linux-4.9/include/linux/vs_network.h
+--- linux-4.9/include/linux/vs_network.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_network.h 2021-02-24 15:47:45.101076533 +0100
+@@ -0,0 +1,169 @@
++#ifndef _NX_VS_NETWORK_H
++#define _NX_VS_NETWORK_H
+
++#include "vserver/context.h"
++#include "vserver/network.h"
++#include "vserver/base.h"
++#include "vserver/check.h"
++#include "vserver/debug.h"
+
-+#include <linux/compiler.h>
-+#include <uapi/vserver/cvirt_cmd.h>
++#include <linux/sched.h>
+
-+extern int vc_set_vhi_name(struct vx_info *, void __user *);
-+extern int vc_get_vhi_name(struct vx_info *, void __user *);
+
-+extern int vc_virt_stat(struct vx_info *, void __user *);
++#define get_nx_info(i) __get_nx_info(i, __FILE__, __LINE__)
+
-+#endif /* _VSERVER_CVIRT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/cvirt_def.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/cvirt_def.h
---- linux-4.9.207/include/linux/vserver/cvirt_def.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/cvirt_def.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,80 @@
-+#ifndef _VSERVER_CVIRT_DEF_H
-+#define _VSERVER_CVIRT_DEF_H
++static inline struct nx_info *__get_nx_info(struct nx_info *nxi,
++ const char *_file, int _line)
++{
++ if (!nxi)
++ return NULL;
+
-+#include <linux/jiffies.h>
-+#include <linux/spinlock.h>
-+#include <linux/wait.h>
-+#include <linux/time.h>
-+#include <asm/atomic.h>
++ vxlprintk(VXD_CBIT(nid, 2), "get_nx_info(%p[#%d.%d])",
++ nxi, nxi ? nxi->nx_id : 0,
++ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
++ _file, _line);
+
++ atomic_inc(&nxi->nx_usecnt);
++ return nxi;
++}
+
-+struct _vx_usage_stat {
-+ uint64_t user;
-+ uint64_t nice;
-+ uint64_t system;
-+ uint64_t softirq;
-+ uint64_t irq;
-+ uint64_t idle;
-+ uint64_t iowait;
-+};
+
-+struct _vx_syslog {
-+ wait_queue_head_t log_wait;
-+ spinlock_t logbuf_lock; /* lock for the log buffer */
++extern void free_nx_info(struct nx_info *);
+
-+ unsigned long log_start; /* next char to be read by syslog() */
-+ unsigned long con_start; /* next char to be sent to consoles */
-+ unsigned long log_end; /* most-recently-written-char + 1 */
-+ unsigned long logged_chars; /* #chars since last read+clear operation */
++#define put_nx_info(i) __put_nx_info(i, __FILE__, __LINE__)
+
-+ char log_buf[1024];
-+};
++static inline void __put_nx_info(struct nx_info *nxi, const char *_file, int _line)
++{
++ if (!nxi)
++ return;
+
++ vxlprintk(VXD_CBIT(nid, 2), "put_nx_info(%p[#%d.%d])",
++ nxi, nxi ? nxi->nx_id : 0,
++ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
++ _file, _line);
+
-+/* context sub struct */
++ if (atomic_dec_and_test(&nxi->nx_usecnt))
++ free_nx_info(nxi);
++}
+
-+struct _vx_cvirt {
-+ atomic_t nr_threads; /* number of current threads */
-+ atomic_t nr_running; /* number of running threads */
-+ atomic_t nr_uninterruptible; /* number of uninterruptible threads */
+
-+ atomic_t nr_onhold; /* processes on hold */
-+ uint32_t onhold_last; /* jiffies when put on hold */
++#define init_nx_info(p, i) __init_nx_info(p, i, __FILE__, __LINE__)
+
-+ struct timespec64 bias_ts; /* time offset to the host */
-+ struct timespec64 bias_idle;
-+ struct timespec64 bias_uptime; /* context creation point */
-+ uint64_t bias_clock; /* offset in clock_t */
++static inline void __init_nx_info(struct nx_info **nxp, struct nx_info *nxi,
++ const char *_file, int _line)
++{
++ if (nxi) {
++ vxlprintk(VXD_CBIT(nid, 3),
++ "init_nx_info(%p[#%d.%d])",
++ nxi, nxi ? nxi->nx_id : 0,
++ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
++ _file, _line);
+
-+ spinlock_t load_lock; /* lock for the load averages */
-+ atomic_t load_updates; /* nr of load updates done so far */
-+ uint32_t load_last; /* last time load was calculated */
-+ uint32_t load[3]; /* load averages 1,5,15 */
++ atomic_inc(&nxi->nx_usecnt);
++ }
++ *nxp = nxi;
++}
+
-+ atomic_t total_forks; /* number of forks so far */
+
-+ struct _vx_syslog syslog;
-+};
++#define set_nx_info(p, i) __set_nx_info(p, i, __FILE__, __LINE__)
+
-+struct _vx_cvirt_pc {
-+ struct _vx_usage_stat cpustat;
-+};
++static inline void __set_nx_info(struct nx_info **nxp, struct nx_info *nxi,
++ const char *_file, int _line)
++{
++ struct nx_info *nxo;
+
++ if (!nxi)
++ return;
+
-+#ifdef CONFIG_VSERVER_DEBUG
++ vxlprintk(VXD_CBIT(nid, 3), "set_nx_info(%p[#%d.%d])",
++ nxi, nxi ? nxi->nx_id : 0,
++ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
++ _file, _line);
+
-+static inline void __dump_vx_cvirt(struct _vx_cvirt *cvirt)
-+{
-+ printk("\t_vx_cvirt:\n");
-+ printk("\t threads: %4d, %4d, %4d, %4d\n",
-+ atomic_read(&cvirt->nr_threads),
-+ atomic_read(&cvirt->nr_running),
-+ atomic_read(&cvirt->nr_uninterruptible),
-+ atomic_read(&cvirt->nr_onhold));
-+ /* add rest here */
-+ printk("\t total_forks = %d\n", atomic_read(&cvirt->total_forks));
++ atomic_inc(&nxi->nx_usecnt);
++ nxo = xchg(nxp, nxi);
++ BUG_ON(nxo);
+}
+
-+#endif
-+
-+#endif /* _VSERVER_CVIRT_DEF_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/cvirt.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/cvirt.h
---- linux-4.9.207/include/linux/vserver/cvirt.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/cvirt.h 2019-10-13 16:04:08.203030205 +0000
-@@ -0,0 +1,11 @@
-+#ifndef _VSERVER_CVIRT_H
-+#define _VSERVER_CVIRT_H
++#define clr_nx_info(p) __clr_nx_info(p, __FILE__, __LINE__)
+
-+struct vx_info;
++static inline void __clr_nx_info(struct nx_info **nxp,
++ const char *_file, int _line)
++{
++ struct nx_info *nxo;
+
-+void vx_update_load(struct vx_info *);
++ nxo = xchg(nxp, NULL);
++ if (!nxo)
++ return;
+
++ vxlprintk(VXD_CBIT(nid, 3), "clr_nx_info(%p[#%d.%d])",
++ nxo, nxo ? nxo->nx_id : 0,
++ nxo ? atomic_read(&nxo->nx_usecnt) : 0,
++ _file, _line);
+
-+int vx_do_syslog(int, char __user *, int);
++ if (atomic_dec_and_test(&nxo->nx_usecnt))
++ free_nx_info(nxo);
++}
+
-+#endif /* _VSERVER_CVIRT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/debug_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/debug_cmd.h
---- linux-4.9.207/include/linux/vserver/debug_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/debug_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,37 @@
-+#ifndef _VSERVER_DEBUG_CMD_H
-+#define _VSERVER_DEBUG_CMD_H
+
-+#include <uapi/vserver/debug_cmd.h>
++#define claim_nx_info(v, p) __claim_nx_info(v, p, __FILE__, __LINE__)
+
++static inline void __claim_nx_info(struct nx_info *nxi,
++ struct task_struct *task, const char *_file, int _line)
++{
++ vxlprintk(VXD_CBIT(nid, 3), "claim_nx_info(%p[#%d.%d.%d]) %p",
++ nxi, nxi ? nxi->nx_id : 0,
++ nxi?atomic_read(&nxi->nx_usecnt):0,
++ nxi?atomic_read(&nxi->nx_tasks):0,
++ task, _file, _line);
+
-+#ifdef CONFIG_COMPAT
++ atomic_inc(&nxi->nx_tasks);
++}
+
-+#include <asm/compat.h>
+
-+struct vcmd_read_history_v0_x32 {
-+ uint32_t index;
-+ uint32_t count;
-+ compat_uptr_t data_ptr;
-+};
++extern void unhash_nx_info(struct nx_info *);
+
-+struct vcmd_read_monitor_v0_x32 {
-+ uint32_t index;
-+ uint32_t count;
-+ compat_uptr_t data_ptr;
-+};
++#define release_nx_info(v, p) __release_nx_info(v, p, __FILE__, __LINE__)
+
-+#endif /* CONFIG_COMPAT */
++static inline void __release_nx_info(struct nx_info *nxi,
++ struct task_struct *task, const char *_file, int _line)
++{
++ vxlprintk(VXD_CBIT(nid, 3), "release_nx_info(%p[#%d.%d.%d]) %p",
++ nxi, nxi ? nxi->nx_id : 0,
++ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
++ nxi ? atomic_read(&nxi->nx_tasks) : 0,
++ task, _file, _line);
+
-+extern int vc_dump_history(uint32_t);
++ might_sleep();
+
-+extern int vc_read_history(uint32_t, void __user *);
-+extern int vc_read_monitor(uint32_t, void __user *);
++ if (atomic_dec_and_test(&nxi->nx_tasks))
++ unhash_nx_info(nxi);
++}
+
-+#ifdef CONFIG_COMPAT
+
-+extern int vc_read_history_x32(uint32_t, void __user *);
-+extern int vc_read_monitor_x32(uint32_t, void __user *);
++#define task_get_nx_info(i) __task_get_nx_info(i, __FILE__, __LINE__)
+
-+#endif /* CONFIG_COMPAT */
++static __inline__ struct nx_info *__task_get_nx_info(struct task_struct *p,
++ const char *_file, int _line)
++{
++ struct nx_info *nxi;
+
-+#endif /* _VSERVER_DEBUG_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/debug.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/debug.h
---- linux-4.9.207/include/linux/vserver/debug.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/debug.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,146 @@
-+#ifndef _VSERVER_DEBUG_H
-+#define _VSERVER_DEBUG_H
++ task_lock(p);
++ vxlprintk(VXD_CBIT(nid, 5), "task_get_nx_info(%p)",
++ p, _file, _line);
++ nxi = __get_nx_info(p->nx_info, _file, _line);
++ task_unlock(p);
++ return nxi;
++}
+
+
-+#define VXD_CBIT(n, m) (vs_debug_ ## n & (1 << (m)))
-+#define VXD_CMIN(n, m) (vs_debug_ ## n > (m))
-+#define VXD_MASK(n, m) (vs_debug_ ## n & (m))
++static inline void exit_nx_info(struct task_struct *p)
++{
++ if (p->nx_info)
++ release_nx_info(p->nx_info, p);
++}
+
-+#define VXD_DEV(d) (d), (d)->bd_inode->i_ino, \
-+ imajor((d)->bd_inode), iminor((d)->bd_inode)
-+#define VXF_DEV "%p[%lu,%d:%d]"
+
-+#if defined(CONFIG_QUOTES_UTF8)
-+#define VS_Q_LQM "\xc2\xbb"
-+#define VS_Q_RQM "\xc2\xab"
-+#elif defined(CONFIG_QUOTES_ASCII)
-+#define VS_Q_LQM "\x27"
-+#define VS_Q_RQM "\x27"
+#else
-+#define VS_Q_LQM "\xbb"
-+#define VS_Q_RQM "\xab"
++#warning duplicate inclusion
+#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_pid.h linux-4.9/include/linux/vs_pid.h
+--- linux-4.9/include/linux/vs_pid.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_pid.h 2021-02-24 15:47:45.101076533 +0100
+@@ -0,0 +1,50 @@
++#ifndef _VS_PID_H
++#define _VS_PID_H
+
-+#define VS_Q(f) VS_Q_LQM f VS_Q_RQM
++#include "vserver/base.h"
++#include "vserver/check.h"
++#include "vserver/context.h"
++#include "vserver/debug.h"
++#include "vserver/pid.h"
++#include <linux/pid_namespace.h>
+
+
-+#define vxd_path(p) \
-+ ({ static char _buffer[PATH_MAX]; \
-+ d_path(p, _buffer, sizeof(_buffer)); })
++#define VXF_FAKE_INIT (VXF_INFO_INIT | VXF_STATE_INIT)
+
-+#define vxd_cond_path(n) \
-+ ((n) ? vxd_path(&(n)->path) : "<null>" )
++static inline
++int vx_proc_task_visible(struct task_struct *task)
++{
++ if ((task->pid == 1) &&
++ !vx_flags(VXF_FAKE_INIT, VXF_FAKE_INIT))
++ /* show a blend through init */
++ goto visible;
++ if (vx_check(vx_task_xid(task), VS_WATCH | VS_IDENT))
++ goto visible;
++ return 0;
++visible:
++ return 1;
++}
+
++#define find_task_by_real_pid(pid) find_task_by_pid_ns(pid, &init_pid_ns)
+
-+#ifdef CONFIG_VSERVER_DEBUG
+
-+extern unsigned int vs_debug_switch;
-+extern unsigned int vs_debug_xid;
-+extern unsigned int vs_debug_nid;
-+extern unsigned int vs_debug_tag;
-+extern unsigned int vs_debug_net;
-+extern unsigned int vs_debug_limit;
-+extern unsigned int vs_debug_cres;
-+extern unsigned int vs_debug_dlim;
-+extern unsigned int vs_debug_quota;
-+extern unsigned int vs_debug_cvirt;
-+extern unsigned int vs_debug_space;
-+extern unsigned int vs_debug_perm;
-+extern unsigned int vs_debug_misc;
++static inline
++struct task_struct *vx_get_proc_task(struct inode *inode, struct pid *pid)
++{
++ struct task_struct *task = get_pid_task(pid, PIDTYPE_PID);
+
++ if (task && !vx_proc_task_visible(task)) {
++ vxdprintk(VXD_CBIT(misc, 6),
++ "dropping task (get) %p[#%u,%u] for %p[#%u,%u]",
++ task, task->xid, task->pid,
++ current, current->xid, current->pid);
++ put_task_struct(task);
++ task = NULL;
++ }
++ return task;
++}
+
-+#define VX_LOGLEVEL "vxD: "
-+#define VX_PROC_FMT "%p: "
-+#define VX_PROCESS current
+
-+#define vxdprintk(c, f, x...) \
-+ do { \
-+ if (c) \
-+ printk(VX_LOGLEVEL VX_PROC_FMT f "\n", \
-+ VX_PROCESS , ##x); \
-+ } while (0)
++#else
++#warning duplicate inclusion
++#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_sched.h linux-4.9/include/linux/vs_sched.h
+--- linux-4.9/include/linux/vs_sched.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_sched.h 2021-02-24 15:47:45.101076533 +0100
+@@ -0,0 +1,40 @@
++#ifndef _VS_SCHED_H
++#define _VS_SCHED_H
+
-+#define vxlprintk(c, f, x...) \
-+ do { \
-+ if (c) \
-+ printk(VX_LOGLEVEL f " @%s:%d\n", x); \
-+ } while (0)
++#include "vserver/base.h"
++#include "vserver/context.h"
++#include "vserver/sched.h"
+
-+#define vxfprintk(c, f, x...) \
-+ do { \
-+ if (c) \
-+ printk(VX_LOGLEVEL f " %s@%s:%d\n", x); \
-+ } while (0)
+
++#define MAX_PRIO_BIAS 20
++#define MIN_PRIO_BIAS -20
+
-+struct vx_info;
++static inline
++int vx_adjust_prio(struct task_struct *p, int prio, int max_user)
++{
++ struct vx_info *vxi = p->vx_info;
+
-+void dump_vx_info(struct vx_info *, int);
-+void dump_vx_info_inactive(int);
++ if (vxi)
++ prio += vx_cpu(vxi, sched_pc).prio_bias;
++ return prio;
++}
+
-+#else /* CONFIG_VSERVER_DEBUG */
++static inline void vx_account_user(struct vx_info *vxi,
++ cputime_t cputime, int nice)
++{
++ if (!vxi)
++ return;
++ vx_cpu(vxi, sched_pc).user_ticks += cputime;
++}
+
-+#define vs_debug_switch 0
-+#define vs_debug_xid 0
-+#define vs_debug_nid 0
-+#define vs_debug_tag 0
-+#define vs_debug_net 0
-+#define vs_debug_limit 0
-+#define vs_debug_cres 0
-+#define vs_debug_dlim 0
-+#define vs_debug_quota 0
-+#define vs_debug_cvirt 0
-+#define vs_debug_space 0
-+#define vs_debug_perm 0
-+#define vs_debug_misc 0
++static inline void vx_account_system(struct vx_info *vxi,
++ cputime_t cputime, int idle)
++{
++ if (!vxi)
++ return;
++ vx_cpu(vxi, sched_pc).sys_ticks += cputime;
++}
+
-+#define vxdprintk(x...) do { } while (0)
-+#define vxlprintk(x...) do { } while (0)
-+#define vxfprintk(x...) do { } while (0)
++#else
++#warning duplicate inclusion
++#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_socket.h linux-4.9/include/linux/vs_socket.h
+--- linux-4.9/include/linux/vs_socket.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_socket.h 2021-02-24 15:47:45.101076533 +0100
+@@ -0,0 +1,67 @@
++#ifndef _VS_SOCKET_H
++#define _VS_SOCKET_H
+
-+#endif /* CONFIG_VSERVER_DEBUG */
++#include "vserver/debug.h"
++#include "vserver/base.h"
++#include "vserver/cacct.h"
++#include "vserver/context.h"
++#include "vserver/tag.h"
+
+
-+#ifdef CONFIG_VSERVER_WARN
++/* socket accounting */
+
-+#define VX_WARNLEVEL KERN_WARNING "vxW: "
-+#define VX_WARN_TASK "[" VS_Q("%s") ",%u:#%u|%u|%u] "
-+#define VX_WARN_XID "[xid #%u] "
-+#define VX_WARN_NID "[nid #%u] "
-+#define VX_WARN_TAG "[tag #%u] "
++#include <linux/socket.h>
+
-+#define vxwprintk(c, f, x...) \
-+ do { \
-+ if (c) \
-+ printk(VX_WARNLEVEL f "\n", ##x); \
-+ } while (0)
++static inline int vx_sock_type(int family)
++{
++ switch (family) {
++ case PF_UNSPEC:
++ return VXA_SOCK_UNSPEC;
++ case PF_UNIX:
++ return VXA_SOCK_UNIX;
++ case PF_INET:
++ return VXA_SOCK_INET;
++ case PF_INET6:
++ return VXA_SOCK_INET6;
++ case PF_PACKET:
++ return VXA_SOCK_PACKET;
++ default:
++ return VXA_SOCK_OTHER;
++ }
++}
+
-+#else /* CONFIG_VSERVER_WARN */
++#define vx_acc_sock(v, f, p, s) \
++ __vx_acc_sock(v, f, p, s, __FILE__, __LINE__)
+
-+#define vxwprintk(x...) do { } while (0)
++static inline void __vx_acc_sock(struct vx_info *vxi,
++ int family, int pos, int size, char *file, int line)
++{
++ if (vxi) {
++ int type = vx_sock_type(family);
+
-+#endif /* CONFIG_VSERVER_WARN */
++ atomic_long_inc(&vxi->cacct.sock[type][pos].count);
++ atomic_long_add(size, &vxi->cacct.sock[type][pos].total);
++ }
++}
+
-+#define vxwprintk_task(c, f, x...) \
-+ vxwprintk(c, VX_WARN_TASK f, \
-+ current->comm, current->pid, \
-+ current->xid, current->nid, \
-+ current->tag, ##x)
-+#define vxwprintk_xid(c, f, x...) \
-+ vxwprintk(c, VX_WARN_XID f, current->xid, x)
-+#define vxwprintk_nid(c, f, x...) \
-+ vxwprintk(c, VX_WARN_NID f, current->nid, x)
-+#define vxwprintk_tag(c, f, x...) \
-+ vxwprintk(c, VX_WARN_TAG f, current->tag, x)
++#define vx_sock_recv(sk, s) \
++ vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 0, s)
++#define vx_sock_send(sk, s) \
++ vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 1, s)
++#define vx_sock_fail(sk, s) \
++ vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 2, s)
++
++
++#define sock_vx_init(s) do { \
++ (s)->sk_xid = 0; \
++ (s)->sk_vx_info = NULL; \
++ } while (0)
++
++#define sock_nx_init(s) do { \
++ (s)->sk_nid = 0; \
++ (s)->sk_nx_info = NULL; \
++ } while (0)
+
-+#ifdef CONFIG_VSERVER_DEBUG
-+#define vxd_assert_lock(l) assert_spin_locked(l)
-+#define vxd_assert(c, f, x...) vxlprintk(!(c), \
-+ "assertion [" f "] failed.", ##x, __FILE__, __LINE__)
+#else
-+#define vxd_assert_lock(l) do { } while (0)
-+#define vxd_assert(c, f, x...) do { } while (0)
++#warning duplicate inclusion
+#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_tag.h linux-4.9/include/linux/vs_tag.h
+--- linux-4.9/include/linux/vs_tag.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_tag.h 2021-02-24 15:47:45.101076533 +0100
+@@ -0,0 +1,47 @@
++#ifndef _VS_TAG_H
++#define _VS_TAG_H
+
++#include <linux/vserver/tag.h>
+
-+#endif /* _VSERVER_DEBUG_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/device_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/device_cmd.h
---- linux-4.9.207/include/linux/vserver/device_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/device_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,31 @@
-+#ifndef _VSERVER_DEVICE_CMD_H
-+#define _VSERVER_DEVICE_CMD_H
++/* check conditions */
+
-+#include <uapi/vserver/device_cmd.h>
++#define DX_ADMIN 0x0001
++#define DX_WATCH 0x0002
++#define DX_HOSTID 0x0008
+
++#define DX_IDENT 0x0010
+
-+#ifdef CONFIG_COMPAT
++#define DX_ARG_MASK 0x0010
+
-+#include <asm/compat.h>
+
-+struct vcmd_set_mapping_v0_x32 {
-+ compat_uptr_t device_ptr;
-+ compat_uptr_t target_ptr;
-+ uint32_t flags;
-+};
++#define dx_task_tag(t) ((t)->tag)
+
-+#endif /* CONFIG_COMPAT */
++#define dx_current_tag() dx_task_tag(current)
+
-+#include <linux/compiler.h>
++#define dx_check(c, m) __dx_check(dx_current_tag(), c, m)
+
-+extern int vc_set_mapping(struct vx_info *, void __user *);
-+extern int vc_unset_mapping(struct vx_info *, void __user *);
++#define dx_weak_check(c, m) ((m) ? dx_check(c, m) : 1)
+
-+#ifdef CONFIG_COMPAT
+
-+extern int vc_set_mapping_x32(struct vx_info *, void __user *);
-+extern int vc_unset_mapping_x32(struct vx_info *, void __user *);
++/*
++ * check current context for ADMIN/WATCH and
++ * optionally against supplied argument
++ */
++static inline int __dx_check(vtag_t cid, vtag_t id, unsigned int mode)
++{
++ if (mode & DX_ARG_MASK) {
++ if ((mode & DX_IDENT) && (id == cid))
++ return 1;
++ }
++ return (((mode & DX_ADMIN) && (cid == 0)) ||
++ ((mode & DX_WATCH) && (cid == 1)) ||
++ ((mode & DX_HOSTID) && (id == 0)));
++}
+
-+#endif /* CONFIG_COMPAT */
++struct inode;
++int dx_permission(const struct inode *inode, int mask);
+
-+#endif /* _VSERVER_DEVICE_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/device_def.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/device_def.h
---- linux-4.9.207/include/linux/vserver/device_def.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/device_def.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,17 @@
-+#ifndef _VSERVER_DEVICE_DEF_H
-+#define _VSERVER_DEVICE_DEF_H
+
-+#include <linux/types.h>
++#else
++#warning duplicate inclusion
++#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vs_time.h linux-4.9/include/linux/vs_time.h
+--- linux-4.9/include/linux/vs_time.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vs_time.h 2021-02-24 15:47:45.101076533 +0100
+@@ -0,0 +1,21 @@
++#ifndef _VS_TIME_H
++#define _VS_TIME_H
+
-+struct vx_dmap_target {
-+ dev_t target;
-+ uint32_t flags;
-+};
+
-+struct _vx_device {
-+#ifdef CONFIG_VSERVER_DEVICE
-+ struct vx_dmap_target targets[2];
-+#endif
-+};
++/* time faking stuff */
+
-+#endif /* _VSERVER_DEVICE_DEF_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/device.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/device.h
---- linux-4.9.207/include/linux/vserver/device.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/device.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,9 @@
-+#ifndef _VSERVER_DEVICE_H
-+#define _VSERVER_DEVICE_H
++#ifdef CONFIG_VSERVER_VTIME
+
++extern void vx_adjust_timespec(struct timespec *ts);
++extern int vx_settimeofday(const struct timespec *ts);
++extern int vx_settimeofday64(const struct timespec64 *ts);
+
-+#include <uapi/vserver/device.h>
++#else
++#define vx_adjust_timespec(t) do { } while (0)
++#define vx_settimeofday(t) do_settimeofday(t)
++#define vx_settimeofday64(t) do_settimeofday64(t)
++#endif
+
-+#else /* _VSERVER_DEVICE_H */
++#else
+#warning duplicate inclusion
-+#endif /* _VSERVER_DEVICE_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/dlimit_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/dlimit_cmd.h
---- linux-4.9.207/include/linux/vserver/dlimit_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/dlimit_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,46 @@
-+#ifndef _VSERVER_DLIMIT_CMD_H
-+#define _VSERVER_DLIMIT_CMD_H
-+
-+#include <uapi/vserver/dlimit_cmd.h>
++#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/base.h linux-4.9/include/linux/vserver/base.h
+--- linux-4.9/include/linux/vserver/base.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/base.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,184 @@
++#ifndef _VSERVER_BASE_H
++#define _VSERVER_BASE_H
+
+
-+#ifdef CONFIG_COMPAT
++/* context state changes */
+
-+#include <asm/compat.h>
++enum {
++ VSC_STARTUP = 1,
++ VSC_SHUTDOWN,
+
-+struct vcmd_ctx_dlimit_base_v0_x32 {
-+ compat_uptr_t name_ptr;
-+ uint32_t flags;
++ VSC_NETUP,
++ VSC_NETDOWN,
+};
+
-+struct vcmd_ctx_dlimit_v0_x32 {
-+ compat_uptr_t name_ptr;
-+ uint32_t space_used; /* used space in kbytes */
-+ uint32_t space_total; /* maximum space in kbytes */
-+ uint32_t inodes_used; /* used inodes */
-+ uint32_t inodes_total; /* maximum inodes */
-+ uint32_t reserved; /* reserved for root in % */
-+ uint32_t flags;
-+};
+
-+#endif /* CONFIG_COMPAT */
+
-+#include <linux/compiler.h>
++#define vx_task_xid(t) ((t)->xid)
+
-+extern int vc_add_dlimit(uint32_t, void __user *);
-+extern int vc_rem_dlimit(uint32_t, void __user *);
++#define vx_current_xid() vx_task_xid(current)
+
-+extern int vc_set_dlimit(uint32_t, void __user *);
-+extern int vc_get_dlimit(uint32_t, void __user *);
++#define current_vx_info() (current->vx_info)
+
-+#ifdef CONFIG_COMPAT
+
-+extern int vc_add_dlimit_x32(uint32_t, void __user *);
-+extern int vc_rem_dlimit_x32(uint32_t, void __user *);
++#define nx_task_nid(t) ((t)->nid)
+
-+extern int vc_set_dlimit_x32(uint32_t, void __user *);
-+extern int vc_get_dlimit_x32(uint32_t, void __user *);
++#define nx_current_nid() nx_task_nid(current)
+
-+#endif /* CONFIG_COMPAT */
++#define current_nx_info() (current->nx_info)
+
-+#endif /* _VSERVER_DLIMIT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/dlimit.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/dlimit.h
---- linux-4.9.207/include/linux/vserver/dlimit.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/dlimit.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,54 @@
-+#ifndef _VSERVER_DLIMIT_H
-+#define _VSERVER_DLIMIT_H
+
-+#include "switch.h"
++/* generic flag merging */
+
++#define vs_check_flags(v, m, f) (((v) & (m)) ^ (f))
+
-+#ifdef __KERNEL__
++#define vs_mask_flags(v, f, m) (((v) & ~(m)) | ((f) & (m)))
+
-+/* keep in sync with CDLIM_INFINITY */
++#define vs_mask_mask(v, f, m) (((v) & ~(m)) | ((v) & (f) & (m)))
+
-+#define DLIM_INFINITY (~0ULL)
++#define vs_check_bit(v, n) ((v) & (1LL << (n)))
+
-+#include <linux/spinlock.h>
-+#include <linux/rcupdate.h>
+
-+struct super_block;
++/* context flags */
+
-+struct dl_info {
-+ struct hlist_node dl_hlist; /* linked list of contexts */
-+ struct rcu_head dl_rcu; /* the rcu head */
-+ vtag_t dl_tag; /* context tag */
-+ atomic_t dl_usecnt; /* usage count */
-+ atomic_t dl_refcnt; /* reference count */
++#define __vx_flags(v) ((v) ? (v)->vx_flags : 0)
+
-+ struct super_block *dl_sb; /* associated superblock */
++#define vx_current_flags() __vx_flags(current_vx_info())
+
-+ spinlock_t dl_lock; /* protect the values */
++#define vx_info_flags(v, m, f) \
++ vs_check_flags(__vx_flags(v), m, f)
+
-+ unsigned long long dl_space_used; /* used space in bytes */
-+ unsigned long long dl_space_total; /* maximum space in bytes */
-+ unsigned long dl_inodes_used; /* used inodes */
-+ unsigned long dl_inodes_total; /* maximum inodes */
++#define task_vx_flags(t, m, f) \
++ ((t) && vx_info_flags((t)->vx_info, m, f))
+
-+ unsigned int dl_nrlmult; /* non root limit mult */
-+};
++#define vx_flags(m, f) vx_info_flags(current_vx_info(), m, f)
+
-+struct rcu_head;
+
-+extern void rcu_free_dl_info(struct rcu_head *);
-+extern void unhash_dl_info(struct dl_info *);
++/* context caps */
+
-+extern struct dl_info *locate_dl_info(struct super_block *, vtag_t);
++#define __vx_ccaps(v) ((v) ? (v)->vx_ccaps : 0)
+
++#define vx_current_ccaps() __vx_ccaps(current_vx_info())
+
-+struct kstatfs;
++#define vx_info_ccaps(v, c) (__vx_ccaps(v) & (c))
+
-+extern void vx_vsi_statfs(struct super_block *, struct kstatfs *);
++#define vx_ccaps(c) vx_info_ccaps(current_vx_info(), (c))
+
-+typedef uint64_t dlsize_t;
+
-+#endif /* __KERNEL__ */
-+#else /* _VSERVER_DLIMIT_H */
-+#warning duplicate inclusion
-+#endif /* _VSERVER_DLIMIT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/global.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/global.h
---- linux-4.9.207/include/linux/vserver/global.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/global.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,20 @@
-+#ifndef _VSERVER_GLOBAL_H
-+#define _VSERVER_GLOBAL_H
+
++/* network flags */
+
-+extern atomic_t vx_global_ctotal;
-+extern atomic_t vx_global_cactive;
++#define __nx_flags(n) ((n) ? (n)->nx_flags : 0)
+
-+extern atomic_t nx_global_ctotal;
-+extern atomic_t nx_global_cactive;
++#define nx_current_flags() __nx_flags(current_nx_info())
+
-+extern atomic_t vs_global_nsproxy;
-+extern atomic_t vs_global_fs;
-+extern atomic_t vs_global_mnt_ns;
-+extern atomic_t vs_global_uts_ns;
-+extern atomic_t vs_global_ipc_ns;
-+extern atomic_t vs_global_user_ns;
-+extern atomic_t vs_global_pid_ns;
++#define nx_info_flags(n, m, f) \
++ vs_check_flags(__nx_flags(n), m, f)
+
++#define task_nx_flags(t, m, f) \
++ ((t) && nx_info_flags((t)->nx_info, m, f))
+
-+#endif /* _VSERVER_GLOBAL_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/history.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/history.h
---- linux-4.9.207/include/linux/vserver/history.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/history.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,197 @@
-+#ifndef _VSERVER_HISTORY_H
-+#define _VSERVER_HISTORY_H
++#define nx_flags(m, f) nx_info_flags(current_nx_info(), m, f)
+
+
-+enum {
-+ VXH_UNUSED = 0,
-+ VXH_THROW_OOPS = 1,
++/* network caps */
+
-+ VXH_GET_VX_INFO,
-+ VXH_PUT_VX_INFO,
-+ VXH_INIT_VX_INFO,
-+ VXH_SET_VX_INFO,
-+ VXH_CLR_VX_INFO,
-+ VXH_CLAIM_VX_INFO,
-+ VXH_RELEASE_VX_INFO,
-+ VXH_ALLOC_VX_INFO,
-+ VXH_DEALLOC_VX_INFO,
-+ VXH_HASH_VX_INFO,
-+ VXH_UNHASH_VX_INFO,
-+ VXH_LOC_VX_INFO,
-+ VXH_LOOKUP_VX_INFO,
-+ VXH_CREATE_VX_INFO,
-+};
++#define __nx_ncaps(n) ((n) ? (n)->nx_ncaps : 0)
+
-+struct _vxhe_vxi {
-+ struct vx_info *ptr;
-+ unsigned xid;
-+ unsigned usecnt;
-+ unsigned tasks;
-+};
++#define nx_current_ncaps() __nx_ncaps(current_nx_info())
+
-+struct _vxhe_set_clr {
-+ void *data;
-+};
++#define nx_info_ncaps(n, c) (__nx_ncaps(n) & (c))
+
-+struct _vxhe_loc_lookup {
-+ unsigned arg;
-+};
++#define nx_ncaps(c) nx_info_ncaps(current_nx_info(), c)
+
-+struct _vx_hist_entry {
-+ void *loc;
-+ unsigned short seq;
-+ unsigned short type;
-+ struct _vxhe_vxi vxi;
-+ union {
-+ struct _vxhe_set_clr sc;
-+ struct _vxhe_loc_lookup ll;
-+ };
-+};
+
-+#ifdef CONFIG_VSERVER_HISTORY
++/* context mask capabilities */
+
-+extern unsigned volatile int vxh_active;
++#define __vx_mcaps(v) ((v) ? (v)->vx_ccaps >> 32UL : ~0 )
+
-+struct _vx_hist_entry *vxh_advance(void *loc);
++#define vx_info_mcaps(v, c) (__vx_mcaps(v) & (c))
+
++#define vx_mcaps(c) vx_info_mcaps(current_vx_info(), c)
+
-+static inline
-+void __vxh_copy_vxi(struct _vx_hist_entry *entry, struct vx_info *vxi)
-+{
-+ entry->vxi.ptr = vxi;
-+ if (vxi) {
-+ entry->vxi.usecnt = atomic_read(&vxi->vx_usecnt);
-+ entry->vxi.tasks = atomic_read(&vxi->vx_tasks);
-+ entry->vxi.xid = vxi->vx_id;
-+ }
-+}
-+
-+
-+#define __HERE__ current_text_addr()
+
-+#define __VXH_BODY(__type, __data, __here) \
-+ struct _vx_hist_entry *entry; \
-+ \
-+ preempt_disable(); \
-+ entry = vxh_advance(__here); \
-+ __data; \
-+ entry->type = __type; \
-+ preempt_enable();
++/* context bcap mask */
+
++#define __vx_bcaps(v) ((v)->vx_bcaps)
+
-+ /* pass vxi only */
++#define vx_current_bcaps() __vx_bcaps(current_vx_info())
+
-+#define __VXH_SMPL \
-+ __vxh_copy_vxi(entry, vxi)
+
-+static inline
-+void __vxh_smpl(struct vx_info *vxi, int __type, void *__here)
-+{
-+ __VXH_BODY(__type, __VXH_SMPL, __here)
-+}
++/* mask given bcaps */
+
-+ /* pass vxi and data (void *) */
++#define vx_info_mbcaps(v, c) ((v) ? cap_intersect(__vx_bcaps(v), c) : c)
+
-+#define __VXH_DATA \
-+ __vxh_copy_vxi(entry, vxi); \
-+ entry->sc.data = data
++#define vx_mbcaps(c) vx_info_mbcaps(current_vx_info(), c)
+
-+static inline
-+void __vxh_data(struct vx_info *vxi, void *data,
-+ int __type, void *__here)
-+{
-+ __VXH_BODY(__type, __VXH_DATA, __here)
-+}
+
-+ /* pass vxi and arg (long) */
++/* masked cap_bset */
+
-+#define __VXH_LONG \
-+ __vxh_copy_vxi(entry, vxi); \
-+ entry->ll.arg = arg
++#define vx_info_cap_bset(v) vx_info_mbcaps(v, current->cap_bset)
+
-+static inline
-+void __vxh_long(struct vx_info *vxi, long arg,
-+ int __type, void *__here)
-+{
-+ __VXH_BODY(__type, __VXH_LONG, __here)
-+}
++#define vx_current_cap_bset() vx_info_cap_bset(current_vx_info())
+
++#if 0
++#define vx_info_mbcap(v, b) \
++ (!vx_info_flags(v, VXF_STATE_SETUP, 0) ? \
++ vx_info_bcaps(v, b) : (b))
+
-+static inline
-+void __vxh_throw_oops(void *__here)
-+{
-+ __VXH_BODY(VXH_THROW_OOPS, {}, __here);
-+ /* prevent further acquisition */
-+ vxh_active = 0;
-+}
++#define task_vx_mbcap(t, b) \
++ vx_info_mbcap((t)->vx_info, (t)->b)
+
++#define vx_mbcap(b) task_vx_mbcap(current, b)
++#endif
+
-+#define vxh_throw_oops() __vxh_throw_oops(__HERE__);
++#define vx_cap_raised(v, c, f) cap_raised(vx_info_mbcaps(v, c), f)
+
-+#define __vxh_get_vx_info(v, h) __vxh_smpl(v, VXH_GET_VX_INFO, h);
-+#define __vxh_put_vx_info(v, h) __vxh_smpl(v, VXH_PUT_VX_INFO, h);
++#define vx_capable(b, c) (capable(b) || \
++ (cap_raised(current_cap(), b) && vx_ccaps(c)))
+
-+#define __vxh_init_vx_info(v, d, h) \
-+ __vxh_data(v, d, VXH_INIT_VX_INFO, h);
-+#define __vxh_set_vx_info(v, d, h) \
-+ __vxh_data(v, d, VXH_SET_VX_INFO, h);
-+#define __vxh_clr_vx_info(v, d, h) \
-+ __vxh_data(v, d, VXH_CLR_VX_INFO, h);
++#define vx_ns_capable(n, b, c) (ns_capable(n, b) || \
++ (cap_raised(current_cap(), b) && vx_ccaps(c)))
+
-+#define __vxh_claim_vx_info(v, d, h) \
-+ __vxh_data(v, d, VXH_CLAIM_VX_INFO, h);
-+#define __vxh_release_vx_info(v, d, h) \
-+ __vxh_data(v, d, VXH_RELEASE_VX_INFO, h);
++#define nx_capable(b, c) (capable(b) || \
++ (cap_raised(current_cap(), b) && nx_ncaps(c)))
+
-+#define vxh_alloc_vx_info(v) \
-+ __vxh_smpl(v, VXH_ALLOC_VX_INFO, __HERE__);
-+#define vxh_dealloc_vx_info(v) \
-+ __vxh_smpl(v, VXH_DEALLOC_VX_INFO, __HERE__);
++#define nx_ns_capable(n, b, c) (ns_capable(n, b) || \
++ (cap_raised(current_cap(), b) && nx_ncaps(c)))
+
-+#define vxh_hash_vx_info(v) \
-+ __vxh_smpl(v, VXH_HASH_VX_INFO, __HERE__);
-+#define vxh_unhash_vx_info(v) \
-+ __vxh_smpl(v, VXH_UNHASH_VX_INFO, __HERE__);
++#define vx_task_initpid(t, n) \
++ ((t)->vx_info && \
++ ((t)->vx_info->vx_initpid == (n)))
+
-+#define vxh_loc_vx_info(v, l) \
-+ __vxh_long(v, l, VXH_LOC_VX_INFO, __HERE__);
-+#define vxh_lookup_vx_info(v, l) \
-+ __vxh_long(v, l, VXH_LOOKUP_VX_INFO, __HERE__);
-+#define vxh_create_vx_info(v, l) \
-+ __vxh_long(v, l, VXH_CREATE_VX_INFO, __HERE__);
++#define vx_current_initpid(n) vx_task_initpid(current, n)
+
-+extern void vxh_dump_history(void);
+
++/* context unshare mask */
+
-+#else /* CONFIG_VSERVER_HISTORY */
++#define __vx_umask(v) ((v)->vx_umask)
+
-+#define __HERE__ 0
++#define vx_current_umask() __vx_umask(current_vx_info())
+
-+#define vxh_throw_oops() do { } while (0)
++#define vx_can_unshare(b, f) (capable(b) || \
++ (cap_raised(current_cap(), b) && \
++ !((f) & ~vx_current_umask())))
+
-+#define __vxh_get_vx_info(v, h) do { } while (0)
-+#define __vxh_put_vx_info(v, h) do { } while (0)
++#define vx_ns_can_unshare(n, b, f) (ns_capable(n, b) || \
++ (cap_raised(current_cap(), b) && \
++ !((f) & ~vx_current_umask())))
+
-+#define __vxh_init_vx_info(v, d, h) do { } while (0)
-+#define __vxh_set_vx_info(v, d, h) do { } while (0)
-+#define __vxh_clr_vx_info(v, d, h) do { } while (0)
++#define __vx_wmask(v) ((v)->vx_wmask)
+
-+#define __vxh_claim_vx_info(v, d, h) do { } while (0)
-+#define __vxh_release_vx_info(v, d, h) do { } while (0)
++#define vx_current_wmask() __vx_wmask(current_vx_info())
+
-+#define vxh_alloc_vx_info(v) do { } while (0)
-+#define vxh_dealloc_vx_info(v) do { } while (0)
+
-+#define vxh_hash_vx_info(v) do { } while (0)
-+#define vxh_unhash_vx_info(v) do { } while (0)
++#define __vx_state(v) ((v) ? ((v)->vx_state) : 0)
+
-+#define vxh_loc_vx_info(v, l) do { } while (0)
-+#define vxh_lookup_vx_info(v, l) do { } while (0)
-+#define vxh_create_vx_info(v, l) do { } while (0)
++#define vx_info_state(v, m) (__vx_state(v) & (m))
+
-+#define vxh_dump_history() do { } while (0)
+
++#define __nx_state(n) ((n) ? ((n)->nx_state) : 0)
+
-+#endif /* CONFIG_VSERVER_HISTORY */
++#define nx_info_state(n, m) (__nx_state(n) & (m))
+
-+#endif /* _VSERVER_HISTORY_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/inode_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/inode_cmd.h
---- linux-4.9.207/include/linux/vserver/inode_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/inode_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,36 @@
-+#ifndef _VSERVER_INODE_CMD_H
-+#define _VSERVER_INODE_CMD_H
++#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/cacct.h linux-4.9/include/linux/vserver/cacct.h
+--- linux-4.9/include/linux/vserver/cacct.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/cacct.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,15 @@
++#ifndef _VSERVER_CACCT_H
++#define _VSERVER_CACCT_H
+
-+#include <uapi/vserver/inode_cmd.h>
+
++enum sock_acc_field {
++ VXA_SOCK_UNSPEC = 0,
++ VXA_SOCK_UNIX,
++ VXA_SOCK_INET,
++ VXA_SOCK_INET6,
++ VXA_SOCK_PACKET,
++ VXA_SOCK_OTHER,
++ VXA_SOCK_SIZE /* array size */
++};
+
++#endif /* _VSERVER_CACCT_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/cacct_cmd.h linux-4.9/include/linux/vserver/cacct_cmd.h
+--- linux-4.9/include/linux/vserver/cacct_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/cacct_cmd.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,10 @@
++#ifndef _VSERVER_CACCT_CMD_H
++#define _VSERVER_CACCT_CMD_H
+
-+#ifdef CONFIG_COMPAT
+
-+#include <asm/compat.h>
++#include <linux/compiler.h>
++#include <uapi/vserver/cacct_cmd.h>
+
-+struct vcmd_ctx_iattr_v1_x32 {
-+ compat_uptr_t name_ptr;
-+ uint32_t tag;
-+ uint32_t flags;
-+ uint32_t mask;
-+};
++extern int vc_sock_stat(struct vx_info *, void __user *);
+
-+#endif /* CONFIG_COMPAT */
++#endif /* _VSERVER_CACCT_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/cacct_def.h linux-4.9/include/linux/vserver/cacct_def.h
+--- linux-4.9/include/linux/vserver/cacct_def.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/cacct_def.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,43 @@
++#ifndef _VSERVER_CACCT_DEF_H
++#define _VSERVER_CACCT_DEF_H
+
-+#include <linux/compiler.h>
++#include <asm/atomic.h>
++#include <linux/vserver/cacct.h>
+
-+extern int vc_get_iattr(void __user *);
-+extern int vc_set_iattr(void __user *);
+
-+extern int vc_fget_iattr(uint32_t, void __user *);
-+extern int vc_fset_iattr(uint32_t, void __user *);
++struct _vx_sock_acc {
++ atomic_long_t count;
++ atomic_long_t total;
++};
+
-+#ifdef CONFIG_COMPAT
++/* context sub struct */
+
-+extern int vc_get_iattr_x32(void __user *);
-+extern int vc_set_iattr_x32(void __user *);
++struct _vx_cacct {
++ struct _vx_sock_acc sock[VXA_SOCK_SIZE][3];
++ atomic_t slab[8];
++ atomic_t page[6][8];
++};
+
-+#endif /* CONFIG_COMPAT */
++#ifdef CONFIG_VSERVER_DEBUG
+
-+#endif /* _VSERVER_INODE_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/inode.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/inode.h
---- linux-4.9.207/include/linux/vserver/inode.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/inode.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,19 @@
-+#ifndef _VSERVER_INODE_H
-+#define _VSERVER_INODE_H
++static inline void __dump_vx_cacct(struct _vx_cacct *cacct)
++{
++ int i, j;
+
-+#include <uapi/vserver/inode.h>
++ printk("\t_vx_cacct:");
++ for (i = 0; i < 6; i++) {
++ struct _vx_sock_acc *ptr = cacct->sock[i];
+
++ printk("\t [%d] =", i);
++ for (j = 0; j < 3; j++) {
++ printk(" [%d] = %8lu, %8lu", j,
++ atomic_long_read(&ptr[j].count),
++ atomic_long_read(&ptr[j].total));
++ }
++ printk("\n");
++ }
++}
+
-+#ifdef CONFIG_VSERVER_PROC_SECURE
-+#define IATTR_PROC_DEFAULT ( IATTR_ADMIN | IATTR_HIDE )
-+#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
-+#else
-+#define IATTR_PROC_DEFAULT ( IATTR_ADMIN )
-+#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
+#endif
+
-+#define vx_hide_check(c, m) (((m) & IATTR_HIDE) ? vx_check(c, m) : 1)
++#endif /* _VSERVER_CACCT_DEF_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/cacct_int.h linux-4.9/include/linux/vserver/cacct_int.h
+--- linux-4.9/include/linux/vserver/cacct_int.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/cacct_int.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,17 @@
++#ifndef _VSERVER_CACCT_INT_H
++#define _VSERVER_CACCT_INT_H
+
-+#else /* _VSERVER_INODE_H */
-+#warning duplicate inclusion
-+#endif /* _VSERVER_INODE_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/limit_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit_cmd.h
---- linux-4.9.207/include/linux/vserver/limit_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,35 @@
-+#ifndef _VSERVER_LIMIT_CMD_H
-+#define _VSERVER_LIMIT_CMD_H
++static inline
++unsigned long vx_sock_count(struct _vx_cacct *cacct, int type, int pos)
++{
++ return atomic_long_read(&cacct->sock[type][pos].count);
++}
+
-+#include <uapi/vserver/limit_cmd.h>
+
++static inline
++unsigned long vx_sock_total(struct _vx_cacct *cacct, int type, int pos)
++{
++ return atomic_long_read(&cacct->sock[type][pos].total);
++}
+
-+#ifdef CONFIG_IA32_EMULATION
++#endif /* _VSERVER_CACCT_INT_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/check.h linux-4.9/include/linux/vserver/check.h
+--- linux-4.9/include/linux/vserver/check.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/check.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,89 @@
++#ifndef _VSERVER_CHECK_H
++#define _VSERVER_CHECK_H
+
-+struct vcmd_ctx_rlimit_v0_x32 {
-+ uint32_t id;
-+ uint64_t minimum;
-+ uint64_t softlimit;
-+ uint64_t maximum;
-+} __attribute__ ((packed));
-+
-+#endif /* CONFIG_IA32_EMULATION */
+
-+#include <linux/compiler.h>
++#define MAX_S_CONTEXT 65535 /* Arbitrary limit */
+
-+extern int vc_get_rlimit_mask(uint32_t, void __user *);
-+extern int vc_get_rlimit(struct vx_info *, void __user *);
-+extern int vc_set_rlimit(struct vx_info *, void __user *);
-+extern int vc_reset_hits(struct vx_info *, void __user *);
-+extern int vc_reset_minmax(struct vx_info *, void __user *);
++#ifdef CONFIG_VSERVER_DYNAMIC_IDS
++#define MIN_D_CONTEXT 49152 /* dynamic contexts start here */
++#else
++#define MIN_D_CONTEXT 65536
++#endif
+
-+extern int vc_rlimit_stat(struct vx_info *, void __user *);
++/* check conditions */
+
-+#ifdef CONFIG_IA32_EMULATION
++#define VS_ADMIN 0x0001
++#define VS_WATCH 0x0002
++#define VS_HIDE 0x0004
++#define VS_HOSTID 0x0008
+
-+extern int vc_get_rlimit_x32(struct vx_info *, void __user *);
-+extern int vc_set_rlimit_x32(struct vx_info *, void __user *);
++#define VS_IDENT 0x0010
++#define VS_EQUIV 0x0020
++#define VS_PARENT 0x0040
++#define VS_CHILD 0x0080
+
-+#endif /* CONFIG_IA32_EMULATION */
++#define VS_ARG_MASK 0x00F0
+
-+#endif /* _VSERVER_LIMIT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/limit_def.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit_def.h
---- linux-4.9.207/include/linux/vserver/limit_def.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit_def.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,47 @@
-+#ifndef _VSERVER_LIMIT_DEF_H
-+#define _VSERVER_LIMIT_DEF_H
++#define VS_DYNAMIC 0x0100
++#define VS_STATIC 0x0200
+
-+#include <asm/atomic.h>
-+#include <asm/resource.h>
++#define VS_ATR_MASK 0x0F00
+
-+#include "limit.h"
++#ifdef CONFIG_VSERVER_PRIVACY
++#define VS_ADMIN_P (0)
++#define VS_WATCH_P (0)
++#else
++#define VS_ADMIN_P VS_ADMIN
++#define VS_WATCH_P VS_WATCH
++#endif
+
++#define VS_HARDIRQ 0x1000
++#define VS_SOFTIRQ 0x2000
++#define VS_IRQ 0x4000
+
-+struct _vx_res_limit {
-+ rlim_t soft; /* Context soft limit */
-+ rlim_t hard; /* Context hard limit */
++#define VS_IRQ_MASK 0xF000
+
-+ rlim_atomic_t rcur; /* Current value */
-+ rlim_t rmin; /* Context minimum */
-+ rlim_t rmax; /* Context maximum */
++#include <linux/hardirq.h>
+
-+ atomic_t lhit; /* Limit hits */
-+};
++/*
++ * check current context for ADMIN/WATCH and
++ * optionally against supplied argument
++ */
++static inline int __vs_check(int cid, int id, unsigned int mode)
++{
++ if (mode & VS_ARG_MASK) {
++ if ((mode & VS_IDENT) && (id == cid))
++ return 1;
++ }
++ if (mode & VS_ATR_MASK) {
++ if ((mode & VS_DYNAMIC) &&
++ (id >= MIN_D_CONTEXT) &&
++ (id <= MAX_S_CONTEXT))
++ return 1;
++ if ((mode & VS_STATIC) &&
++ (id > 1) && (id < MIN_D_CONTEXT))
++ return 1;
++ }
++ if (mode & VS_IRQ_MASK) {
++ if ((mode & VS_IRQ) && unlikely(in_interrupt()))
++ return 1;
++ if ((mode & VS_HARDIRQ) && unlikely(in_irq()))
++ return 1;
++ if ((mode & VS_SOFTIRQ) && unlikely(in_softirq()))
++ return 1;
++ }
++ return (((mode & VS_ADMIN) && (cid == 0)) ||
++ ((mode & VS_WATCH) && (cid == 1)) ||
++ ((mode & VS_HOSTID) && (id == 0)));
++}
+
-+/* context sub struct */
++#define vx_check(c, m) __vs_check(vx_current_xid(), c, (m) | VS_IRQ)
+
-+struct _vx_limit {
-+ struct _vx_res_limit res[NUM_LIMITS];
-+};
++#define vx_weak_check(c, m) ((m) ? vx_check(c, m) : 1)
+
-+#ifdef CONFIG_VSERVER_DEBUG
+
-+static inline void __dump_vx_limit(struct _vx_limit *limit)
-+{
-+ int i;
++#define nx_check(c, m) __vs_check(nx_current_nid(), c, m)
+
-+ printk("\t_vx_limit:");
-+ for (i = 0; i < NUM_LIMITS; i++) {
-+ printk("\t [%2d] = %8lu %8lu/%8lu, %8ld/%8ld, %8d\n",
-+ i, (unsigned long)__rlim_get(limit, i),
-+ (unsigned long)__rlim_rmin(limit, i),
-+ (unsigned long)__rlim_rmax(limit, i),
-+ (long)__rlim_soft(limit, i),
-+ (long)__rlim_hard(limit, i),
-+ atomic_read(&__rlim_lhit(limit, i)));
-+ }
-+}
++#define nx_weak_check(c, m) ((m) ? nx_check(c, m) : 1)
+
+#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/context.h linux-4.9/include/linux/vserver/context.h
+--- linux-4.9/include/linux/vserver/context.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/context.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,110 @@
++#ifndef _VSERVER_CONTEXT_H
++#define _VSERVER_CONTEXT_H
+
-+#endif /* _VSERVER_LIMIT_DEF_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/limit.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit.h
---- linux-4.9.207/include/linux/vserver/limit.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,67 @@
-+#ifndef _VSERVER_LIMIT_H
-+#define _VSERVER_LIMIT_H
+
-+#include <uapi/vserver/limit.h>
++#include <linux/list.h>
++#include <linux/spinlock.h>
++#include <linux/rcupdate.h>
++#include <uapi/vserver/context.h>
+
++#include "limit_def.h"
++#include "sched_def.h"
++#include "cvirt_def.h"
++#include "cacct_def.h"
++#include "device_def.h"
+
-+#define VLIM_NOCHECK ((1L << VLIMIT_DENTRY) | (1L << RLIMIT_RSS))
++#define VX_SPACES 2
+
-+/* keep in sync with CRLIM_INFINITY */
++struct _vx_info_pc {
++ struct _vx_sched_pc sched_pc;
++ struct _vx_cvirt_pc cvirt_pc;
++};
+
-+#define VLIM_INFINITY (~0ULL)
++struct _vx_space {
++ unsigned long vx_nsmask; /* assignment mask */
++ struct nsproxy *vx_nsproxy; /* private namespaces */
++ struct fs_struct *vx_fs; /* private namespace fs */
++ const struct cred *vx_cred; /* task credentials */
++};
+
-+#include <asm/atomic.h>
-+#include <asm/resource.h>
++struct vx_info {
++ struct hlist_node vx_hlist; /* linked list of contexts */
++ vxid_t vx_id; /* context id */
++ atomic_t vx_usecnt; /* usage count */
++ atomic_t vx_tasks; /* tasks count */
++ struct vx_info *vx_parent; /* parent context */
++ int vx_state; /* context state */
+
-+#ifndef RLIM_INFINITY
-+#warning RLIM_INFINITY is undefined
-+#endif
++ struct _vx_space space[VX_SPACES]; /* namespace store */
+
-+#define __rlim_val(l, r, v) ((l)->res[r].v)
++ uint64_t vx_flags; /* context flags */
++ uint64_t vx_ccaps; /* context caps (vserver) */
++ uint64_t vx_umask; /* unshare mask (guest) */
++ uint64_t vx_wmask; /* warn mask (guest) */
++ kernel_cap_t vx_bcaps; /* bounding caps (system) */
+
-+#define __rlim_soft(l, r) __rlim_val(l, r, soft)
-+#define __rlim_hard(l, r) __rlim_val(l, r, hard)
++ struct task_struct *vx_reaper; /* guest reaper process */
++ pid_t vx_initpid; /* PID of guest init */
++ int64_t vx_badness_bias; /* OOM points bias */
+
-+#define __rlim_rcur(l, r) __rlim_val(l, r, rcur)
-+#define __rlim_rmin(l, r) __rlim_val(l, r, rmin)
-+#define __rlim_rmax(l, r) __rlim_val(l, r, rmax)
++ struct _vx_limit limit; /* vserver limits */
++ struct _vx_sched sched; /* vserver scheduler */
++ struct _vx_cvirt cvirt; /* virtual/bias stuff */
++ struct _vx_cacct cacct; /* context accounting */
+
-+#define __rlim_lhit(l, r) __rlim_val(l, r, lhit)
-+#define __rlim_hit(l, r) atomic_inc(&__rlim_lhit(l, r))
++ struct _vx_device dmap; /* default device map targets */
+
-+typedef atomic_long_t rlim_atomic_t;
-+typedef unsigned long rlim_t;
++#ifndef CONFIG_SMP
++ struct _vx_info_pc info_pc; /* per cpu data */
++#else
++ struct _vx_info_pc *ptr_pc; /* per cpu array */
++#endif
+
-+#define __rlim_get(l, r) atomic_long_read(&__rlim_rcur(l, r))
-+#define __rlim_set(l, r, v) atomic_long_set(&__rlim_rcur(l, r), v)
-+#define __rlim_inc(l, r) atomic_long_inc(&__rlim_rcur(l, r))
-+#define __rlim_dec(l, r) atomic_long_dec(&__rlim_rcur(l, r))
-+#define __rlim_add(l, r, v) atomic_long_add(v, &__rlim_rcur(l, r))
-+#define __rlim_sub(l, r, v) atomic_long_sub(v, &__rlim_rcur(l, r))
++ wait_queue_head_t vx_wait; /* context exit waitqueue */
++ int reboot_cmd; /* last sys_reboot() cmd */
++ int exit_code; /* last process exit code */
+
++ char vx_name[65]; /* vserver name */
++};
+
-+#if (RLIM_INFINITY == VLIM_INFINITY)
-+#define VX_VLIM(r) ((long long)(long)(r))
-+#define VX_RLIM(v) ((rlim_t)(v))
++#ifndef CONFIG_SMP
++#define vx_ptr_pc(vxi) (&(vxi)->info_pc)
++#define vx_per_cpu(vxi, v, id) vx_ptr_pc(vxi)->v
+#else
-+#define VX_VLIM(r) (((r) == RLIM_INFINITY) \
-+ ? VLIM_INFINITY : (long long)(r))
-+#define VX_RLIM(v) (((v) == VLIM_INFINITY) \
-+ ? RLIM_INFINITY : (rlim_t)(v))
++#define vx_ptr_pc(vxi) ((vxi)->ptr_pc)
++#define vx_per_cpu(vxi, v, id) per_cpu_ptr(vx_ptr_pc(vxi), id)->v
+#endif
+
-+struct sysinfo;
++#define vx_cpu(vxi, v) vx_per_cpu(vxi, v, smp_processor_id())
+
-+#ifdef CONFIG_MEMCG
-+void vx_vsi_meminfo(struct sysinfo *);
-+void vx_vsi_swapinfo(struct sysinfo *);
-+long vx_vsi_cached(struct sysinfo *);
-+#else /* !CONFIG_MEMCG */
-+#define vx_vsi_meminfo(s) do { } while (0)
-+#define vx_vsi_swapinfo(s) do { } while (0)
-+#define vx_vsi_cached(s) (0L)
-+#endif /* !CONFIG_MEMCG */
+
-+#define NUM_LIMITS 24
++struct vx_info_save {
++ struct vx_info *vxi;
++ vxid_t xid;
++};
+
-+#endif /* _VSERVER_LIMIT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/limit_int.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit_int.h
---- linux-4.9.207/include/linux/vserver/limit_int.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/limit_int.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,193 @@
-+#ifndef _VSERVER_LIMIT_INT_H
-+#define _VSERVER_LIMIT_INT_H
+
-+#define VXD_RCRES_COND(r) VXD_CBIT(cres, r)
-+#define VXD_RLIMIT_COND(r) VXD_CBIT(limit, r)
++/* status flags */
+
-+extern const char *vlimit_name[NUM_LIMITS];
++#define VXS_HASHED 0x0001
++#define VXS_PAUSED 0x0010
++#define VXS_SHUTDOWN 0x0100
++#define VXS_HELPER 0x1000
++#define VXS_RELEASED 0x8000
+
-+static inline void __vx_acc_cres(struct vx_info *vxi,
-+ int res, int dir, void *_data, char *_file, int _line)
-+{
-+ if (VXD_RCRES_COND(res))
-+ vxlprintk(1, "vx_acc_cres[%5d,%s,%2d]: %5ld%s (%p)",
-+ (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
-+ (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
-+ (dir > 0) ? "++" : "--", _data, _file, _line);
-+ if (!vxi)
-+ return;
+
-+ if (dir > 0)
-+ __rlim_inc(&vxi->limit, res);
-+ else
-+ __rlim_dec(&vxi->limit, res);
-+}
-+
-+static inline void __vx_add_cres(struct vx_info *vxi,
-+ int res, int amount, void *_data, char *_file, int _line)
-+{
-+ if (VXD_RCRES_COND(res))
-+ vxlprintk(1, "vx_add_cres[%5d,%s,%2d]: %5ld += %5d (%p)",
-+ (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
-+ (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
-+ amount, _data, _file, _line);
-+ if (amount == 0)
-+ return;
-+ if (!vxi)
-+ return;
-+ __rlim_add(&vxi->limit, res, amount);
-+}
-+
-+static inline
-+int __vx_cres_adjust_max(struct _vx_limit *limit, int res, rlim_t value)
-+{
-+ int cond = (value > __rlim_rmax(limit, res));
-+
-+ if (cond)
-+ __rlim_rmax(limit, res) = value;
-+ return cond;
-+}
++extern void claim_vx_info(struct vx_info *, struct task_struct *);
++extern void release_vx_info(struct vx_info *, struct task_struct *);
+
-+static inline
-+int __vx_cres_adjust_min(struct _vx_limit *limit, int res, rlim_t value)
-+{
-+ int cond = (value < __rlim_rmin(limit, res));
++extern struct vx_info *lookup_vx_info(int);
++extern struct vx_info *lookup_or_create_vx_info(int);
+
-+ if (cond)
-+ __rlim_rmin(limit, res) = value;
-+ return cond;
-+}
++extern int get_xid_list(int, unsigned int *, int);
++extern int xid_is_hashed(vxid_t);
+
-+static inline
-+void __vx_cres_fixup(struct _vx_limit *limit, int res, rlim_t value)
-+{
-+ if (!__vx_cres_adjust_max(limit, res, value))
-+ __vx_cres_adjust_min(limit, res, value);
-+}
++extern int vx_migrate_task(struct task_struct *, struct vx_info *, int);
+
++extern long vs_state_change(struct vx_info *, unsigned int);
+
-+/* return values:
-+ +1 ... no limit hit
-+ -1 ... over soft limit
-+ 0 ... over hard limit */
+
-+static inline int __vx_cres_avail(struct vx_info *vxi,
-+ int res, int num, char *_file, int _line)
-+{
-+ struct _vx_limit *limit;
-+ rlim_t value;
++#endif /* _VSERVER_CONTEXT_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/context_cmd.h linux-4.9/include/linux/vserver/context_cmd.h
+--- linux-4.9/include/linux/vserver/context_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/context_cmd.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,33 @@
++#ifndef _VSERVER_CONTEXT_CMD_H
++#define _VSERVER_CONTEXT_CMD_H
+
-+ if (VXD_RLIMIT_COND(res))
-+ vxlprintk(1, "vx_cres_avail[%5d,%s,%2d]: %5ld/%5ld > %5ld + %5d",
-+ (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
-+ (vxi ? (long)__rlim_soft(&vxi->limit, res) : -1),
-+ (vxi ? (long)__rlim_hard(&vxi->limit, res) : -1),
-+ (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
-+ num, _file, _line);
-+ if (!vxi)
-+ return 1;
++#include <uapi/vserver/context_cmd.h>
+
-+ limit = &vxi->limit;
-+ value = __rlim_get(limit, res);
++extern int vc_task_xid(uint32_t);
+
-+ if (!__vx_cres_adjust_max(limit, res, value))
-+ __vx_cres_adjust_min(limit, res, value);
++extern int vc_vx_info(struct vx_info *, void __user *);
+
-+ if (num == 0)
-+ return 1;
++extern int vc_ctx_stat(struct vx_info *, void __user *);
+
-+ if (__rlim_soft(limit, res) == RLIM_INFINITY)
-+ return -1;
-+ if (value + num <= __rlim_soft(limit, res))
-+ return -1;
++extern int vc_ctx_create(uint32_t, void __user *);
++extern int vc_ctx_migrate(struct vx_info *, void __user *);
+
-+ if (__rlim_hard(limit, res) == RLIM_INFINITY)
-+ return 1;
-+ if (value + num <= __rlim_hard(limit, res))
-+ return 1;
++extern int vc_get_cflags(struct vx_info *, void __user *);
++extern int vc_set_cflags(struct vx_info *, void __user *);
+
-+ __rlim_hit(limit, res);
-+ return 0;
-+}
++extern int vc_get_ccaps(struct vx_info *, void __user *);
++extern int vc_set_ccaps(struct vx_info *, void __user *);
+
++extern int vc_get_bcaps(struct vx_info *, void __user *);
++extern int vc_set_bcaps(struct vx_info *, void __user *);
+
-+static const int VLA_RSS[] = { RLIMIT_RSS, VLIMIT_ANON, VLIMIT_MAPPED, 0 };
++extern int vc_get_umask(struct vx_info *, void __user *);
++extern int vc_set_umask(struct vx_info *, void __user *);
+
-+static inline
-+rlim_t __vx_cres_array_sum(struct _vx_limit *limit, const int *array)
-+{
-+ rlim_t value, sum = 0;
-+ int res;
++extern int vc_get_wmask(struct vx_info *, void __user *);
++extern int vc_set_wmask(struct vx_info *, void __user *);
+
-+ while ((res = *array++)) {
-+ value = __rlim_get(limit, res);
-+ __vx_cres_fixup(limit, res, value);
-+ sum += value;
-+ }
-+ return sum;
-+}
++extern int vc_get_badness(struct vx_info *, void __user *);
++extern int vc_set_badness(struct vx_info *, void __user *);
+
-+static inline
-+rlim_t __vx_cres_array_fixup(struct _vx_limit *limit, const int *array)
-+{
-+ rlim_t value = __vx_cres_array_sum(limit, array + 1);
-+ int res = *array;
++#endif /* _VSERVER_CONTEXT_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/cvirt.h linux-4.9/include/linux/vserver/cvirt.h
+--- linux-4.9/include/linux/vserver/cvirt.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/cvirt.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,11 @@
++#ifndef _VSERVER_CVIRT_H
++#define _VSERVER_CVIRT_H
+
-+ if (value == __rlim_get(limit, res))
-+ return value;
++struct vx_info;
+
-+ __rlim_set(limit, res, value);
-+ /* now adjust min/max */
-+ if (!__vx_cres_adjust_max(limit, res, value))
-+ __vx_cres_adjust_min(limit, res, value);
++void vx_update_load(struct vx_info *);
+
-+ return value;
-+}
+
-+static inline int __vx_cres_array_avail(struct vx_info *vxi,
-+ const int *array, int num, char *_file, int _line)
-+{
-+ struct _vx_limit *limit;
-+ rlim_t value = 0;
-+ int res;
++int vx_do_syslog(int, char __user *, int);
+
-+ if (num == 0)
-+ return 1;
-+ if (!vxi)
-+ return 1;
++#endif /* _VSERVER_CVIRT_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/cvirt_cmd.h linux-4.9/include/linux/vserver/cvirt_cmd.h
+--- linux-4.9/include/linux/vserver/cvirt_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/cvirt_cmd.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,13 @@
++#ifndef _VSERVER_CVIRT_CMD_H
++#define _VSERVER_CVIRT_CMD_H
+
-+ limit = &vxi->limit;
-+ res = *array;
-+ value = __vx_cres_array_sum(limit, array + 1);
+
-+ __rlim_set(limit, res, value);
-+ __vx_cres_fixup(limit, res, value);
++#include <linux/compiler.h>
++#include <uapi/vserver/cvirt_cmd.h>
+
-+ return __vx_cres_avail(vxi, res, num, _file, _line);
-+}
++extern int vc_set_vhi_name(struct vx_info *, void __user *);
++extern int vc_get_vhi_name(struct vx_info *, void __user *);
+
++extern int vc_virt_stat(struct vx_info *, void __user *);
+
-+static inline void vx_limit_fixup(struct _vx_limit *limit, int id)
-+{
-+ rlim_t value;
-+ int res;
++#endif /* _VSERVER_CVIRT_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/cvirt_def.h linux-4.9/include/linux/vserver/cvirt_def.h
+--- linux-4.9/include/linux/vserver/cvirt_def.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/cvirt_def.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,80 @@
++#ifndef _VSERVER_CVIRT_DEF_H
++#define _VSERVER_CVIRT_DEF_H
+
-+ /* complex resources first */
-+ if ((id < 0) || (id == RLIMIT_RSS))
-+ __vx_cres_array_fixup(limit, VLA_RSS);
++#include <linux/jiffies.h>
++#include <linux/spinlock.h>
++#include <linux/wait.h>
++#include <linux/time.h>
++#include <asm/atomic.h>
+
-+ for (res = 0; res < NUM_LIMITS; res++) {
-+ if ((id > 0) && (res != id))
-+ continue;
+
-+ value = __rlim_get(limit, res);
-+ __vx_cres_fixup(limit, res, value);
++struct _vx_usage_stat {
++ uint64_t user;
++ uint64_t nice;
++ uint64_t system;
++ uint64_t softirq;
++ uint64_t irq;
++ uint64_t idle;
++ uint64_t iowait;
++};
+
-+ /* not supposed to happen, maybe warn? */
-+ if (__rlim_rmax(limit, res) > __rlim_hard(limit, res))
-+ __rlim_rmax(limit, res) = __rlim_hard(limit, res);
-+ }
-+}
++struct _vx_syslog {
++ wait_queue_head_t log_wait;
++ spinlock_t logbuf_lock; /* lock for the log buffer */
+
++ unsigned long log_start; /* next char to be read by syslog() */
++ unsigned long con_start; /* next char to be sent to consoles */
++ unsigned long log_end; /* most-recently-written-char + 1 */
++ unsigned long logged_chars; /* #chars since last read+clear operation */
+
-+#endif /* _VSERVER_LIMIT_INT_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/monitor.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/monitor.h
---- linux-4.9.207/include/linux/vserver/monitor.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/monitor.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,6 @@
-+#ifndef _VSERVER_MONITOR_H
-+#define _VSERVER_MONITOR_H
++ char log_buf[1024];
++};
+
-+#include <uapi/vserver/monitor.h>
+
-+#endif /* _VSERVER_MONITOR_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/network_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/network_cmd.h
---- linux-4.9.207/include/linux/vserver/network_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/network_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,37 @@
-+#ifndef _VSERVER_NETWORK_CMD_H
-+#define _VSERVER_NETWORK_CMD_H
++/* context sub struct */
+
-+#include <uapi/vserver/network_cmd.h>
++struct _vx_cvirt {
++ atomic_t nr_threads; /* number of current threads */
++ atomic_t nr_running; /* number of running threads */
++ atomic_t nr_uninterruptible; /* number of uninterruptible threads */
+
-+extern int vc_task_nid(uint32_t);
++ atomic_t nr_onhold; /* processes on hold */
++ uint32_t onhold_last; /* jiffies when put on hold */
+
-+extern int vc_nx_info(struct nx_info *, void __user *);
++ struct timespec64 bias_ts; /* time offset to the host */
++ struct timespec64 bias_idle;
++ struct timespec64 bias_uptime; /* context creation point */
++ uint64_t bias_clock; /* offset in clock_t */
+
-+extern int vc_net_create(uint32_t, void __user *);
-+extern int vc_net_migrate(struct nx_info *, void __user *);
++ spinlock_t load_lock; /* lock for the load averages */
++ atomic_t load_updates; /* nr of load updates done so far */
++ uint32_t load_last; /* last time load was calculated */
++ uint32_t load[3]; /* load averages 1,5,15 */
+
-+extern int vc_net_add(struct nx_info *, void __user *);
-+extern int vc_net_remove(struct nx_info *, void __user *);
++ atomic_t total_forks; /* number of forks so far */
+
-+extern int vc_net_add_ipv4_v1(struct nx_info *, void __user *);
-+extern int vc_net_add_ipv4(struct nx_info *, void __user *);
++ struct _vx_syslog syslog;
++};
+
-+extern int vc_net_rem_ipv4_v1(struct nx_info *, void __user *);
-+extern int vc_net_rem_ipv4(struct nx_info *, void __user *);
++struct _vx_cvirt_pc {
++ struct _vx_usage_stat cpustat;
++};
+
-+extern int vc_net_add_ipv6(struct nx_info *, void __user *);
-+extern int vc_net_remove_ipv6(struct nx_info *, void __user *);
+
-+extern int vc_add_match_ipv4(struct nx_info *, void __user *);
-+extern int vc_get_match_ipv4(struct nx_info *, void __user *);
++#ifdef CONFIG_VSERVER_DEBUG
+
-+extern int vc_add_match_ipv6(struct nx_info *, void __user *);
-+extern int vc_get_match_ipv6(struct nx_info *, void __user *);
++static inline void __dump_vx_cvirt(struct _vx_cvirt *cvirt)
++{
++ printk("\t_vx_cvirt:\n");
++ printk("\t threads: %4d, %4d, %4d, %4d\n",
++ atomic_read(&cvirt->nr_threads),
++ atomic_read(&cvirt->nr_running),
++ atomic_read(&cvirt->nr_uninterruptible),
++ atomic_read(&cvirt->nr_onhold));
++ /* add rest here */
++ printk("\t total_forks = %d\n", atomic_read(&cvirt->total_forks));
++}
+
-+extern int vc_get_nflags(struct nx_info *, void __user *);
-+extern int vc_set_nflags(struct nx_info *, void __user *);
++#endif
+
-+extern int vc_get_ncaps(struct nx_info *, void __user *);
-+extern int vc_set_ncaps(struct nx_info *, void __user *);
++#endif /* _VSERVER_CVIRT_DEF_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/debug.h linux-4.9/include/linux/vserver/debug.h
+--- linux-4.9/include/linux/vserver/debug.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/debug.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,146 @@
++#ifndef _VSERVER_DEBUG_H
++#define _VSERVER_DEBUG_H
+
-+#endif /* _VSERVER_CONTEXT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/network.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/network.h
---- linux-4.9.207/include/linux/vserver/network.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/network.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,76 @@
-+#ifndef _VSERVER_NETWORK_H
-+#define _VSERVER_NETWORK_H
+
++#define VXD_CBIT(n, m) (vs_debug_ ## n & (1 << (m)))
++#define VXD_CMIN(n, m) (vs_debug_ ## n > (m))
++#define VXD_MASK(n, m) (vs_debug_ ## n & (m))
+
-+#include <linux/list.h>
-+#include <linux/spinlock.h>
-+#include <linux/rcupdate.h>
-+#include <linux/in.h>
-+#include <linux/in6.h>
-+#include <asm/atomic.h>
-+#include <uapi/vserver/network.h>
++#define VXD_DEV(d) (d), (d)->bd_inode->i_ino, \
++ imajor((d)->bd_inode), iminor((d)->bd_inode)
++#define VXF_DEV "%p[%lu,%d:%d]"
+
-+struct nx_addr_v4 {
-+ struct nx_addr_v4 *next;
-+ struct in_addr ip[2];
-+ struct in_addr mask;
-+ uint16_t type;
-+ uint16_t flags;
-+};
++#if defined(CONFIG_QUOTES_UTF8)
++#define VS_Q_LQM "\xc2\xbb"
++#define VS_Q_RQM "\xc2\xab"
++#elif defined(CONFIG_QUOTES_ASCII)
++#define VS_Q_LQM "\x27"
++#define VS_Q_RQM "\x27"
++#else
++#define VS_Q_LQM "\xbb"
++#define VS_Q_RQM "\xab"
++#endif
+
-+struct nx_addr_v6 {
-+ struct nx_addr_v6 *next;
-+ struct in6_addr ip;
-+ struct in6_addr mask;
-+ uint32_t prefix;
-+ uint16_t type;
-+ uint16_t flags;
-+};
++#define VS_Q(f) VS_Q_LQM f VS_Q_RQM
+
-+struct nx_info {
-+ struct hlist_node nx_hlist; /* linked list of nxinfos */
-+ vnid_t nx_id; /* vnet id */
-+ atomic_t nx_usecnt; /* usage count */
-+ atomic_t nx_tasks; /* tasks count */
-+ int nx_state; /* context state */
+
-+ uint64_t nx_flags; /* network flag word */
-+ uint64_t nx_ncaps; /* network capabilities */
++#define vxd_path(p) \
++ ({ static char _buffer[PATH_MAX]; \
++ d_path(p, _buffer, sizeof(_buffer)); })
+
-+ spinlock_t addr_lock; /* protect address changes */
-+ struct in_addr v4_lback; /* Loopback address */
-+ struct in_addr v4_bcast; /* Broadcast address */
-+ struct nx_addr_v4 v4; /* First/Single ipv4 address */
-+#ifdef CONFIG_IPV6
-+ struct nx_addr_v6 v6; /* First/Single ipv6 address */
-+#endif
-+ char nx_name[65]; /* network context name */
-+};
++#define vxd_cond_path(n) \
++ ((n) ? vxd_path(&(n)->path) : "<null>" )
+
+
-+/* status flags */
++#ifdef CONFIG_VSERVER_DEBUG
+
-+#define NXS_HASHED 0x0001
-+#define NXS_SHUTDOWN 0x0100
-+#define NXS_RELEASED 0x8000
++extern unsigned int vs_debug_switch;
++extern unsigned int vs_debug_xid;
++extern unsigned int vs_debug_nid;
++extern unsigned int vs_debug_tag;
++extern unsigned int vs_debug_net;
++extern unsigned int vs_debug_limit;
++extern unsigned int vs_debug_cres;
++extern unsigned int vs_debug_dlim;
++extern unsigned int vs_debug_quota;
++extern unsigned int vs_debug_cvirt;
++extern unsigned int vs_debug_space;
++extern unsigned int vs_debug_perm;
++extern unsigned int vs_debug_misc;
+
-+extern struct nx_info *lookup_nx_info(int);
+
-+extern int get_nid_list(int, unsigned int *, int);
-+extern int nid_is_hashed(vnid_t);
++#define VX_LOGLEVEL "vxD: "
++#define VX_PROC_FMT "%p: "
++#define VX_PROCESS current
+
-+extern int nx_migrate_task(struct task_struct *, struct nx_info *);
++#define vxdprintk(c, f, x...) \
++ do { \
++ if (c) \
++ printk(VX_LOGLEVEL VX_PROC_FMT f "\n", \
++ VX_PROCESS , ##x); \
++ } while (0)
+
-+extern long vs_net_change(struct nx_info *, unsigned int);
++#define vxlprintk(c, f, x...) \
++ do { \
++ if (c) \
++ printk(VX_LOGLEVEL f " @%s:%d\n", x); \
++ } while (0)
+
-+struct sock;
++#define vxfprintk(c, f, x...) \
++ do { \
++ if (c) \
++ printk(VX_LOGLEVEL f " %s@%s:%d\n", x); \
++ } while (0)
+
+
-+#define NX_IPV4(n) ((n)->v4.type != NXA_TYPE_NONE)
-+#ifdef CONFIG_IPV6
-+#define NX_IPV6(n) ((n)->v6.type != NXA_TYPE_NONE)
-+#else
-+#define NX_IPV6(n) (0)
-+#endif
++struct vx_info;
+
-+#endif /* _VSERVER_NETWORK_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/percpu.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/percpu.h
---- linux-4.9.207/include/linux/vserver/percpu.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/percpu.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,14 @@
-+#ifndef _VSERVER_PERCPU_H
-+#define _VSERVER_PERCPU_H
++void dump_vx_info(struct vx_info *, int);
++void dump_vx_info_inactive(int);
+
-+#include "cvirt_def.h"
-+#include "sched_def.h"
++#else /* CONFIG_VSERVER_DEBUG */
+
-+struct _vx_percpu {
-+ struct _vx_cvirt_pc cvirt;
-+ struct _vx_sched_pc sched;
-+};
++#define vs_debug_switch 0
++#define vs_debug_xid 0
++#define vs_debug_nid 0
++#define vs_debug_tag 0
++#define vs_debug_net 0
++#define vs_debug_limit 0
++#define vs_debug_cres 0
++#define vs_debug_dlim 0
++#define vs_debug_quota 0
++#define vs_debug_cvirt 0
++#define vs_debug_space 0
++#define vs_debug_perm 0
++#define vs_debug_misc 0
+
-+#define PERCPU_PERCTX (sizeof(struct _vx_percpu))
++#define vxdprintk(x...) do { } while (0)
++#define vxlprintk(x...) do { } while (0)
++#define vxfprintk(x...) do { } while (0)
+
-+#endif /* _VSERVER_PERCPU_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/pid.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/pid.h
---- linux-4.9.207/include/linux/vserver/pid.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/pid.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,51 @@
-+#ifndef _VSERVER_PID_H
-+#define _VSERVER_PID_H
++#endif /* CONFIG_VSERVER_DEBUG */
+
-+/* pid faking stuff */
+
-+#define vx_info_map_pid(v, p) \
-+ __vx_info_map_pid((v), (p), __func__, __FILE__, __LINE__)
-+#define vx_info_map_tgid(v,p) vx_info_map_pid(v,p)
-+#define vx_map_pid(p) vx_info_map_pid(current_vx_info(), p)
-+#define vx_map_tgid(p) vx_map_pid(p)
++#ifdef CONFIG_VSERVER_WARN
+
-+static inline int __vx_info_map_pid(struct vx_info *vxi, int pid,
-+ const char *func, const char *file, int line)
-+{
-+ if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
-+ vxfprintk(VXD_CBIT(cvirt, 2),
-+ "vx_map_tgid: %p/%llx: %d -> %d",
-+ vxi, (long long)vxi->vx_flags, pid,
-+ (pid && pid == vxi->vx_initpid) ? 1 : pid,
-+ func, file, line);
-+ if (pid == 0)
-+ return 0;
-+ if (pid == vxi->vx_initpid)
-+ return 1;
-+ }
-+ return pid;
-+}
++#define VX_WARNLEVEL KERN_WARNING "vxW: "
++#define VX_WARN_TASK "[" VS_Q("%s") ",%u:#%u|%u|%u] "
++#define VX_WARN_XID "[xid #%u] "
++#define VX_WARN_NID "[nid #%u] "
++#define VX_WARN_TAG "[tag #%u] "
+
-+#define vx_info_rmap_pid(v, p) \
-+ __vx_info_rmap_pid((v), (p), __func__, __FILE__, __LINE__)
-+#define vx_rmap_pid(p) vx_info_rmap_pid(current_vx_info(), p)
-+#define vx_rmap_tgid(p) vx_rmap_pid(p)
++#define vxwprintk(c, f, x...) \
++ do { \
++ if (c) \
++ printk(VX_WARNLEVEL f "\n", ##x); \
++ } while (0)
+
-+static inline int __vx_info_rmap_pid(struct vx_info *vxi, int pid,
-+ const char *func, const char *file, int line)
-+{
-+ if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
-+ vxfprintk(VXD_CBIT(cvirt, 2),
-+ "vx_rmap_tgid: %p/%llx: %d -> %d",
-+ vxi, (long long)vxi->vx_flags, pid,
-+ (pid == 1) ? vxi->vx_initpid : pid,
-+ func, file, line);
-+ if ((pid == 1) && vxi->vx_initpid)
-+ return vxi->vx_initpid;
-+ if (pid == vxi->vx_initpid)
-+ return ~0U;
-+ }
-+ return pid;
-+}
++#else /* CONFIG_VSERVER_WARN */
+
-+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/sched_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/sched_cmd.h
---- linux-4.9.207/include/linux/vserver/sched_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/sched_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,11 @@
-+#ifndef _VSERVER_SCHED_CMD_H
-+#define _VSERVER_SCHED_CMD_H
++#define vxwprintk(x...) do { } while (0)
+
++#endif /* CONFIG_VSERVER_WARN */
+
-+#include <linux/compiler.h>
-+#include <uapi/vserver/sched_cmd.h>
++#define vxwprintk_task(c, f, x...) \
++ vxwprintk(c, VX_WARN_TASK f, \
++ current->comm, current->pid, \
++ current->xid, current->nid, \
++ current->tag, ##x)
++#define vxwprintk_xid(c, f, x...) \
++ vxwprintk(c, VX_WARN_XID f, current->xid, x)
++#define vxwprintk_nid(c, f, x...) \
++ vxwprintk(c, VX_WARN_NID f, current->nid, x)
++#define vxwprintk_tag(c, f, x...) \
++ vxwprintk(c, VX_WARN_TAG f, current->tag, x)
+
-+extern int vc_set_prio_bias(struct vx_info *, void __user *);
-+extern int vc_get_prio_bias(struct vx_info *, void __user *);
++#ifdef CONFIG_VSERVER_DEBUG
++#define vxd_assert_lock(l) assert_spin_locked(l)
++#define vxd_assert(c, f, x...) vxlprintk(!(c), \
++ "assertion [" f "] failed.", ##x, __FILE__, __LINE__)
++#else
++#define vxd_assert_lock(l) do { } while (0)
++#define vxd_assert(c, f, x...) do { } while (0)
++#endif
+
-+#endif /* _VSERVER_SCHED_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/sched_def.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/sched_def.h
---- linux-4.9.207/include/linux/vserver/sched_def.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/sched_def.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,38 @@
-+#ifndef _VSERVER_SCHED_DEF_H
-+#define _VSERVER_SCHED_DEF_H
+
-+#include <linux/spinlock.h>
-+#include <linux/jiffies.h>
-+#include <linux/cpumask.h>
-+#include <asm/atomic.h>
-+#include <asm/param.h>
++#endif /* _VSERVER_DEBUG_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/debug_cmd.h linux-4.9/include/linux/vserver/debug_cmd.h
+--- linux-4.9/include/linux/vserver/debug_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/debug_cmd.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,37 @@
++#ifndef _VSERVER_DEBUG_CMD_H
++#define _VSERVER_DEBUG_CMD_H
+
++#include <uapi/vserver/debug_cmd.h>
+
-+/* context sub struct */
+
-+struct _vx_sched {
-+ int prio_bias; /* bias offset for priority */
++#ifdef CONFIG_COMPAT
+
-+ cpumask_t update; /* CPUs which should update */
-+};
++#include <asm/compat.h>
+
-+struct _vx_sched_pc {
-+ int prio_bias; /* bias offset for priority */
++struct vcmd_read_history_v0_x32 {
++ uint32_t index;
++ uint32_t count;
++ compat_uptr_t data_ptr;
++};
+
-+ uint64_t user_ticks; /* token tick events */
-+ uint64_t sys_ticks; /* token tick events */
-+ uint64_t hold_ticks; /* token ticks paused */
++struct vcmd_read_monitor_v0_x32 {
++ uint32_t index;
++ uint32_t count;
++ compat_uptr_t data_ptr;
+};
+
++#endif /* CONFIG_COMPAT */
+
-+#ifdef CONFIG_VSERVER_DEBUG
++extern int vc_dump_history(uint32_t);
+
-+static inline void __dump_vx_sched(struct _vx_sched *sched)
-+{
-+ printk("\t_vx_sched:\n");
-+ printk("\t priority = %4d\n", sched->prio_bias);
-+}
++extern int vc_read_history(uint32_t, void __user *);
++extern int vc_read_monitor(uint32_t, void __user *);
+
-+#endif
++#ifdef CONFIG_COMPAT
+
-+#endif /* _VSERVER_SCHED_DEF_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/sched.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/sched.h
---- linux-4.9.207/include/linux/vserver/sched.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/sched.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,23 @@
-+#ifndef _VSERVER_SCHED_H
-+#define _VSERVER_SCHED_H
++extern int vc_read_history_x32(uint32_t, void __user *);
++extern int vc_read_monitor_x32(uint32_t, void __user *);
+
++#endif /* CONFIG_COMPAT */
+
-+#ifdef __KERNEL__
++#endif /* _VSERVER_DEBUG_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/device.h linux-4.9/include/linux/vserver/device.h
+--- linux-4.9/include/linux/vserver/device.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/device.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,9 @@
++#ifndef _VSERVER_DEVICE_H
++#define _VSERVER_DEVICE_H
+
-+struct timespec;
+
-+void vx_vsi_uptime(struct timespec *, struct timespec *);
++#include <uapi/vserver/device.h>
+
++#else /* _VSERVER_DEVICE_H */
++#warning duplicate inclusion
++#endif /* _VSERVER_DEVICE_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/device_cmd.h linux-4.9/include/linux/vserver/device_cmd.h
+--- linux-4.9/include/linux/vserver/device_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/device_cmd.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,31 @@
++#ifndef _VSERVER_DEVICE_CMD_H
++#define _VSERVER_DEVICE_CMD_H
+
-+struct vx_info;
++#include <uapi/vserver/device_cmd.h>
+
-+void vx_update_load(struct vx_info *);
+
++#ifdef CONFIG_COMPAT
+
-+void vx_update_sched_param(struct _vx_sched *sched,
-+ struct _vx_sched_pc *sched_pc);
++#include <asm/compat.h>
+
-+#endif /* __KERNEL__ */
-+#else /* _VSERVER_SCHED_H */
-+#warning duplicate inclusion
-+#endif /* _VSERVER_SCHED_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/signal_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/signal_cmd.h
---- linux-4.9.207/include/linux/vserver/signal_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/signal_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,14 @@
-+#ifndef _VSERVER_SIGNAL_CMD_H
-+#define _VSERVER_SIGNAL_CMD_H
++struct vcmd_set_mapping_v0_x32 {
++ compat_uptr_t device_ptr;
++ compat_uptr_t target_ptr;
++ uint32_t flags;
++};
+
-+#include <uapi/vserver/signal_cmd.h>
++#endif /* CONFIG_COMPAT */
+
++#include <linux/compiler.h>
+
-+extern int vc_ctx_kill(struct vx_info *, void __user *);
-+extern int vc_wait_exit(struct vx_info *, void __user *);
++extern int vc_set_mapping(struct vx_info *, void __user *);
++extern int vc_unset_mapping(struct vx_info *, void __user *);
+
++#ifdef CONFIG_COMPAT
+
-+extern int vc_get_pflags(uint32_t pid, void __user *);
-+extern int vc_set_pflags(uint32_t pid, void __user *);
++extern int vc_set_mapping_x32(struct vx_info *, void __user *);
++extern int vc_unset_mapping_x32(struct vx_info *, void __user *);
+
-+#endif /* _VSERVER_SIGNAL_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/signal.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/signal.h
---- linux-4.9.207/include/linux/vserver/signal.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/signal.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,14 @@
-+#ifndef _VSERVER_SIGNAL_H
-+#define _VSERVER_SIGNAL_H
++#endif /* CONFIG_COMPAT */
+
++#endif /* _VSERVER_DEVICE_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/device_def.h linux-4.9/include/linux/vserver/device_def.h
+--- linux-4.9/include/linux/vserver/device_def.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/device_def.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,17 @@
++#ifndef _VSERVER_DEVICE_DEF_H
++#define _VSERVER_DEVICE_DEF_H
+
-+#ifdef __KERNEL__
++#include <linux/types.h>
+
-+struct vx_info;
++struct vx_dmap_target {
++ dev_t target;
++ uint32_t flags;
++};
+
-+int vx_info_kill(struct vx_info *, int, int);
++struct _vx_device {
++#ifdef CONFIG_VSERVER_DEVICE
++ struct vx_dmap_target targets[2];
++#endif
++};
+
-+#endif /* __KERNEL__ */
-+#else /* _VSERVER_SIGNAL_H */
-+#warning duplicate inclusion
-+#endif /* _VSERVER_SIGNAL_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/space_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/space_cmd.h
---- linux-4.9.207/include/linux/vserver/space_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/space_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,13 @@
-+#ifndef _VSERVER_SPACE_CMD_H
-+#define _VSERVER_SPACE_CMD_H
++#endif /* _VSERVER_DEVICE_DEF_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/dlimit.h linux-4.9/include/linux/vserver/dlimit.h
+--- linux-4.9/include/linux/vserver/dlimit.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/dlimit.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,54 @@
++#ifndef _VSERVER_DLIMIT_H
++#define _VSERVER_DLIMIT_H
+
-+#include <uapi/vserver/space_cmd.h>
++#include "switch.h"
+
+
-+extern int vc_enter_space_v1(struct vx_info *, void __user *);
-+extern int vc_set_space_v1(struct vx_info *, void __user *);
-+extern int vc_enter_space(struct vx_info *, void __user *);
-+extern int vc_set_space(struct vx_info *, void __user *);
-+extern int vc_get_space_mask(void __user *, int);
++#ifdef __KERNEL__
+
-+#endif /* _VSERVER_SPACE_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/space.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/space.h
---- linux-4.9.207/include/linux/vserver/space.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/space.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,12 @@
-+#ifndef _VSERVER_SPACE_H
-+#define _VSERVER_SPACE_H
++/* keep in sync with CDLIM_INFINITY */
+
-+#include <linux/types.h>
++#define DLIM_INFINITY (~0ULL)
+
-+struct vx_info;
++#include <linux/spinlock.h>
++#include <linux/rcupdate.h>
+
-+int vx_set_space(struct vx_info *vxi, unsigned long mask, unsigned index);
++struct super_block;
+
-+#else /* _VSERVER_SPACE_H */
-+#warning duplicate inclusion
-+#endif /* _VSERVER_SPACE_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/switch.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/switch.h
---- linux-4.9.207/include/linux/vserver/switch.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/switch.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,8 @@
-+#ifndef _VSERVER_SWITCH_H
-+#define _VSERVER_SWITCH_H
++struct dl_info {
++ struct hlist_node dl_hlist; /* linked list of contexts */
++ struct rcu_head dl_rcu; /* the rcu head */
++ vtag_t dl_tag; /* context tag */
++ atomic_t dl_usecnt; /* usage count */
++ atomic_t dl_refcnt; /* reference count */
+
++ struct super_block *dl_sb; /* associated superblock */
+
-+#include <linux/errno.h>
-+#include <uapi/vserver/switch.h>
++ spinlock_t dl_lock; /* protect the values */
+
-+#endif /* _VSERVER_SWITCH_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/tag_cmd.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/tag_cmd.h
---- linux-4.9.207/include/linux/vserver/tag_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/tag_cmd.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,10 @@
-+#ifndef _VSERVER_TAG_CMD_H
-+#define _VSERVER_TAG_CMD_H
++ unsigned long long dl_space_used; /* used space in bytes */
++ unsigned long long dl_space_total; /* maximum space in bytes */
++ unsigned long dl_inodes_used; /* used inodes */
++ unsigned long dl_inodes_total; /* maximum inodes */
+
-+#include <uapi/vserver/tag_cmd.h>
++ unsigned int dl_nrlmult; /* non root limit mult */
++};
+
-+extern int vc_task_tag(uint32_t);
++struct rcu_head;
+
-+extern int vc_tag_migrate(uint32_t);
++extern void rcu_free_dl_info(struct rcu_head *);
++extern void unhash_dl_info(struct dl_info *);
+
-+#endif /* _VSERVER_TAG_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vserver/tag.h linux-4.9.207-vs2.3.9.11/include/linux/vserver/tag.h
---- linux-4.9.207/include/linux/vserver/tag.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vserver/tag.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,160 @@
-+#ifndef _DX_TAG_H
-+#define _DX_TAG_H
++extern struct dl_info *locate_dl_info(struct super_block *, vtag_t);
+
-+#include <linux/types.h>
-+#include <linux/uidgid.h>
+
++struct kstatfs;
+
-+#define DX_TAG(in) (IS_TAGGED(in))
++extern void vx_vsi_statfs(struct super_block *, struct kstatfs *);
+
++typedef uint64_t dlsize_t;
+
-+#ifdef CONFIG_TAG_NFSD
-+#define DX_TAG_NFSD 1
-+#else
-+#define DX_TAG_NFSD 0
-+#endif
++#endif /* __KERNEL__ */
++#else /* _VSERVER_DLIMIT_H */
++#warning duplicate inclusion
++#endif /* _VSERVER_DLIMIT_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/dlimit_cmd.h linux-4.9/include/linux/vserver/dlimit_cmd.h
+--- linux-4.9/include/linux/vserver/dlimit_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/dlimit_cmd.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,46 @@
++#ifndef _VSERVER_DLIMIT_CMD_H
++#define _VSERVER_DLIMIT_CMD_H
+
++#include <uapi/vserver/dlimit_cmd.h>
+
-+#ifdef CONFIG_TAGGING_NONE
+
-+#define MAX_UID 0xFFFFFFFF
-+#define MAX_GID 0xFFFFFFFF
++#ifdef CONFIG_COMPAT
+
-+#define INOTAG_TAG(cond, uid, gid, tag) (0)
++#include <asm/compat.h>
+
-+#define TAGINO_UID(cond, uid, tag) (uid)
-+#define TAGINO_GID(cond, gid, tag) (gid)
++struct vcmd_ctx_dlimit_base_v0_x32 {
++ compat_uptr_t name_ptr;
++ uint32_t flags;
++};
+
-+#endif
++struct vcmd_ctx_dlimit_v0_x32 {
++ compat_uptr_t name_ptr;
++ uint32_t space_used; /* used space in kbytes */
++ uint32_t space_total; /* maximum space in kbytes */
++ uint32_t inodes_used; /* used inodes */
++ uint32_t inodes_total; /* maximum inodes */
++ uint32_t reserved; /* reserved for root in % */
++ uint32_t flags;
++};
+
++#endif /* CONFIG_COMPAT */
+
-+#ifdef CONFIG_TAGGING_GID16
++#include <linux/compiler.h>
+
-+#define MAX_UID 0xFFFFFFFF
-+#define MAX_GID 0x0000FFFF
++extern int vc_add_dlimit(uint32_t, void __user *);
++extern int vc_rem_dlimit(uint32_t, void __user *);
+
-+#define INOTAG_TAG(cond, uid, gid, tag) \
-+ ((cond) ? (((gid) >> 16) & 0xFFFF) : 0)
++extern int vc_set_dlimit(uint32_t, void __user *);
++extern int vc_get_dlimit(uint32_t, void __user *);
+
-+#define TAGINO_UID(cond, uid, tag) (uid)
-+#define TAGINO_GID(cond, gid, tag) \
-+ ((cond) ? (((gid) & 0xFFFF) | ((tag) << 16)) : (gid))
++#ifdef CONFIG_COMPAT
+
-+#endif
++extern int vc_add_dlimit_x32(uint32_t, void __user *);
++extern int vc_rem_dlimit_x32(uint32_t, void __user *);
+
++extern int vc_set_dlimit_x32(uint32_t, void __user *);
++extern int vc_get_dlimit_x32(uint32_t, void __user *);
+
-+#ifdef CONFIG_TAGGING_ID24
++#endif /* CONFIG_COMPAT */
+
-+#define MAX_UID 0x00FFFFFF
-+#define MAX_GID 0x00FFFFFF
++#endif /* _VSERVER_DLIMIT_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/global.h linux-4.9/include/linux/vserver/global.h
+--- linux-4.9/include/linux/vserver/global.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/global.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,20 @@
++#ifndef _VSERVER_GLOBAL_H
++#define _VSERVER_GLOBAL_H
+
-+#define INOTAG_TAG(cond, uid, gid, tag) \
-+ ((cond) ? ((((uid) >> 16) & 0xFF00) | (((gid) >> 24) & 0xFF)) : 0)
+
-+#define TAGINO_UID(cond, uid, tag) \
-+ ((cond) ? (((uid) & 0xFFFFFF) | (((tag) & 0xFF00) << 16)) : (uid))
-+#define TAGINO_GID(cond, gid, tag) \
-+ ((cond) ? (((gid) & 0xFFFFFF) | (((tag) & 0x00FF) << 24)) : (gid))
++extern atomic_t vx_global_ctotal;
++extern atomic_t vx_global_cactive;
+
-+#endif
++extern atomic_t nx_global_ctotal;
++extern atomic_t nx_global_cactive;
+
++extern atomic_t vs_global_nsproxy;
++extern atomic_t vs_global_fs;
++extern atomic_t vs_global_mnt_ns;
++extern atomic_t vs_global_uts_ns;
++extern atomic_t vs_global_ipc_ns;
++extern atomic_t vs_global_user_ns;
++extern atomic_t vs_global_pid_ns;
+
-+#ifdef CONFIG_TAGGING_UID16
+
-+#define MAX_UID 0x0000FFFF
-+#define MAX_GID 0xFFFFFFFF
++#endif /* _VSERVER_GLOBAL_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/history.h linux-4.9/include/linux/vserver/history.h
+--- linux-4.9/include/linux/vserver/history.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/history.h 2021-02-24 15:47:45.094409658 +0100
+@@ -0,0 +1,197 @@
++#ifndef _VSERVER_HISTORY_H
++#define _VSERVER_HISTORY_H
+
-+#define INOTAG_TAG(cond, uid, gid, tag) \
-+ ((cond) ? (((uid) >> 16) & 0xFFFF) : 0)
+
-+#define TAGINO_UID(cond, uid, tag) \
-+ ((cond) ? (((uid) & 0xFFFF) | ((tag) << 16)) : (uid))
-+#define TAGINO_GID(cond, gid, tag) (gid)
++enum {
++ VXH_UNUSED = 0,
++ VXH_THROW_OOPS = 1,
+
-+#endif
++ VXH_GET_VX_INFO,
++ VXH_PUT_VX_INFO,
++ VXH_INIT_VX_INFO,
++ VXH_SET_VX_INFO,
++ VXH_CLR_VX_INFO,
++ VXH_CLAIM_VX_INFO,
++ VXH_RELEASE_VX_INFO,
++ VXH_ALLOC_VX_INFO,
++ VXH_DEALLOC_VX_INFO,
++ VXH_HASH_VX_INFO,
++ VXH_UNHASH_VX_INFO,
++ VXH_LOC_VX_INFO,
++ VXH_LOOKUP_VX_INFO,
++ VXH_CREATE_VX_INFO,
++};
+
++struct _vxhe_vxi {
++ struct vx_info *ptr;
++ unsigned xid;
++ unsigned usecnt;
++ unsigned tasks;
++};
+
-+#ifdef CONFIG_TAGGING_INTERN
++struct _vxhe_set_clr {
++ void *data;
++};
+
-+#define MAX_UID 0xFFFFFFFF
-+#define MAX_GID 0xFFFFFFFF
++struct _vxhe_loc_lookup {
++ unsigned arg;
++};
+
-+#define INOTAG_TAG(cond, uid, gid, tag) \
-+ ((cond) ? (tag) : 0)
++struct _vx_hist_entry {
++ void *loc;
++ unsigned short seq;
++ unsigned short type;
++ struct _vxhe_vxi vxi;
++ union {
++ struct _vxhe_set_clr sc;
++ struct _vxhe_loc_lookup ll;
++ };
++};
+
-+#define TAGINO_UID(cond, uid, tag) (uid)
-+#define TAGINO_GID(cond, gid, tag) (gid)
++#ifdef CONFIG_VSERVER_HISTORY
+
-+#endif
++extern unsigned volatile int vxh_active;
+
++struct _vx_hist_entry *vxh_advance(void *loc);
+
-+#ifndef CONFIG_TAGGING_NONE
-+#define dx_current_fstag(sb) \
-+ ((sb)->s_flags & MS_TAGGED ? dx_current_tag() : 0)
-+#else
-+#define dx_current_fstag(sb) (0)
-+#endif
+
-+#ifndef CONFIG_TAGGING_INTERN
-+#define TAGINO_TAG(cond, tag) (0)
-+#else
-+#define TAGINO_TAG(cond, tag) ((cond) ? (tag) : 0)
-+#endif
++static inline
++void __vxh_copy_vxi(struct _vx_hist_entry *entry, struct vx_info *vxi)
++{
++ entry->vxi.ptr = vxi;
++ if (vxi) {
++ entry->vxi.usecnt = atomic_read(&vxi->vx_usecnt);
++ entry->vxi.tasks = atomic_read(&vxi->vx_tasks);
++ entry->vxi.xid = vxi->vx_id;
++ }
++}
+
-+#define TAGINO_KUID(cond, kuid, ktag) \
-+ KUIDT_INIT(TAGINO_UID(cond, __kuid_val(kuid), __ktag_val(ktag)))
-+#define TAGINO_KGID(cond, kgid, ktag) \
-+ KGIDT_INIT(TAGINO_GID(cond, __kgid_val(kgid), __ktag_val(ktag)))
-+#define TAGINO_KTAG(cond, ktag) \
-+ KTAGT_INIT(TAGINO_TAG(cond, __ktag_val(ktag)))
+
++#define __HERE__ current_text_addr()
+
-+#define INOTAG_UID(cond, uid, gid) \
-+ ((cond) ? ((uid) & MAX_UID) : (uid))
-+#define INOTAG_GID(cond, uid, gid) \
-+ ((cond) ? ((gid) & MAX_GID) : (gid))
++#define __VXH_BODY(__type, __data, __here) \
++ struct _vx_hist_entry *entry; \
++ \
++ preempt_disable(); \
++ entry = vxh_advance(__here); \
++ __data; \
++ entry->type = __type; \
++ preempt_enable();
+
-+#define INOTAG_KUID(cond, kuid, kgid) \
-+ KUIDT_INIT(INOTAG_UID(cond, __kuid_val(kuid), __kgid_val(kgid)))
-+#define INOTAG_KGID(cond, kuid, kgid) \
-+ KGIDT_INIT(INOTAG_GID(cond, __kuid_val(kuid), __kgid_val(kgid)))
-+#define INOTAG_KTAG(cond, kuid, kgid, ktag) \
-+ KTAGT_INIT(INOTAG_TAG(cond, \
-+ __kuid_val(kuid), __kgid_val(kgid), __ktag_val(ktag)))
+
++ /* pass vxi only */
+
-+static inline uid_t dx_map_uid(uid_t uid)
++#define __VXH_SMPL \
++ __vxh_copy_vxi(entry, vxi)
++
++static inline
++void __vxh_smpl(struct vx_info *vxi, int __type, void *__here)
+{
-+ if ((uid > MAX_UID) && (uid != -1))
-+ uid = -2;
-+ return (uid & MAX_UID);
++ __VXH_BODY(__type, __VXH_SMPL, __here)
+}
+
-+static inline gid_t dx_map_gid(gid_t gid)
++ /* pass vxi and data (void *) */
++
++#define __VXH_DATA \
++ __vxh_copy_vxi(entry, vxi); \
++ entry->sc.data = data
++
++static inline
++void __vxh_data(struct vx_info *vxi, void *data,
++ int __type, void *__here)
+{
-+ if ((gid > MAX_GID) && (gid != -1))
-+ gid = -2;
-+ return (gid & MAX_GID);
++ __VXH_BODY(__type, __VXH_DATA, __here)
+}
+
-+struct peer_tag {
-+ int32_t xid;
-+ int32_t nid;
-+};
++ /* pass vxi and arg (long) */
+
-+#define dx_notagcheck(sb) ((sb) && ((sb)->s_flags & MS_NOTAGCHECK))
++#define __VXH_LONG \
++ __vxh_copy_vxi(entry, vxi); \
++ entry->ll.arg = arg
+
-+int dx_parse_tag(char *string, vtag_t *tag, int remove, int *mnt_flags,
-+ unsigned long *flags);
++static inline
++void __vxh_long(struct vx_info *vxi, long arg,
++ int __type, void *__here)
++{
++ __VXH_BODY(__type, __VXH_LONG, __here)
++}
+
-+#ifdef CONFIG_PROPAGATE
+
-+void __dx_propagate_tag(struct nameidata *nd, struct inode *inode);
++static inline
++void __vxh_throw_oops(void *__here)
++{
++ __VXH_BODY(VXH_THROW_OOPS, {}, __here);
++ /* prevent further acquisition */
++ vxh_active = 0;
++}
+
-+#define dx_propagate_tag(n, i) __dx_propagate_tag(n, i)
+
-+#else
-+#define dx_propagate_tag(n, i) do { } while (0)
-+#endif
++#define vxh_throw_oops() __vxh_throw_oops(__HERE__);
+
-+#endif /* _DX_TAG_H */
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_inet6.h linux-4.9.207-vs2.3.9.11/include/linux/vs_inet6.h
---- linux-4.9.207/include/linux/vs_inet6.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_inet6.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,264 @@
-+#ifndef _VS_INET6_H
-+#define _VS_INET6_H
++#define __vxh_get_vx_info(v, h) __vxh_smpl(v, VXH_GET_VX_INFO, h);
++#define __vxh_put_vx_info(v, h) __vxh_smpl(v, VXH_PUT_VX_INFO, h);
+
-+#include "vserver/base.h"
-+#include "vserver/network.h"
-+#include "vserver/debug.h"
++#define __vxh_init_vx_info(v, d, h) \
++ __vxh_data(v, d, VXH_INIT_VX_INFO, h);
++#define __vxh_set_vx_info(v, d, h) \
++ __vxh_data(v, d, VXH_SET_VX_INFO, h);
++#define __vxh_clr_vx_info(v, d, h) \
++ __vxh_data(v, d, VXH_CLR_VX_INFO, h);
+
-+#include <net/ipv6.h>
++#define __vxh_claim_vx_info(v, d, h) \
++ __vxh_data(v, d, VXH_CLAIM_VX_INFO, h);
++#define __vxh_release_vx_info(v, d, h) \
++ __vxh_data(v, d, VXH_RELEASE_VX_INFO, h);
+
-+#define NXAV6(a) &(a)->ip, &(a)->mask, (a)->prefix, (a)->type
-+#define NXAV6_FMT "[%pI6/%pI6/%d:%04x]"
++#define vxh_alloc_vx_info(v) \
++ __vxh_smpl(v, VXH_ALLOC_VX_INFO, __HERE__);
++#define vxh_dealloc_vx_info(v) \
++ __vxh_smpl(v, VXH_DEALLOC_VX_INFO, __HERE__);
+
++#define vxh_hash_vx_info(v) \
++ __vxh_smpl(v, VXH_HASH_VX_INFO, __HERE__);
++#define vxh_unhash_vx_info(v) \
++ __vxh_smpl(v, VXH_UNHASH_VX_INFO, __HERE__);
+
-+#ifdef CONFIG_IPV6
++#define vxh_loc_vx_info(v, l) \
++ __vxh_long(v, l, VXH_LOC_VX_INFO, __HERE__);
++#define vxh_lookup_vx_info(v, l) \
++ __vxh_long(v, l, VXH_LOOKUP_VX_INFO, __HERE__);
++#define vxh_create_vx_info(v, l) \
++ __vxh_long(v, l, VXH_CREATE_VX_INFO, __HERE__);
+
-+static inline
-+int v6_addr_match(struct nx_addr_v6 *nxa,
-+ const struct in6_addr *addr, uint16_t mask)
-+{
-+ int ret = 0;
++extern void vxh_dump_history(void);
+
-+ switch (nxa->type & mask) {
-+ case NXA_TYPE_MASK:
-+ ret = ipv6_masked_addr_cmp(&nxa->ip, &nxa->mask, addr);
-+ break;
-+ case NXA_TYPE_ADDR:
-+ ret = ipv6_addr_equal(&nxa->ip, addr);
-+ break;
-+ case NXA_TYPE_ANY:
-+ ret = 1;
-+ break;
-+ }
-+ vxdprintk(VXD_CBIT(net, 0),
-+ "v6_addr_match(%p" NXAV6_FMT ",%pI6,%04x) = %d",
-+ nxa, NXAV6(nxa), addr, mask, ret);
-+ return ret;
-+}
+
-+static inline
-+int v6_addr_in_nx_info(struct nx_info *nxi,
-+ const struct in6_addr *addr, uint16_t mask)
-+{
-+ struct nx_addr_v6 *nxa;
-+ unsigned long irqflags;
-+ int ret = 1;
++#else /* CONFIG_VSERVER_HISTORY */
+
-+ if (!nxi)
-+ goto out;
++#define __HERE__ 0
+
-+ spin_lock_irqsave(&nxi->addr_lock, irqflags);
-+ for (nxa = &nxi->v6; nxa; nxa = nxa->next)
-+ if (v6_addr_match(nxa, addr, mask))
-+ goto out_unlock;
-+ ret = 0;
-+out_unlock:
-+ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
-+out:
-+ vxdprintk(VXD_CBIT(net, 0),
-+ "v6_addr_in_nx_info(%p[#%u],%pI6,%04x) = %d",
-+ nxi, nxi ? nxi->nx_id : 0, addr, mask, ret);
-+ return ret;
-+}
++#define vxh_throw_oops() do { } while (0)
+
-+static inline
-+int v6_nx_addr_match(struct nx_addr_v6 *nxa, struct nx_addr_v6 *addr, uint16_t mask)
-+{
-+ /* FIXME: needs full range checks */
-+ return v6_addr_match(nxa, &addr->ip, mask);
-+}
++#define __vxh_get_vx_info(v, h) do { } while (0)
++#define __vxh_put_vx_info(v, h) do { } while (0)
+
-+static inline
-+int v6_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v6 *nxa, uint16_t mask)
-+{
-+ struct nx_addr_v6 *ptr;
-+ unsigned long irqflags;
-+ int ret = 1;
++#define __vxh_init_vx_info(v, d, h) do { } while (0)
++#define __vxh_set_vx_info(v, d, h) do { } while (0)
++#define __vxh_clr_vx_info(v, d, h) do { } while (0)
+
-+ spin_lock_irqsave(&nxi->addr_lock, irqflags);
-+ for (ptr = &nxi->v6; ptr; ptr = ptr->next)
-+ if (v6_nx_addr_match(ptr, nxa, mask))
-+ goto out_unlock;
-+ ret = 0;
-+out_unlock:
-+ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
-+ return ret;
-+}
++#define __vxh_claim_vx_info(v, d, h) do { } while (0)
++#define __vxh_release_vx_info(v, d, h) do { } while (0)
+
++#define vxh_alloc_vx_info(v) do { } while (0)
++#define vxh_dealloc_vx_info(v) do { } while (0)
+
-+/*
-+ * Check if a given address matches for a socket
-+ *
-+ * nxi: the socket's nx_info if any
-+ * addr: to be verified address
-+ */
-+static inline
-+int v6_sock_addr_match (
-+ struct nx_info *nxi,
-+ struct inet_sock *inet,
-+ struct in6_addr *addr)
-+{
-+ struct sock *sk = &inet->sk;
-+ const struct in6_addr *saddr = inet6_rcv_saddr(sk);
++#define vxh_hash_vx_info(v) do { } while (0)
++#define vxh_unhash_vx_info(v) do { } while (0)
+
-+ if (!ipv6_addr_any(addr) &&
-+ ipv6_addr_equal(saddr, addr))
-+ return 1;
-+ if (ipv6_addr_any(saddr))
-+ return v6_addr_in_nx_info(nxi, addr, -1);
-+ return 0;
-+}
++#define vxh_loc_vx_info(v, l) do { } while (0)
++#define vxh_lookup_vx_info(v, l) do { } while (0)
++#define vxh_create_vx_info(v, l) do { } while (0)
+
-+/*
-+ * check if address is covered by socket
-+ *
-+ * sk: the socket to check against
-+ * addr: the address in question (must be != 0)
-+ */
++#define vxh_dump_history() do { } while (0)
+
-+static inline
-+int __v6_addr_match_socket(const struct sock *sk, struct nx_addr_v6 *nxa)
-+{
-+ struct nx_info *nxi = sk->sk_nx_info;
-+ const struct in6_addr *saddr = inet6_rcv_saddr(sk);
+
-+ vxdprintk(VXD_CBIT(net, 5),
-+ "__v6_addr_in_socket(%p," NXAV6_FMT ") %p:%pI6 %p;%lx",
-+ sk, NXAV6(nxa), nxi, saddr, sk->sk_socket,
-+ (sk->sk_socket?sk->sk_socket->flags:0));
++#endif /* CONFIG_VSERVER_HISTORY */
+
-+ if (!ipv6_addr_any(saddr)) { /* direct address match */
-+ return v6_addr_match(nxa, saddr, -1);
-+ } else if (nxi) { /* match against nx_info */
-+ return v6_nx_addr_in_nx_info(nxi, nxa, -1);
-+ } else { /* unrestricted any socket */
-+ return 1;
-+ }
-+}
++#endif /* _VSERVER_HISTORY_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/inode.h linux-4.9/include/linux/vserver/inode.h
+--- linux-4.9/include/linux/vserver/inode.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/inode.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,19 @@
++#ifndef _VSERVER_INODE_H
++#define _VSERVER_INODE_H
+
++#include <uapi/vserver/inode.h>
+
-+/* inet related checks and helpers */
+
++#ifdef CONFIG_VSERVER_PROC_SECURE
++#define IATTR_PROC_DEFAULT ( IATTR_ADMIN | IATTR_HIDE )
++#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
++#else
++#define IATTR_PROC_DEFAULT ( IATTR_ADMIN )
++#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
++#endif
+
-+struct in_ifaddr;
-+struct net_device;
-+struct sock;
++#define vx_hide_check(c, m) (((m) & IATTR_HIDE) ? vx_check(c, m) : 1)
+
++#else /* _VSERVER_INODE_H */
++#warning duplicate inclusion
++#endif /* _VSERVER_INODE_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/inode_cmd.h linux-4.9/include/linux/vserver/inode_cmd.h
+--- linux-4.9/include/linux/vserver/inode_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/inode_cmd.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,36 @@
++#ifndef _VSERVER_INODE_CMD_H
++#define _VSERVER_INODE_CMD_H
+
-+#include <linux/netdevice.h>
-+#include <linux/inetdevice.h>
-+#include <net/inet_timewait_sock.h>
++#include <uapi/vserver/inode_cmd.h>
+
+
-+int dev_in_nx_info(struct net_device *, struct nx_info *);
-+int v6_dev_in_nx_info(struct net_device *, struct nx_info *);
-+int nx_v6_addr_conflict(struct nx_info *, struct nx_info *);
+
++#ifdef CONFIG_COMPAT
+
++#include <asm/compat.h>
+
-+static inline
-+int v6_ifa_in_nx_info(struct inet6_ifaddr *ifa, struct nx_info *nxi)
-+{
-+ if (!nxi)
-+ return 1;
-+ if (!ifa)
-+ return 0;
-+ return v6_addr_in_nx_info(nxi, &ifa->addr, -1);
-+}
++struct vcmd_ctx_iattr_v1_x32 {
++ compat_uptr_t name_ptr;
++ uint32_t tag;
++ uint32_t flags;
++ uint32_t mask;
++};
+
-+static inline
-+int nx_v6_ifa_visible(struct nx_info *nxi, struct inet6_ifaddr *ifa)
-+{
-+ vxdprintk(VXD_CBIT(net, 1), "nx_v6_ifa_visible(%p[#%u],%p) %d",
-+ nxi, nxi ? nxi->nx_id : 0, ifa,
-+ nxi ? v6_ifa_in_nx_info(ifa, nxi) : 0);
++#endif /* CONFIG_COMPAT */
+
-+ if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
-+ return 1;
-+ if (v6_ifa_in_nx_info(ifa, nxi))
-+ return 1;
-+ return 0;
-+}
++#include <linux/compiler.h>
+
++extern int vc_get_iattr(void __user *);
++extern int vc_set_iattr(void __user *);
+
-+struct nx_v6_sock_addr {
-+ struct in6_addr saddr; /* Address used for validation */
-+ struct in6_addr baddr; /* Address used for socket bind */
-+};
++extern int vc_fget_iattr(uint32_t, void __user *);
++extern int vc_fset_iattr(uint32_t, void __user *);
+
-+static inline
-+int v6_map_sock_addr(struct inet_sock *inet, struct sockaddr_in6 *addr,
-+ struct nx_v6_sock_addr *nsa)
-+{
-+ // struct sock *sk = &inet->sk;
-+ // struct nx_info *nxi = sk->sk_nx_info;
-+ struct in6_addr saddr = addr->sin6_addr;
-+ struct in6_addr baddr = saddr;
++#ifdef CONFIG_COMPAT
+
-+ nsa->saddr = saddr;
-+ nsa->baddr = baddr;
-+ return 0;
-+}
++extern int vc_get_iattr_x32(void __user *);
++extern int vc_set_iattr_x32(void __user *);
+
-+static inline
-+void v6_set_sock_addr(struct inet_sock *inet, struct nx_v6_sock_addr *nsa)
-+{
-+ // struct sock *sk = &inet->sk;
-+ // struct in6_addr *saddr = inet6_rcv_saddr(sk);
++#endif /* CONFIG_COMPAT */
+
-+ // *saddr = nsa->baddr;
-+ // inet->inet_saddr = nsa->baddr;
-+}
++#endif /* _VSERVER_INODE_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/limit.h linux-4.9/include/linux/vserver/limit.h
+--- linux-4.9/include/linux/vserver/limit.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/limit.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,67 @@
++#ifndef _VSERVER_LIMIT_H
++#define _VSERVER_LIMIT_H
+
-+static inline
-+int nx_info_has_v6(struct nx_info *nxi)
-+{
-+ if (!nxi)
-+ return 1;
-+ if (NX_IPV6(nxi))
-+ return 1;
-+ return 0;
-+}
++#include <uapi/vserver/limit.h>
+
-+#else /* CONFIG_IPV6 */
+
-+static inline
-+int nx_v6_dev_visible(struct nx_info *n, struct net_device *d)
-+{
-+ return 1;
-+}
++#define VLIM_NOCHECK ((1L << VLIMIT_DENTRY) | (1L << RLIMIT_RSS))
+
++/* keep in sync with CRLIM_INFINITY */
+
-+static inline
-+int nx_v6_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
-+{
-+ return 1;
-+}
++#define VLIM_INFINITY (~0ULL)
+
-+static inline
-+int v6_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
-+{
-+ return 1;
-+}
++#include <asm/atomic.h>
++#include <asm/resource.h>
+
-+static inline
-+int nx_info_has_v6(struct nx_info *nxi)
-+{
-+ return 0;
-+}
++#ifndef RLIM_INFINITY
++#warning RLIM_INFINITY is undefined
++#endif
+
-+static inline
-+int v6_addr_in_nx_info(struct nx_info *nxi,
-+ const struct in6_addr *addr, uint16_t mask)
-+{
-+ return 0;
-+}
++#define __rlim_val(l, r, v) ((l)->res[r].v)
+
-+#endif /* CONFIG_IPV6 */
++#define __rlim_soft(l, r) __rlim_val(l, r, soft)
++#define __rlim_hard(l, r) __rlim_val(l, r, hard)
+
-+#define current_nx_info_has_v6() \
-+ nx_info_has_v6(current_nx_info())
++#define __rlim_rcur(l, r) __rlim_val(l, r, rcur)
++#define __rlim_rmin(l, r) __rlim_val(l, r, rmin)
++#define __rlim_rmax(l, r) __rlim_val(l, r, rmax)
++
++#define __rlim_lhit(l, r) __rlim_val(l, r, lhit)
++#define __rlim_hit(l, r) atomic_inc(&__rlim_lhit(l, r))
++
++typedef atomic_long_t rlim_atomic_t;
++typedef unsigned long rlim_t;
+
++#define __rlim_get(l, r) atomic_long_read(&__rlim_rcur(l, r))
++#define __rlim_set(l, r, v) atomic_long_set(&__rlim_rcur(l, r), v)
++#define __rlim_inc(l, r) atomic_long_inc(&__rlim_rcur(l, r))
++#define __rlim_dec(l, r) atomic_long_dec(&__rlim_rcur(l, r))
++#define __rlim_add(l, r, v) atomic_long_add(v, &__rlim_rcur(l, r))
++#define __rlim_sub(l, r, v) atomic_long_sub(v, &__rlim_rcur(l, r))
++
++
++#if (RLIM_INFINITY == VLIM_INFINITY)
++#define VX_VLIM(r) ((long long)(long)(r))
++#define VX_RLIM(v) ((rlim_t)(v))
+#else
-+#warning duplicate inclusion
++#define VX_VLIM(r) (((r) == RLIM_INFINITY) \
++ ? VLIM_INFINITY : (long long)(r))
++#define VX_RLIM(v) (((v) == VLIM_INFINITY) \
++ ? RLIM_INFINITY : (rlim_t)(v))
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_inet.h linux-4.9.207-vs2.3.9.11/include/linux/vs_inet.h
---- linux-4.9.207/include/linux/vs_inet.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_inet.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,364 @@
-+#ifndef _VS_INET_H
-+#define _VS_INET_H
+
-+#include "vserver/base.h"
-+#include "vserver/network.h"
-+#include "vserver/debug.h"
++struct sysinfo;
+
-+#define IPI_LOOPBACK htonl(INADDR_LOOPBACK)
++#ifdef CONFIG_MEMCG
++void vx_vsi_meminfo(struct sysinfo *);
++void vx_vsi_swapinfo(struct sysinfo *);
++long vx_vsi_cached(struct sysinfo *);
++#else /* !CONFIG_MEMCG */
++#define vx_vsi_meminfo(s) do { } while (0)
++#define vx_vsi_swapinfo(s) do { } while (0)
++#define vx_vsi_cached(s) (0L)
++#endif /* !CONFIG_MEMCG */
+
-+#define NXAV4(a) NIPQUAD((a)->ip[0]), NIPQUAD((a)->ip[1]), \
-+ NIPQUAD((a)->mask), (a)->type
-+#define NXAV4_FMT "[" NIPQUAD_FMT "-" NIPQUAD_FMT "/" NIPQUAD_FMT ":%04x]"
++#define NUM_LIMITS 24
+
-+#define NIPQUAD(addr) \
-+ ((unsigned char *)&addr)[0], \
-+ ((unsigned char *)&addr)[1], \
-+ ((unsigned char *)&addr)[2], \
-+ ((unsigned char *)&addr)[3]
++#endif /* _VSERVER_LIMIT_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/limit_cmd.h linux-4.9/include/linux/vserver/limit_cmd.h
+--- linux-4.9/include/linux/vserver/limit_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/limit_cmd.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,35 @@
++#ifndef _VSERVER_LIMIT_CMD_H
++#define _VSERVER_LIMIT_CMD_H
+
-+#define NIPQUAD_FMT "%u.%u.%u.%u"
++#include <uapi/vserver/limit_cmd.h>
+
+
-+static inline
-+int v4_addr_match(struct nx_addr_v4 *nxa, __be32 addr, uint16_t tmask)
-+{
-+ __be32 ip = nxa->ip[0].s_addr;
-+ __be32 mask = nxa->mask.s_addr;
-+ __be32 bcast = ip | ~mask;
-+ int ret = 0;
++#ifdef CONFIG_IA32_EMULATION
+
-+ switch (nxa->type & tmask) {
-+ case NXA_TYPE_MASK:
-+ ret = (ip == (addr & mask));
-+ break;
-+ case NXA_TYPE_ADDR:
-+ ret = 3;
-+ if (addr == ip)
-+ break;
-+ /* fall through to broadcast */
-+ case NXA_MOD_BCAST:
-+ ret = ((tmask & NXA_MOD_BCAST) && (addr == bcast));
-+ break;
-+ case NXA_TYPE_RANGE:
-+ ret = ((nxa->ip[0].s_addr <= addr) &&
-+ (nxa->ip[1].s_addr > addr));
-+ break;
-+ case NXA_TYPE_ANY:
-+ ret = 2;
-+ break;
-+ }
++struct vcmd_ctx_rlimit_v0_x32 {
++ uint32_t id;
++ uint64_t minimum;
++ uint64_t softlimit;
++ uint64_t maximum;
++} __attribute__ ((packed));
+
-+ vxdprintk(VXD_CBIT(net, 0),
-+ "v4_addr_match(%p" NXAV4_FMT "," NIPQUAD_FMT ",%04x) = %d",
-+ nxa, NXAV4(nxa), NIPQUAD(addr), tmask, ret);
-+ return ret;
-+}
++#endif /* CONFIG_IA32_EMULATION */
+
-+static inline
-+int v4_addr_in_nx_info(struct nx_info *nxi, __be32 addr, uint16_t tmask)
-+{
-+ struct nx_addr_v4 *nxa;
-+ unsigned long irqflags;
-+ int ret = 1;
++#include <linux/compiler.h>
+
-+ if (!nxi)
-+ goto out;
++extern int vc_get_rlimit_mask(uint32_t, void __user *);
++extern int vc_get_rlimit(struct vx_info *, void __user *);
++extern int vc_set_rlimit(struct vx_info *, void __user *);
++extern int vc_reset_hits(struct vx_info *, void __user *);
++extern int vc_reset_minmax(struct vx_info *, void __user *);
+
-+ ret = 2;
-+ /* allow 127.0.0.1 when remapping lback */
-+ if ((tmask & NXA_LOOPBACK) &&
-+ (addr == IPI_LOOPBACK) &&
-+ nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
-+ goto out;
-+ ret = 3;
-+ /* check for lback address */
-+ if ((tmask & NXA_MOD_LBACK) &&
-+ (nxi->v4_lback.s_addr == addr))
-+ goto out;
-+ ret = 4;
-+ /* check for broadcast address */
-+ if ((tmask & NXA_MOD_BCAST) &&
-+ (nxi->v4_bcast.s_addr == addr))
-+ goto out;
-+ ret = 5;
++extern int vc_rlimit_stat(struct vx_info *, void __user *);
+
-+ /* check for v4 addresses */
-+ spin_lock_irqsave(&nxi->addr_lock, irqflags);
-+ for (nxa = &nxi->v4; nxa; nxa = nxa->next)
-+ if (v4_addr_match(nxa, addr, tmask))
-+ goto out_unlock;
-+ ret = 0;
-+out_unlock:
-+ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
-+out:
-+ vxdprintk(VXD_CBIT(net, 0),
-+ "v4_addr_in_nx_info(%p[#%u]," NIPQUAD_FMT ",%04x) = %d",
-+ nxi, nxi ? nxi->nx_id : 0, NIPQUAD(addr), tmask, ret);
-+ return ret;
-+}
++#ifdef CONFIG_IA32_EMULATION
+
-+static inline
-+int v4_nx_addr_match(struct nx_addr_v4 *nxa, struct nx_addr_v4 *addr, uint16_t mask)
-+{
-+ /* FIXME: needs full range checks */
-+ return v4_addr_match(nxa, addr->ip[0].s_addr, mask);
-+}
++extern int vc_get_rlimit_x32(struct vx_info *, void __user *);
++extern int vc_set_rlimit_x32(struct vx_info *, void __user *);
+
-+static inline
-+int v4_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v4 *nxa, uint16_t mask)
-+{
-+ struct nx_addr_v4 *ptr;
-+ unsigned long irqflags;
-+ int ret = 1;
++#endif /* CONFIG_IA32_EMULATION */
+
-+ spin_lock_irqsave(&nxi->addr_lock, irqflags);
-+ for (ptr = &nxi->v4; ptr; ptr = ptr->next)
-+ if (v4_nx_addr_match(ptr, nxa, mask))
-+ goto out_unlock;
-+ ret = 0;
-+out_unlock:
-+ spin_unlock_irqrestore(&nxi->addr_lock, irqflags);
-+ return ret;
-+}
++#endif /* _VSERVER_LIMIT_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/limit_def.h linux-4.9/include/linux/vserver/limit_def.h
+--- linux-4.9/include/linux/vserver/limit_def.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/limit_def.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,47 @@
++#ifndef _VSERVER_LIMIT_DEF_H
++#define _VSERVER_LIMIT_DEF_H
+
-+#include <net/inet_sock.h>
++#include <asm/atomic.h>
++#include <asm/resource.h>
+
-+/*
-+ * Check if a given address matches for a socket
-+ *
-+ * nxi: the socket's nx_info if any
-+ * addr: to be verified address
-+ */
-+static inline
-+int v4_sock_addr_match (
-+ struct nx_info *nxi,
-+ struct inet_sock *inet,
-+ __be32 addr)
++#include "limit.h"
++
++
++struct _vx_res_limit {
++ rlim_t soft; /* Context soft limit */
++ rlim_t hard; /* Context hard limit */
++
++ rlim_atomic_t rcur; /* Current value */
++ rlim_t rmin; /* Context minimum */
++ rlim_t rmax; /* Context maximum */
++
++ atomic_t lhit; /* Limit hits */
++};
++
++/* context sub struct */
++
++struct _vx_limit {
++ struct _vx_res_limit res[NUM_LIMITS];
++};
++
++#ifdef CONFIG_VSERVER_DEBUG
++
++static inline void __dump_vx_limit(struct _vx_limit *limit)
+{
-+ __be32 saddr = inet->inet_rcv_saddr;
-+ __be32 bcast = nxi ? nxi->v4_bcast.s_addr : INADDR_BROADCAST;
++ int i;
+
-+ if (addr && (saddr == addr || bcast == addr))
-+ return 1;
-+ if (!saddr)
-+ return v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND);
-+ return 0;
++ printk("\t_vx_limit:");
++ for (i = 0; i < NUM_LIMITS; i++) {
++ printk("\t [%2d] = %8lu %8lu/%8lu, %8ld/%8ld, %8d\n",
++ i, (unsigned long)__rlim_get(limit, i),
++ (unsigned long)__rlim_rmin(limit, i),
++ (unsigned long)__rlim_rmax(limit, i),
++ (long)__rlim_soft(limit, i),
++ (long)__rlim_hard(limit, i),
++ atomic_read(&__rlim_lhit(limit, i)));
++ }
+}
+
++#endif
+
-+/* inet related checks and helpers */
-+
++#endif /* _VSERVER_LIMIT_DEF_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/limit_int.h linux-4.9/include/linux/vserver/limit_int.h
+--- linux-4.9/include/linux/vserver/limit_int.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/limit_int.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,193 @@
++#ifndef _VSERVER_LIMIT_INT_H
++#define _VSERVER_LIMIT_INT_H
+
-+struct in_ifaddr;
-+struct net_device;
-+struct sock;
++#define VXD_RCRES_COND(r) VXD_CBIT(cres, r)
++#define VXD_RLIMIT_COND(r) VXD_CBIT(limit, r)
+
-+#ifdef CONFIG_INET
++extern const char *vlimit_name[NUM_LIMITS];
+
-+#include <linux/netdevice.h>
-+#include <linux/inetdevice.h>
-+#include <net/inet_sock.h>
-+#include <net/inet_timewait_sock.h>
++static inline void __vx_acc_cres(struct vx_info *vxi,
++ int res, int dir, void *_data, char *_file, int _line)
++{
++ if (VXD_RCRES_COND(res))
++ vxlprintk(1, "vx_acc_cres[%5d,%s,%2d]: %5ld%s (%p)",
++ (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
++ (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
++ (dir > 0) ? "++" : "--", _data, _file, _line);
++ if (!vxi)
++ return;
+
++ if (dir > 0)
++ __rlim_inc(&vxi->limit, res);
++ else
++ __rlim_dec(&vxi->limit, res);
++}
+
-+int dev_in_nx_info(struct net_device *, struct nx_info *);
-+int v4_dev_in_nx_info(struct net_device *, struct nx_info *);
-+int nx_v4_addr_conflict(struct nx_info *, struct nx_info *);
++static inline void __vx_add_cres(struct vx_info *vxi,
++ int res, int amount, void *_data, char *_file, int _line)
++{
++ if (VXD_RCRES_COND(res))
++ vxlprintk(1, "vx_add_cres[%5d,%s,%2d]: %5ld += %5d (%p)",
++ (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
++ (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
++ amount, _data, _file, _line);
++ if (amount == 0)
++ return;
++ if (!vxi)
++ return;
++ __rlim_add(&vxi->limit, res, amount);
++}
+
++static inline
++int __vx_cres_adjust_max(struct _vx_limit *limit, int res, rlim_t value)
++{
++ int cond = (value > __rlim_rmax(limit, res));
+
-+/*
-+ * check if address is covered by socket
-+ *
-+ * sk: the socket to check against
-+ * addr: the address in question (must be != 0)
-+ */
++ if (cond)
++ __rlim_rmax(limit, res) = value;
++ return cond;
++}
+
+static inline
-+int __v4_addr_match_socket(const struct sock *sk, struct nx_addr_v4 *nxa)
++int __vx_cres_adjust_min(struct _vx_limit *limit, int res, rlim_t value)
+{
-+ struct nx_info *nxi = sk->sk_nx_info;
-+ __be32 saddr = sk->sk_rcv_saddr;
++ int cond = (value < __rlim_rmin(limit, res));
+
-+ vxdprintk(VXD_CBIT(net, 5),
-+ "__v4_addr_in_socket(%p," NXAV4_FMT ") %p:" NIPQUAD_FMT " %p;%lx",
-+ sk, NXAV4(nxa), nxi, NIPQUAD(saddr), sk->sk_socket,
-+ (sk->sk_socket?sk->sk_socket->flags:0));
++ if (cond)
++ __rlim_rmin(limit, res) = value;
++ return cond;
++}
+
-+ if (saddr) { /* direct address match */
-+ return v4_addr_match(nxa, saddr, -1);
-+ } else if (nxi) { /* match against nx_info */
-+ return v4_nx_addr_in_nx_info(nxi, nxa, -1);
-+ } else { /* unrestricted any socket */
-+ return 1;
-+ }
++static inline
++void __vx_cres_fixup(struct _vx_limit *limit, int res, rlim_t value)
++{
++ if (!__vx_cres_adjust_max(limit, res, value))
++ __vx_cres_adjust_min(limit, res, value);
+}
+
+
++/* return values:
++ +1 ... no limit hit
++ -1 ... over soft limit
++ 0 ... over hard limit */
+
-+static inline
-+int nx_dev_visible(struct nx_info *nxi, struct net_device *dev)
++static inline int __vx_cres_avail(struct vx_info *vxi,
++ int res, int num, char *_file, int _line)
+{
-+ vxdprintk(VXD_CBIT(net, 1),
-+ "nx_dev_visible(%p[#%u],%p " VS_Q("%s") ") %d",
-+ nxi, nxi ? nxi->nx_id : 0, dev, dev->name,
-+ nxi ? dev_in_nx_info(dev, nxi) : 0);
++ struct _vx_limit *limit;
++ rlim_t value;
+
-+ if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
-+ return 1;
-+ if (dev_in_nx_info(dev, nxi))
++ if (VXD_RLIMIT_COND(res))
++ vxlprintk(1, "vx_cres_avail[%5d,%s,%2d]: %5ld/%5ld > %5ld + %5d",
++ (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
++ (vxi ? (long)__rlim_soft(&vxi->limit, res) : -1),
++ (vxi ? (long)__rlim_hard(&vxi->limit, res) : -1),
++ (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
++ num, _file, _line);
++ if (!vxi)
+ return 1;
-+ return 0;
-+}
+
++ limit = &vxi->limit;
++ value = __rlim_get(limit, res);
++
++ if (!__vx_cres_adjust_max(limit, res, value))
++ __vx_cres_adjust_min(limit, res, value);
+
-+static inline
-+int v4_ifa_in_nx_info(struct in_ifaddr *ifa, struct nx_info *nxi)
-+{
-+ if (!nxi)
++ if (num == 0)
+ return 1;
-+ if (!ifa)
-+ return 0;
-+ return v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW);
-+}
+
-+static inline
-+int nx_v4_ifa_visible(struct nx_info *nxi, struct in_ifaddr *ifa)
-+{
-+ vxdprintk(VXD_CBIT(net, 1), "nx_v4_ifa_visible(%p[#%u],%p) %d",
-+ nxi, nxi ? nxi->nx_id : 0, ifa,
-+ nxi ? v4_ifa_in_nx_info(ifa, nxi) : 0);
++ if (__rlim_soft(limit, res) == RLIM_INFINITY)
++ return -1;
++ if (value + num <= __rlim_soft(limit, res))
++ return -1;
+
-+ if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
++ if (__rlim_hard(limit, res) == RLIM_INFINITY)
+ return 1;
-+ if (v4_ifa_in_nx_info(ifa, nxi))
++ if (value + num <= __rlim_hard(limit, res))
+ return 1;
++
++ __rlim_hit(limit, res);
+ return 0;
+}
+
+
-+struct nx_v4_sock_addr {
-+ __be32 saddr; /* Address used for validation */
-+ __be32 baddr; /* Address used for socket bind */
-+};
++static const int VLA_RSS[] = { RLIMIT_RSS, VLIMIT_ANON, VLIMIT_MAPPED, 0 };
+
+static inline
-+int v4_map_sock_addr(struct inet_sock *inet, struct sockaddr_in *addr,
-+ struct nx_v4_sock_addr *nsa)
++rlim_t __vx_cres_array_sum(struct _vx_limit *limit, const int *array)
+{
-+ struct sock *sk = &inet->sk;
-+ struct nx_info *nxi = sk->sk_nx_info;
-+ __be32 saddr = addr->sin_addr.s_addr;
-+ __be32 baddr = saddr;
-+
-+ vxdprintk(VXD_CBIT(net, 3),
-+ "inet_bind(%p)* %p,%p;%lx " NIPQUAD_FMT,
-+ sk, sk->sk_nx_info, sk->sk_socket,
-+ (sk->sk_socket ? sk->sk_socket->flags : 0),
-+ NIPQUAD(saddr));
++ rlim_t value, sum = 0;
++ int res;
+
-+ if (nxi) {
-+ if (saddr == INADDR_ANY) {
-+ if (nx_info_flags(nxi, NXF_SINGLE_IP, 0))
-+ baddr = nxi->v4.ip[0].s_addr;
-+ } else if (saddr == IPI_LOOPBACK) {
-+ if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
-+ baddr = nxi->v4_lback.s_addr;
-+ } else if (!ipv4_is_multicast(saddr) ||
-+ !nx_info_ncaps(nxi, NXC_MULTICAST)) {
-+ /* normal address bind */
-+ if (!v4_addr_in_nx_info(nxi, saddr, NXA_MASK_BIND))
-+ return -EADDRNOTAVAIL;
-+ }
++ while ((res = *array++)) {
++ value = __rlim_get(limit, res);
++ __vx_cres_fixup(limit, res, value);
++ sum += value;
+ }
-+
-+ vxdprintk(VXD_CBIT(net, 3),
-+ "inet_bind(%p) " NIPQUAD_FMT ", " NIPQUAD_FMT,
-+ sk, NIPQUAD(saddr), NIPQUAD(baddr));
-+
-+ nsa->saddr = saddr;
-+ nsa->baddr = baddr;
-+ return 0;
++ return sum;
+}
+
+static inline
-+void v4_set_sock_addr(struct inet_sock *inet, struct nx_v4_sock_addr *nsa)
++rlim_t __vx_cres_array_fixup(struct _vx_limit *limit, const int *array)
+{
-+ inet->inet_saddr = nsa->baddr;
-+ inet->inet_rcv_saddr = nsa->baddr;
-+}
++ rlim_t value = __vx_cres_array_sum(limit, array + 1);
++ int res = *array;
+
++ if (value == __rlim_get(limit, res))
++ return value;
+
-+/*
-+ * helper to simplify inet_lookup_listener
-+ *
-+ * nxi: the socket's nx_info if any
-+ * addr: to be verified address
-+ * saddr: socket address
-+ */
-+static inline int v4_inet_addr_match (
-+ struct nx_info *nxi,
-+ __be32 addr,
-+ __be32 saddr)
-+{
-+ if (addr && (saddr == addr))
-+ return 1;
-+ if (!saddr)
-+ return nxi ? v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND) : 1;
-+ return 0;
-+}
++ __rlim_set(limit, res, value);
++ /* now adjust min/max */
++ if (!__vx_cres_adjust_max(limit, res, value))
++ __vx_cres_adjust_min(limit, res, value);
+
-+static inline __be32 nx_map_sock_lback(struct nx_info *nxi, __be32 addr)
-+{
-+ if (nx_info_flags(nxi, NXF_HIDE_LBACK, 0) &&
-+ (addr == nxi->v4_lback.s_addr))
-+ return IPI_LOOPBACK;
-+ return addr;
++ return value;
+}
+
-+static inline
-+int nx_info_has_v4(struct nx_info *nxi)
++static inline int __vx_cres_array_avail(struct vx_info *vxi,
++ const int *array, int num, char *_file, int _line)
+{
-+ if (!nxi)
-+ return 1;
-+ if (NX_IPV4(nxi))
++ struct _vx_limit *limit;
++ rlim_t value = 0;
++ int res;
++
++ if (num == 0)
+ return 1;
-+ if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
++ if (!vxi)
+ return 1;
-+ return 0;
-+}
+
-+#else /* CONFIG_INET */
++ limit = &vxi->limit;
++ res = *array;
++ value = __vx_cres_array_sum(limit, array + 1);
+
-+static inline
-+int nx_dev_visible(struct nx_info *n, struct net_device *d)
-+{
-+ return 1;
-+}
++ __rlim_set(limit, res, value);
++ __vx_cres_fixup(limit, res, value);
+
-+static inline
-+int nx_v4_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
-+{
-+ return 1;
++ return __vx_cres_avail(vxi, res, num, _file, _line);
+}
+
-+static inline
-+int v4_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
-+{
-+ return 1;
-+}
+
-+static inline
-+int nx_info_has_v4(struct nx_info *nxi)
++static inline void vx_limit_fixup(struct _vx_limit *limit, int id)
+{
-+ return 0;
++ rlim_t value;
++ int res;
++
++ /* complex resources first */
++ if ((id < 0) || (id == RLIMIT_RSS))
++ __vx_cres_array_fixup(limit, VLA_RSS);
++
++ for (res = 0; res < NUM_LIMITS; res++) {
++ if ((id > 0) && (res != id))
++ continue;
++
++ value = __rlim_get(limit, res);
++ __vx_cres_fixup(limit, res, value);
++
++ /* not supposed to happen, maybe warn? */
++ if (__rlim_rmax(limit, res) > __rlim_hard(limit, res))
++ __rlim_rmax(limit, res) = __rlim_hard(limit, res);
++ }
+}
+
-+#endif /* CONFIG_INET */
+
-+#define current_nx_info_has_v4() \
-+ nx_info_has_v4(current_nx_info())
++#endif /* _VSERVER_LIMIT_INT_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/monitor.h linux-4.9/include/linux/vserver/monitor.h
+--- linux-4.9/include/linux/vserver/monitor.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/monitor.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,6 @@
++#ifndef _VSERVER_MONITOR_H
++#define _VSERVER_MONITOR_H
+
-+#else
-+// #warning duplicate inclusion
-+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_limit.h linux-4.9.207-vs2.3.9.11/include/linux/vs_limit.h
---- linux-4.9.207/include/linux/vs_limit.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_limit.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,140 @@
-+#ifndef _VS_LIMIT_H
-+#define _VS_LIMIT_H
++#include <uapi/vserver/monitor.h>
+
-+#include "vserver/limit.h"
-+#include "vserver/base.h"
-+#include "vserver/context.h"
-+#include "vserver/debug.h"
-+#include "vserver/context.h"
-+#include "vserver/limit_int.h"
++#endif /* _VSERVER_MONITOR_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/network.h linux-4.9/include/linux/vserver/network.h
+--- linux-4.9/include/linux/vserver/network.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/network.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,76 @@
++#ifndef _VSERVER_NETWORK_H
++#define _VSERVER_NETWORK_H
+
+
-+#define vx_acc_cres(v, d, p, r) \
-+ __vx_acc_cres(v, r, d, p, __FILE__, __LINE__)
++#include <linux/list.h>
++#include <linux/spinlock.h>
++#include <linux/rcupdate.h>
++#include <linux/in.h>
++#include <linux/in6.h>
++#include <asm/atomic.h>
++#include <uapi/vserver/network.h>
+
-+#define vx_acc_cres_cond(x, d, p, r) \
-+ __vx_acc_cres(((x) == vx_current_xid()) ? current_vx_info() : 0, \
-+ r, d, p, __FILE__, __LINE__)
++struct nx_addr_v4 {
++ struct nx_addr_v4 *next;
++ struct in_addr ip[2];
++ struct in_addr mask;
++ uint16_t type;
++ uint16_t flags;
++};
+
++struct nx_addr_v6 {
++ struct nx_addr_v6 *next;
++ struct in6_addr ip;
++ struct in6_addr mask;
++ uint32_t prefix;
++ uint16_t type;
++ uint16_t flags;
++};
+
-+#define vx_add_cres(v, a, p, r) \
-+ __vx_add_cres(v, r, a, p, __FILE__, __LINE__)
-+#define vx_sub_cres(v, a, p, r) vx_add_cres(v, -(a), p, r)
++struct nx_info {
++ struct hlist_node nx_hlist; /* linked list of nxinfos */
++ vnid_t nx_id; /* vnet id */
++ atomic_t nx_usecnt; /* usage count */
++ atomic_t nx_tasks; /* tasks count */
++ int nx_state; /* context state */
+
-+#define vx_add_cres_cond(x, a, p, r) \
-+ __vx_add_cres(((x) == vx_current_xid()) ? current_vx_info() : 0, \
-+ r, a, p, __FILE__, __LINE__)
-+#define vx_sub_cres_cond(x, a, p, r) vx_add_cres_cond(x, -(a), p, r)
++ uint64_t nx_flags; /* network flag word */
++ uint64_t nx_ncaps; /* network capabilities */
+
++ spinlock_t addr_lock; /* protect address changes */
++ struct in_addr v4_lback; /* Loopback address */
++ struct in_addr v4_bcast; /* Broadcast address */
++ struct nx_addr_v4 v4; /* First/Single ipv4 address */
++#ifdef CONFIG_IPV6
++ struct nx_addr_v6 v6; /* First/Single ipv6 address */
++#endif
++ char nx_name[65]; /* network context name */
++};
+
-+/* process and file limits */
+
-+#define vx_nproc_inc(p) \
-+ vx_acc_cres((p)->vx_info, 1, p, RLIMIT_NPROC)
++/* status flags */
+
-+#define vx_nproc_dec(p) \
-+ vx_acc_cres((p)->vx_info,-1, p, RLIMIT_NPROC)
++#define NXS_HASHED 0x0001
++#define NXS_SHUTDOWN 0x0100
++#define NXS_RELEASED 0x8000
+
-+#define vx_files_inc(f) \
-+ vx_acc_cres_cond((f)->f_xid, 1, f, RLIMIT_NOFILE)
++extern struct nx_info *lookup_nx_info(int);
+
-+#define vx_files_dec(f) \
-+ vx_acc_cres_cond((f)->f_xid,-1, f, RLIMIT_NOFILE)
++extern int get_nid_list(int, unsigned int *, int);
++extern int nid_is_hashed(vnid_t);
+
-+#define vx_locks_inc(l) \
-+ vx_acc_cres_cond((l)->fl_xid, 1, l, RLIMIT_LOCKS)
++extern int nx_migrate_task(struct task_struct *, struct nx_info *);
+
-+#define vx_locks_dec(l) \
-+ vx_acc_cres_cond((l)->fl_xid,-1, l, RLIMIT_LOCKS)
++extern long vs_net_change(struct nx_info *, unsigned int);
+
-+#define vx_openfd_inc(f) \
-+ vx_acc_cres(current_vx_info(), 1, (void *)(long)(f), VLIMIT_OPENFD)
++struct sock;
+
-+#define vx_openfd_dec(f) \
-+ vx_acc_cres(current_vx_info(),-1, (void *)(long)(f), VLIMIT_OPENFD)
+
++#define NX_IPV4(n) ((n)->v4.type != NXA_TYPE_NONE)
++#ifdef CONFIG_IPV6
++#define NX_IPV6(n) ((n)->v6.type != NXA_TYPE_NONE)
++#else
++#define NX_IPV6(n) (0)
++#endif
+
-+#define vx_cres_avail(v, n, r) \
-+ __vx_cres_avail(v, r, n, __FILE__, __LINE__)
++#endif /* _VSERVER_NETWORK_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/network_cmd.h linux-4.9/include/linux/vserver/network_cmd.h
+--- linux-4.9/include/linux/vserver/network_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/network_cmd.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,37 @@
++#ifndef _VSERVER_NETWORK_CMD_H
++#define _VSERVER_NETWORK_CMD_H
+
++#include <uapi/vserver/network_cmd.h>
+
-+#define vx_nproc_avail(n) \
-+ vx_cres_avail(current_vx_info(), n, RLIMIT_NPROC)
++extern int vc_task_nid(uint32_t);
+
-+#define vx_files_avail(n) \
-+ vx_cres_avail(current_vx_info(), n, RLIMIT_NOFILE)
++extern int vc_nx_info(struct nx_info *, void __user *);
+
-+#define vx_locks_avail(n) \
-+ vx_cres_avail(current_vx_info(), n, RLIMIT_LOCKS)
++extern int vc_net_create(uint32_t, void __user *);
++extern int vc_net_migrate(struct nx_info *, void __user *);
+
-+#define vx_openfd_avail(n) \
-+ vx_cres_avail(current_vx_info(), n, VLIMIT_OPENFD)
++extern int vc_net_add(struct nx_info *, void __user *);
++extern int vc_net_remove(struct nx_info *, void __user *);
+
++extern int vc_net_add_ipv4_v1(struct nx_info *, void __user *);
++extern int vc_net_add_ipv4(struct nx_info *, void __user *);
+
-+/* dentry limits */
++extern int vc_net_rem_ipv4_v1(struct nx_info *, void __user *);
++extern int vc_net_rem_ipv4(struct nx_info *, void __user *);
+
-+#define vx_dentry_inc(d) do { \
-+ if (d_count(d) == 1) \
-+ vx_acc_cres(current_vx_info(), 1, d, VLIMIT_DENTRY); \
-+ } while (0)
++extern int vc_net_add_ipv6(struct nx_info *, void __user *);
++extern int vc_net_remove_ipv6(struct nx_info *, void __user *);
+
-+#define vx_dentry_dec(d) do { \
-+ if (d_count(d) == 0) \
-+ vx_acc_cres(current_vx_info(),-1, d, VLIMIT_DENTRY); \
-+ } while (0)
++extern int vc_add_match_ipv4(struct nx_info *, void __user *);
++extern int vc_get_match_ipv4(struct nx_info *, void __user *);
+
-+#define vx_dentry_avail(n) \
-+ vx_cres_avail(current_vx_info(), n, VLIMIT_DENTRY)
++extern int vc_add_match_ipv6(struct nx_info *, void __user *);
++extern int vc_get_match_ipv6(struct nx_info *, void __user *);
+
++extern int vc_get_nflags(struct nx_info *, void __user *);
++extern int vc_set_nflags(struct nx_info *, void __user *);
+
-+/* socket limits */
++extern int vc_get_ncaps(struct nx_info *, void __user *);
++extern int vc_set_ncaps(struct nx_info *, void __user *);
+
-+#define vx_sock_inc(s) \
-+ vx_acc_cres((s)->sk_vx_info, 1, s, VLIMIT_NSOCK)
++#endif /* _VSERVER_CONTEXT_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/percpu.h linux-4.9/include/linux/vserver/percpu.h
+--- linux-4.9/include/linux/vserver/percpu.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/percpu.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,14 @@
++#ifndef _VSERVER_PERCPU_H
++#define _VSERVER_PERCPU_H
+
-+#define vx_sock_dec(s) \
-+ vx_acc_cres((s)->sk_vx_info,-1, s, VLIMIT_NSOCK)
++#include "cvirt_def.h"
++#include "sched_def.h"
+
-+#define vx_sock_avail(n) \
-+ vx_cres_avail(current_vx_info(), n, VLIMIT_NSOCK)
++struct _vx_percpu {
++ struct _vx_cvirt_pc cvirt;
++ struct _vx_sched_pc sched;
++};
++
++#define PERCPU_PERCTX (sizeof(struct _vx_percpu))
+
++#endif /* _VSERVER_PERCPU_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/pid.h linux-4.9/include/linux/vserver/pid.h
+--- linux-4.9/include/linux/vserver/pid.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/pid.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,51 @@
++#ifndef _VSERVER_PID_H
++#define _VSERVER_PID_H
+
-+/* ipc resource limits */
++/* pid faking stuff */
+
-+#define vx_ipcmsg_add(v, u, a) \
-+ vx_add_cres(v, a, u, RLIMIT_MSGQUEUE)
++#define vx_info_map_pid(v, p) \
++ __vx_info_map_pid((v), (p), __func__, __FILE__, __LINE__)
++#define vx_info_map_tgid(v,p) vx_info_map_pid(v,p)
++#define vx_map_pid(p) vx_info_map_pid(current_vx_info(), p)
++#define vx_map_tgid(p) vx_map_pid(p)
+
-+#define vx_ipcmsg_sub(v, u, a) \
-+ vx_sub_cres(v, a, u, RLIMIT_MSGQUEUE)
++static inline int __vx_info_map_pid(struct vx_info *vxi, int pid,
++ const char *func, const char *file, int line)
++{
++ if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
++ vxfprintk(VXD_CBIT(cvirt, 2),
++ "vx_map_tgid: %p/%llx: %d -> %d",
++ vxi, (long long)vxi->vx_flags, pid,
++ (pid && pid == vxi->vx_initpid) ? 1 : pid,
++ func, file, line);
++ if (pid == 0)
++ return 0;
++ if (pid == vxi->vx_initpid)
++ return 1;
++ }
++ return pid;
++}
+
-+#define vx_ipcmsg_avail(v, a) \
-+ vx_cres_avail(v, a, RLIMIT_MSGQUEUE)
++#define vx_info_rmap_pid(v, p) \
++ __vx_info_rmap_pid((v), (p), __func__, __FILE__, __LINE__)
++#define vx_rmap_pid(p) vx_info_rmap_pid(current_vx_info(), p)
++#define vx_rmap_tgid(p) vx_rmap_pid(p)
+
++static inline int __vx_info_rmap_pid(struct vx_info *vxi, int pid,
++ const char *func, const char *file, int line)
++{
++ if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
++ vxfprintk(VXD_CBIT(cvirt, 2),
++ "vx_rmap_tgid: %p/%llx: %d -> %d",
++ vxi, (long long)vxi->vx_flags, pid,
++ (pid == 1) ? vxi->vx_initpid : pid,
++ func, file, line);
++ if ((pid == 1) && vxi->vx_initpid)
++ return vxi->vx_initpid;
++ if (pid == vxi->vx_initpid)
++ return ~0U;
++ }
++ return pid;
++}
+
-+#define vx_ipcshm_add(v, k, a) \
-+ vx_add_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
++#endif
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/sched.h linux-4.9/include/linux/vserver/sched.h
+--- linux-4.9/include/linux/vserver/sched.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/sched.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,23 @@
++#ifndef _VSERVER_SCHED_H
++#define _VSERVER_SCHED_H
+
-+#define vx_ipcshm_sub(v, k, a) \
-+ vx_sub_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
+
-+#define vx_ipcshm_avail(v, a) \
-+ vx_cres_avail(v, a, VLIMIT_SHMEM)
++#ifdef __KERNEL__
+
++struct timespec;
+
-+#define vx_semary_inc(a) \
-+ vx_acc_cres(current_vx_info(), 1, a, VLIMIT_SEMARY)
++void vx_vsi_uptime(struct timespec *, struct timespec *);
+
-+#define vx_semary_dec(a) \
-+ vx_acc_cres(current_vx_info(), -1, a, VLIMIT_SEMARY)
+
++struct vx_info;
+
-+#define vx_nsems_add(a,n) \
-+ vx_add_cres(current_vx_info(), n, a, VLIMIT_NSEMS)
++void vx_update_load(struct vx_info *);
+
-+#define vx_nsems_sub(a,n) \
-+ vx_sub_cres(current_vx_info(), n, a, VLIMIT_NSEMS)
+
++void vx_update_sched_param(struct _vx_sched *sched,
++ struct _vx_sched_pc *sched_pc);
+
-+#else
++#endif /* __KERNEL__ */
++#else /* _VSERVER_SCHED_H */
+#warning duplicate inclusion
-+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_network.h linux-4.9.207-vs2.3.9.11/include/linux/vs_network.h
---- linux-4.9.207/include/linux/vs_network.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_network.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,169 @@
-+#ifndef _NX_VS_NETWORK_H
-+#define _NX_VS_NETWORK_H
-+
-+#include "vserver/context.h"
-+#include "vserver/network.h"
-+#include "vserver/base.h"
-+#include "vserver/check.h"
-+#include "vserver/debug.h"
-+
-+#include <linux/sched.h>
++#endif /* _VSERVER_SCHED_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/sched_cmd.h linux-4.9/include/linux/vserver/sched_cmd.h
+--- linux-4.9/include/linux/vserver/sched_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/sched_cmd.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,11 @@
++#ifndef _VSERVER_SCHED_CMD_H
++#define _VSERVER_SCHED_CMD_H
+
+
-+#define get_nx_info(i) __get_nx_info(i, __FILE__, __LINE__)
++#include <linux/compiler.h>
++#include <uapi/vserver/sched_cmd.h>
+
-+static inline struct nx_info *__get_nx_info(struct nx_info *nxi,
-+ const char *_file, int _line)
-+{
-+ if (!nxi)
-+ return NULL;
++extern int vc_set_prio_bias(struct vx_info *, void __user *);
++extern int vc_get_prio_bias(struct vx_info *, void __user *);
+
-+ vxlprintk(VXD_CBIT(nid, 2), "get_nx_info(%p[#%d.%d])",
-+ nxi, nxi ? nxi->nx_id : 0,
-+ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
-+ _file, _line);
++#endif /* _VSERVER_SCHED_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/sched_def.h linux-4.9/include/linux/vserver/sched_def.h
+--- linux-4.9/include/linux/vserver/sched_def.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/sched_def.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,38 @@
++#ifndef _VSERVER_SCHED_DEF_H
++#define _VSERVER_SCHED_DEF_H
+
-+ atomic_inc(&nxi->nx_usecnt);
-+ return nxi;
-+}
++#include <linux/spinlock.h>
++#include <linux/jiffies.h>
++#include <linux/cpumask.h>
++#include <asm/atomic.h>
++#include <asm/param.h>
+
+
-+extern void free_nx_info(struct nx_info *);
++/* context sub struct */
+
-+#define put_nx_info(i) __put_nx_info(i, __FILE__, __LINE__)
++struct _vx_sched {
++ int prio_bias; /* bias offset for priority */
+
-+static inline void __put_nx_info(struct nx_info *nxi, const char *_file, int _line)
-+{
-+ if (!nxi)
-+ return;
++ cpumask_t update; /* CPUs which should update */
++};
+
-+ vxlprintk(VXD_CBIT(nid, 2), "put_nx_info(%p[#%d.%d])",
-+ nxi, nxi ? nxi->nx_id : 0,
-+ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
-+ _file, _line);
++struct _vx_sched_pc {
++ int prio_bias; /* bias offset for priority */
+
-+ if (atomic_dec_and_test(&nxi->nx_usecnt))
-+ free_nx_info(nxi);
-+}
++ uint64_t user_ticks; /* token tick events */
++ uint64_t sys_ticks; /* token tick events */
++ uint64_t hold_ticks; /* token ticks paused */
++};
+
+
-+#define init_nx_info(p, i) __init_nx_info(p, i, __FILE__, __LINE__)
++#ifdef CONFIG_VSERVER_DEBUG
+
-+static inline void __init_nx_info(struct nx_info **nxp, struct nx_info *nxi,
-+ const char *_file, int _line)
++static inline void __dump_vx_sched(struct _vx_sched *sched)
+{
-+ if (nxi) {
-+ vxlprintk(VXD_CBIT(nid, 3),
-+ "init_nx_info(%p[#%d.%d])",
-+ nxi, nxi ? nxi->nx_id : 0,
-+ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
-+ _file, _line);
-+
-+ atomic_inc(&nxi->nx_usecnt);
-+ }
-+ *nxp = nxi;
++ printk("\t_vx_sched:\n");
++ printk("\t priority = %4d\n", sched->prio_bias);
+}
+
++#endif
+
-+#define set_nx_info(p, i) __set_nx_info(p, i, __FILE__, __LINE__)
-+
-+static inline void __set_nx_info(struct nx_info **nxp, struct nx_info *nxi,
-+ const char *_file, int _line)
-+{
-+ struct nx_info *nxo;
-+
-+ if (!nxi)
-+ return;
++#endif /* _VSERVER_SCHED_DEF_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/signal.h linux-4.9/include/linux/vserver/signal.h
+--- linux-4.9/include/linux/vserver/signal.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/signal.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,14 @@
++#ifndef _VSERVER_SIGNAL_H
++#define _VSERVER_SIGNAL_H
+
-+ vxlprintk(VXD_CBIT(nid, 3), "set_nx_info(%p[#%d.%d])",
-+ nxi, nxi ? nxi->nx_id : 0,
-+ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
-+ _file, _line);
+
-+ atomic_inc(&nxi->nx_usecnt);
-+ nxo = xchg(nxp, nxi);
-+ BUG_ON(nxo);
-+}
++#ifdef __KERNEL__
+
-+#define clr_nx_info(p) __clr_nx_info(p, __FILE__, __LINE__)
++struct vx_info;
+
-+static inline void __clr_nx_info(struct nx_info **nxp,
-+ const char *_file, int _line)
-+{
-+ struct nx_info *nxo;
++int vx_info_kill(struct vx_info *, int, int);
+
-+ nxo = xchg(nxp, NULL);
-+ if (!nxo)
-+ return;
++#endif /* __KERNEL__ */
++#else /* _VSERVER_SIGNAL_H */
++#warning duplicate inclusion
++#endif /* _VSERVER_SIGNAL_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/signal_cmd.h linux-4.9/include/linux/vserver/signal_cmd.h
+--- linux-4.9/include/linux/vserver/signal_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/signal_cmd.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,14 @@
++#ifndef _VSERVER_SIGNAL_CMD_H
++#define _VSERVER_SIGNAL_CMD_H
+
-+ vxlprintk(VXD_CBIT(nid, 3), "clr_nx_info(%p[#%d.%d])",
-+ nxo, nxo ? nxo->nx_id : 0,
-+ nxo ? atomic_read(&nxo->nx_usecnt) : 0,
-+ _file, _line);
++#include <uapi/vserver/signal_cmd.h>
+
-+ if (atomic_dec_and_test(&nxo->nx_usecnt))
-+ free_nx_info(nxo);
-+}
+
++extern int vc_ctx_kill(struct vx_info *, void __user *);
++extern int vc_wait_exit(struct vx_info *, void __user *);
+
-+#define claim_nx_info(v, p) __claim_nx_info(v, p, __FILE__, __LINE__)
+
-+static inline void __claim_nx_info(struct nx_info *nxi,
-+ struct task_struct *task, const char *_file, int _line)
-+{
-+ vxlprintk(VXD_CBIT(nid, 3), "claim_nx_info(%p[#%d.%d.%d]) %p",
-+ nxi, nxi ? nxi->nx_id : 0,
-+ nxi?atomic_read(&nxi->nx_usecnt):0,
-+ nxi?atomic_read(&nxi->nx_tasks):0,
-+ task, _file, _line);
++extern int vc_get_pflags(uint32_t pid, void __user *);
++extern int vc_set_pflags(uint32_t pid, void __user *);
+
-+ atomic_inc(&nxi->nx_tasks);
-+}
++#endif /* _VSERVER_SIGNAL_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/space.h linux-4.9/include/linux/vserver/space.h
+--- linux-4.9/include/linux/vserver/space.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/space.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,12 @@
++#ifndef _VSERVER_SPACE_H
++#define _VSERVER_SPACE_H
+
++#include <linux/types.h>
+
-+extern void unhash_nx_info(struct nx_info *);
++struct vx_info;
+
-+#define release_nx_info(v, p) __release_nx_info(v, p, __FILE__, __LINE__)
++int vx_set_space(struct vx_info *vxi, unsigned long mask, unsigned index);
+
-+static inline void __release_nx_info(struct nx_info *nxi,
-+ struct task_struct *task, const char *_file, int _line)
-+{
-+ vxlprintk(VXD_CBIT(nid, 3), "release_nx_info(%p[#%d.%d.%d]) %p",
-+ nxi, nxi ? nxi->nx_id : 0,
-+ nxi ? atomic_read(&nxi->nx_usecnt) : 0,
-+ nxi ? atomic_read(&nxi->nx_tasks) : 0,
-+ task, _file, _line);
++#else /* _VSERVER_SPACE_H */
++#warning duplicate inclusion
++#endif /* _VSERVER_SPACE_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/space_cmd.h linux-4.9/include/linux/vserver/space_cmd.h
+--- linux-4.9/include/linux/vserver/space_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/space_cmd.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,13 @@
++#ifndef _VSERVER_SPACE_CMD_H
++#define _VSERVER_SPACE_CMD_H
+
-+ might_sleep();
++#include <uapi/vserver/space_cmd.h>
+
-+ if (atomic_dec_and_test(&nxi->nx_tasks))
-+ unhash_nx_info(nxi);
-+}
+
++extern int vc_enter_space_v1(struct vx_info *, void __user *);
++extern int vc_set_space_v1(struct vx_info *, void __user *);
++extern int vc_enter_space(struct vx_info *, void __user *);
++extern int vc_set_space(struct vx_info *, void __user *);
++extern int vc_get_space_mask(void __user *, int);
+
-+#define task_get_nx_info(i) __task_get_nx_info(i, __FILE__, __LINE__)
++#endif /* _VSERVER_SPACE_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/switch.h linux-4.9/include/linux/vserver/switch.h
+--- linux-4.9/include/linux/vserver/switch.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/switch.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,8 @@
++#ifndef _VSERVER_SWITCH_H
++#define _VSERVER_SWITCH_H
+
-+static __inline__ struct nx_info *__task_get_nx_info(struct task_struct *p,
-+ const char *_file, int _line)
-+{
-+ struct nx_info *nxi;
+
-+ task_lock(p);
-+ vxlprintk(VXD_CBIT(nid, 5), "task_get_nx_info(%p)",
-+ p, _file, _line);
-+ nxi = __get_nx_info(p->nx_info, _file, _line);
-+ task_unlock(p);
-+ return nxi;
-+}
++#include <linux/errno.h>
++#include <uapi/vserver/switch.h>
+
++#endif /* _VSERVER_SWITCH_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/tag.h linux-4.9/include/linux/vserver/tag.h
+--- linux-4.9/include/linux/vserver/tag.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/tag.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,160 @@
++#ifndef _DX_TAG_H
++#define _DX_TAG_H
+
-+static inline void exit_nx_info(struct task_struct *p)
-+{
-+ if (p->nx_info)
-+ release_nx_info(p->nx_info, p);
-+}
++#include <linux/types.h>
++#include <linux/uidgid.h>
++
++
++#define DX_TAG(in) (IS_TAGGED(in))
+
+
++#ifdef CONFIG_TAG_NFSD
++#define DX_TAG_NFSD 1
+#else
-+#warning duplicate inclusion
++#define DX_TAG_NFSD 0
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_pid.h linux-4.9.207-vs2.3.9.11/include/linux/vs_pid.h
---- linux-4.9.207/include/linux/vs_pid.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_pid.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,50 @@
-+#ifndef _VS_PID_H
-+#define _VS_PID_H
+
-+#include "vserver/base.h"
-+#include "vserver/check.h"
-+#include "vserver/context.h"
-+#include "vserver/debug.h"
-+#include "vserver/pid.h"
-+#include <linux/pid_namespace.h>
+
++#ifdef CONFIG_TAGGING_NONE
+
-+#define VXF_FAKE_INIT (VXF_INFO_INIT | VXF_STATE_INIT)
++#define MAX_UID 0xFFFFFFFF
++#define MAX_GID 0xFFFFFFFF
+
-+static inline
-+int vx_proc_task_visible(struct task_struct *task)
-+{
-+ if ((task->pid == 1) &&
-+ !vx_flags(VXF_FAKE_INIT, VXF_FAKE_INIT))
-+ /* show a blend through init */
-+ goto visible;
-+ if (vx_check(vx_task_xid(task), VS_WATCH | VS_IDENT))
-+ goto visible;
-+ return 0;
-+visible:
-+ return 1;
-+}
++#define INOTAG_TAG(cond, uid, gid, tag) (0)
+
-+#define find_task_by_real_pid(pid) find_task_by_pid_ns(pid, &init_pid_ns)
++#define TAGINO_UID(cond, uid, tag) (uid)
++#define TAGINO_GID(cond, gid, tag) (gid)
+
++#endif
+
-+static inline
-+struct task_struct *vx_get_proc_task(struct inode *inode, struct pid *pid)
-+{
-+ struct task_struct *task = get_pid_task(pid, PIDTYPE_PID);
+
-+ if (task && !vx_proc_task_visible(task)) {
-+ vxdprintk(VXD_CBIT(misc, 6),
-+ "dropping task (get) %p[#%u,%u] for %p[#%u,%u]",
-+ task, task->xid, task->pid,
-+ current, current->xid, current->pid);
-+ put_task_struct(task);
-+ task = NULL;
-+ }
-+ return task;
-+}
++#ifdef CONFIG_TAGGING_GID16
+
++#define MAX_UID 0xFFFFFFFF
++#define MAX_GID 0x0000FFFF
+
-+#else
-+#warning duplicate inclusion
-+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_sched.h linux-4.9.207-vs2.3.9.11/include/linux/vs_sched.h
---- linux-4.9.207/include/linux/vs_sched.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_sched.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,40 @@
-+#ifndef _VS_SCHED_H
-+#define _VS_SCHED_H
++#define INOTAG_TAG(cond, uid, gid, tag) \
++ ((cond) ? (((gid) >> 16) & 0xFFFF) : 0)
+
-+#include "vserver/base.h"
-+#include "vserver/context.h"
-+#include "vserver/sched.h"
++#define TAGINO_UID(cond, uid, tag) (uid)
++#define TAGINO_GID(cond, gid, tag) \
++ ((cond) ? (((gid) & 0xFFFF) | ((tag) << 16)) : (gid))
+
++#endif
+
-+#define MAX_PRIO_BIAS 20
-+#define MIN_PRIO_BIAS -20
+
-+static inline
-+int vx_adjust_prio(struct task_struct *p, int prio, int max_user)
-+{
-+ struct vx_info *vxi = p->vx_info;
++#ifdef CONFIG_TAGGING_ID24
+
-+ if (vxi)
-+ prio += vx_cpu(vxi, sched_pc).prio_bias;
-+ return prio;
-+}
++#define MAX_UID 0x00FFFFFF
++#define MAX_GID 0x00FFFFFF
+
-+static inline void vx_account_user(struct vx_info *vxi,
-+ cputime_t cputime, int nice)
-+{
-+ if (!vxi)
-+ return;
-+ vx_cpu(vxi, sched_pc).user_ticks += cputime;
-+}
++#define INOTAG_TAG(cond, uid, gid, tag) \
++ ((cond) ? ((((uid) >> 16) & 0xFF00) | (((gid) >> 24) & 0xFF)) : 0)
+
-+static inline void vx_account_system(struct vx_info *vxi,
-+ cputime_t cputime, int idle)
-+{
-+ if (!vxi)
-+ return;
-+ vx_cpu(vxi, sched_pc).sys_ticks += cputime;
-+}
++#define TAGINO_UID(cond, uid, tag) \
++ ((cond) ? (((uid) & 0xFFFFFF) | (((tag) & 0xFF00) << 16)) : (uid))
++#define TAGINO_GID(cond, gid, tag) \
++ ((cond) ? (((gid) & 0xFFFFFF) | (((tag) & 0x00FF) << 24)) : (gid))
+
-+#else
-+#warning duplicate inclusion
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_socket.h linux-4.9.207-vs2.3.9.11/include/linux/vs_socket.h
---- linux-4.9.207/include/linux/vs_socket.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_socket.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,67 @@
-+#ifndef _VS_SOCKET_H
-+#define _VS_SOCKET_H
+
-+#include "vserver/debug.h"
-+#include "vserver/base.h"
-+#include "vserver/cacct.h"
-+#include "vserver/context.h"
-+#include "vserver/tag.h"
+
++#ifdef CONFIG_TAGGING_UID16
+
-+/* socket accounting */
++#define MAX_UID 0x0000FFFF
++#define MAX_GID 0xFFFFFFFF
+
-+#include <linux/socket.h>
++#define INOTAG_TAG(cond, uid, gid, tag) \
++ ((cond) ? (((uid) >> 16) & 0xFFFF) : 0)
+
-+static inline int vx_sock_type(int family)
-+{
-+ switch (family) {
-+ case PF_UNSPEC:
-+ return VXA_SOCK_UNSPEC;
-+ case PF_UNIX:
-+ return VXA_SOCK_UNIX;
-+ case PF_INET:
-+ return VXA_SOCK_INET;
-+ case PF_INET6:
-+ return VXA_SOCK_INET6;
-+ case PF_PACKET:
-+ return VXA_SOCK_PACKET;
-+ default:
-+ return VXA_SOCK_OTHER;
-+ }
-+}
++#define TAGINO_UID(cond, uid, tag) \
++ ((cond) ? (((uid) & 0xFFFF) | ((tag) << 16)) : (uid))
++#define TAGINO_GID(cond, gid, tag) (gid)
+
-+#define vx_acc_sock(v, f, p, s) \
-+ __vx_acc_sock(v, f, p, s, __FILE__, __LINE__)
++#endif
+
-+static inline void __vx_acc_sock(struct vx_info *vxi,
-+ int family, int pos, int size, char *file, int line)
-+{
-+ if (vxi) {
-+ int type = vx_sock_type(family);
+
-+ atomic_long_inc(&vxi->cacct.sock[type][pos].count);
-+ atomic_long_add(size, &vxi->cacct.sock[type][pos].total);
-+ }
-+}
++#ifdef CONFIG_TAGGING_INTERN
+
-+#define vx_sock_recv(sk, s) \
-+ vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 0, s)
-+#define vx_sock_send(sk, s) \
-+ vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 1, s)
-+#define vx_sock_fail(sk, s) \
-+ vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 2, s)
++#define MAX_UID 0xFFFFFFFF
++#define MAX_GID 0xFFFFFFFF
+
++#define INOTAG_TAG(cond, uid, gid, tag) \
++ ((cond) ? (tag) : 0)
+
-+#define sock_vx_init(s) do { \
-+ (s)->sk_xid = 0; \
-+ (s)->sk_vx_info = NULL; \
-+ } while (0)
++#define TAGINO_UID(cond, uid, tag) (uid)
++#define TAGINO_GID(cond, gid, tag) (gid)
+
-+#define sock_nx_init(s) do { \
-+ (s)->sk_nid = 0; \
-+ (s)->sk_nx_info = NULL; \
-+ } while (0)
++#endif
+
++
++#ifndef CONFIG_TAGGING_NONE
++#define dx_current_fstag(sb) \
++ ((sb)->s_flags & MS_TAGGED ? dx_current_tag() : 0)
+#else
-+#warning duplicate inclusion
++#define dx_current_fstag(sb) (0)
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_tag.h linux-4.9.207-vs2.3.9.11/include/linux/vs_tag.h
---- linux-4.9.207/include/linux/vs_tag.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_tag.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,47 @@
-+#ifndef _VS_TAG_H
-+#define _VS_TAG_H
+
-+#include <linux/vserver/tag.h>
++#ifndef CONFIG_TAGGING_INTERN
++#define TAGINO_TAG(cond, tag) (0)
++#else
++#define TAGINO_TAG(cond, tag) ((cond) ? (tag) : 0)
++#endif
+
-+/* check conditions */
++#define TAGINO_KUID(cond, kuid, ktag) \
++ KUIDT_INIT(TAGINO_UID(cond, __kuid_val(kuid), __ktag_val(ktag)))
++#define TAGINO_KGID(cond, kgid, ktag) \
++ KGIDT_INIT(TAGINO_GID(cond, __kgid_val(kgid), __ktag_val(ktag)))
++#define TAGINO_KTAG(cond, ktag) \
++ KTAGT_INIT(TAGINO_TAG(cond, __ktag_val(ktag)))
+
-+#define DX_ADMIN 0x0001
-+#define DX_WATCH 0x0002
-+#define DX_HOSTID 0x0008
+
-+#define DX_IDENT 0x0010
++#define INOTAG_UID(cond, uid, gid) \
++ ((cond) ? ((uid) & MAX_UID) : (uid))
++#define INOTAG_GID(cond, uid, gid) \
++ ((cond) ? ((gid) & MAX_GID) : (gid))
+
-+#define DX_ARG_MASK 0x0010
++#define INOTAG_KUID(cond, kuid, kgid) \
++ KUIDT_INIT(INOTAG_UID(cond, __kuid_val(kuid), __kgid_val(kgid)))
++#define INOTAG_KGID(cond, kuid, kgid) \
++ KGIDT_INIT(INOTAG_GID(cond, __kuid_val(kuid), __kgid_val(kgid)))
++#define INOTAG_KTAG(cond, kuid, kgid, ktag) \
++ KTAGT_INIT(INOTAG_TAG(cond, \
++ __kuid_val(kuid), __kgid_val(kgid), __ktag_val(ktag)))
+
+
-+#define dx_task_tag(t) ((t)->tag)
++static inline uid_t dx_map_uid(uid_t uid)
++{
++ if ((uid > MAX_UID) && (uid != -1))
++ uid = -2;
++ return (uid & MAX_UID);
++}
+
-+#define dx_current_tag() dx_task_tag(current)
++static inline gid_t dx_map_gid(gid_t gid)
++{
++ if ((gid > MAX_GID) && (gid != -1))
++ gid = -2;
++ return (gid & MAX_GID);
++}
+
-+#define dx_check(c, m) __dx_check(dx_current_tag(), c, m)
++struct peer_tag {
++ int32_t xid;
++ int32_t nid;
++};
+
-+#define dx_weak_check(c, m) ((m) ? dx_check(c, m) : 1)
++#define dx_notagcheck(sb) ((sb) && ((sb)->s_flags & MS_NOTAGCHECK))
+
++int dx_parse_tag(char *string, vtag_t *tag, int remove, int *mnt_flags,
++ unsigned long *flags);
+
-+/*
-+ * check current context for ADMIN/WATCH and
-+ * optionally against supplied argument
-+ */
-+static inline int __dx_check(vtag_t cid, vtag_t id, unsigned int mode)
-+{
-+ if (mode & DX_ARG_MASK) {
-+ if ((mode & DX_IDENT) && (id == cid))
-+ return 1;
-+ }
-+ return (((mode & DX_ADMIN) && (cid == 0)) ||
-+ ((mode & DX_WATCH) && (cid == 1)) ||
-+ ((mode & DX_HOSTID) && (id == 0)));
-+}
++#ifdef CONFIG_PROPAGATE
+
-+struct inode;
-+int dx_permission(const struct inode *inode, int mask);
++void __dx_propagate_tag(struct nameidata *nd, struct inode *inode);
+
++#define dx_propagate_tag(n, i) __dx_propagate_tag(n, i)
+
+#else
-+#warning duplicate inclusion
++#define dx_propagate_tag(n, i) do { } while (0)
+#endif
-diff -NurpP --minimal linux-4.9.207/include/linux/vs_time.h linux-4.9.207-vs2.3.9.11/include/linux/vs_time.h
---- linux-4.9.207/include/linux/vs_time.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/linux/vs_time.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,21 @@
-+#ifndef _VS_TIME_H
-+#define _VS_TIME_H
-+
+
-+/* time faking stuff */
++#endif /* _DX_TAG_H */
+diff -urNp -x '*.orig' linux-4.9/include/linux/vserver/tag_cmd.h linux-4.9/include/linux/vserver/tag_cmd.h
+--- linux-4.9/include/linux/vserver/tag_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/linux/vserver/tag_cmd.h 2021-02-24 15:47:45.097743096 +0100
+@@ -0,0 +1,10 @@
++#ifndef _VSERVER_TAG_CMD_H
++#define _VSERVER_TAG_CMD_H
+
-+#ifdef CONFIG_VSERVER_VTIME
++#include <uapi/vserver/tag_cmd.h>
+
-+extern void vx_adjust_timespec(struct timespec *ts);
-+extern int vx_settimeofday(const struct timespec *ts);
-+extern int vx_settimeofday64(const struct timespec64 *ts);
++extern int vc_task_tag(uint32_t);
+
-+#else
-+#define vx_adjust_timespec(t) do { } while (0)
-+#define vx_settimeofday(t) do_settimeofday(t)
-+#define vx_settimeofday64(t) do_settimeofday64(t)
-+#endif
++extern int vc_tag_migrate(uint32_t);
+
-+#else
-+#warning duplicate inclusion
-+#endif
-diff -NurpP --minimal linux-4.9.207/include/net/addrconf.h linux-4.9.207-vs2.3.9.11/include/net/addrconf.h
---- linux-4.9.207/include/net/addrconf.h 2019-12-25 15:28:40.237269280 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/net/addrconf.h 2018-10-20 04:58:14.000000000 +0000
++#endif /* _VSERVER_TAG_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/net/addrconf.h linux-4.9/include/net/addrconf.h
+--- linux-4.9/include/net/addrconf.h 2021-02-24 15:47:32.424013281 +0100
++++ linux-4.9/include/net/addrconf.h 2021-02-24 15:47:45.101076533 +0100
@@ -85,7 +85,7 @@ struct inet6_ifaddr *ipv6_get_ifaddr(str
int ipv6_dev_get_saddr(struct net *net, const struct net_device *dev,
int __ipv6_get_lladdr(struct inet6_dev *idev, struct in6_addr *addr,
u32 banned_flags);
int ipv6_get_lladdr(struct net_device *dev, struct in6_addr *addr,
-diff -NurpP --minimal linux-4.9.207/include/net/af_unix.h linux-4.9.207-vs2.3.9.11/include/net/af_unix.h
---- linux-4.9.207/include/net/af_unix.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/net/af_unix.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/net/af_unix.h linux-4.9/include/net/af_unix.h
+--- linux-4.9/include/net/af_unix.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/net/af_unix.h 2021-02-24 15:47:45.101076533 +0100
@@ -4,6 +4,7 @@
#include <linux/socket.h>
#include <linux/un.h>
#include <net/sock.h>
void unix_inflight(struct user_struct *user, struct file *fp);
-diff -NurpP --minimal linux-4.9.207/include/net/inet_timewait_sock.h linux-4.9.207-vs2.3.9.11/include/net/inet_timewait_sock.h
---- linux-4.9.207/include/net/inet_timewait_sock.h 2019-12-25 15:28:41.037256346 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/net/inet_timewait_sock.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/net/inet_timewait_sock.h linux-4.9/include/net/inet_timewait_sock.h
+--- linux-4.9/include/net/inet_timewait_sock.h 2021-02-24 15:47:32.427346719 +0100
++++ linux-4.9/include/net/inet_timewait_sock.h 2021-02-24 15:47:45.101076533 +0100
@@ -72,6 +72,10 @@ struct inet_timewait_sock {
#define tw_num __tw_common.skc_num
#define tw_cookie __tw_common.skc_cookie
int tw_timeout;
volatile unsigned char tw_substate;
-diff -NurpP --minimal linux-4.9.207/include/net/ip6_route.h linux-4.9.207-vs2.3.9.11/include/net/ip6_route.h
---- linux-4.9.207/include/net/ip6_route.h 2019-12-25 15:28:41.057256025 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/net/ip6_route.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/net/ip6_route.h linux-4.9/include/net/ip6_route.h
+--- linux-4.9/include/net/ip6_route.h 2021-02-24 15:47:32.427346719 +0100
++++ linux-4.9/include/net/ip6_route.h 2021-02-24 15:47:45.101076533 +0100
@@ -26,6 +26,7 @@ struct route_info {
#include <linux/ip.h>
#include <linux/ipv6.h>
return err;
}
-diff -NurpP --minimal linux-4.9.207/include/net/route.h linux-4.9.207-vs2.3.9.11/include/net/route.h
---- linux-4.9.207/include/net/route.h 2019-12-25 15:28:41.657246322 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/net/route.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/net/route.h linux-4.9/include/net/route.h
+--- linux-4.9/include/net/route.h 2021-02-24 15:47:32.434013594 +0100
++++ linux-4.9/include/net/route.h 2021-02-24 15:47:45.101076533 +0100
@@ -226,6 +226,9 @@ static inline void ip_rt_put(struct rtab
dst_release(&rt->dst);
}
rt = __ip_route_output_key(net, fl4);
if (IS_ERR(rt))
return rt;
-diff -NurpP --minimal linux-4.9.207/include/net/sock.h linux-4.9.207-vs2.3.9.11/include/net/sock.h
---- linux-4.9.207/include/net/sock.h 2019-12-25 15:28:41.707245516 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/net/sock.h 2019-12-25 15:37:52.288424537 +0000
+diff -urNp -x '*.orig' linux-4.9/include/net/sock.h linux-4.9/include/net/sock.h
+--- linux-4.9/include/net/sock.h 2021-02-24 15:47:32.434013594 +0100
++++ linux-4.9/include/net/sock.h 2021-02-24 15:47:45.101076533 +0100
@@ -187,6 +187,10 @@ struct sock_common {
struct in6_addr skc_v6_daddr;
struct in6_addr skc_v6_rcv_saddr;
#define sk_incoming_cpu __sk_common.skc_incoming_cpu
#define sk_flags __sk_common.skc_flags
#define sk_rxhash __sk_common.skc_rxhash
-diff -NurpP --minimal linux-4.9.207/include/uapi/Kbuild linux-4.9.207-vs2.3.9.11/include/uapi/Kbuild
---- linux-4.9.207/include/uapi/Kbuild 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/Kbuild 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/Kbuild linux-4.9/include/uapi/Kbuild
+--- linux-4.9/include/uapi/Kbuild 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/uapi/Kbuild 2021-02-24 15:47:45.101076533 +0100
@@ -13,3 +13,4 @@ header-y += drm/
header-y += xen/
header-y += scsi/
header-y += misc/
+header-y += vserver/
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/btrfs_tree.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/btrfs_tree.h
---- linux-4.9.207/include/uapi/linux/btrfs_tree.h 2019-12-25 15:28:42.297235975 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/btrfs_tree.h 2019-02-22 08:37:55.713049558 +0000
-@@ -564,11 +564,14 @@ struct btrfs_inode_item {
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/btrfs_tree.h linux-4.9/include/uapi/linux/btrfs_tree.h
+--- linux-4.9/include/uapi/linux/btrfs_tree.h 2021-02-24 15:47:32.444013907 +0100
++++ linux-4.9/include/uapi/linux/btrfs_tree.h 2021-02-24 15:47:45.101076533 +0100
+@@ -566,11 +566,14 @@ struct btrfs_inode_item {
/* modification sequence number for NFS */
__le64 sequence;
struct btrfs_timespec atime;
struct btrfs_timespec ctime;
struct btrfs_timespec mtime;
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/capability.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/capability.h
---- linux-4.9.207/include/uapi/linux/capability.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/capability.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/capability.h linux-4.9/include/uapi/linux/capability.h
+--- linux-4.9/include/uapi/linux/capability.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/uapi/linux/capability.h 2021-02-24 15:47:45.101076533 +0100
@@ -257,6 +257,7 @@ struct vfs_cap_data {
arbitrary SCSI commands */
/* Allow setting encryption key on loopback filesystem */
/*
* Bit location of each capability (used by user-space library and kernel)
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/fs.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/fs.h
---- linux-4.9.207/include/uapi/linux/fs.h 2019-12-25 15:28:42.337235329 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/fs.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/fs.h linux-4.9/include/uapi/linux/fs.h
+--- linux-4.9/include/uapi/linux/fs.h 2021-02-24 15:47:32.444013907 +0100
++++ linux-4.9/include/uapi/linux/fs.h 2021-02-24 15:47:45.101076533 +0100
@@ -130,6 +130,9 @@ struct inodes_stat_t {
#define MS_I_VERSION (1<<23) /* Update inode I_version field */
#define MS_STRICTATIME (1<<24) /* Always perform atime updates */
#define SYNC_FILE_RANGE_WAIT_BEFORE 1
#define SYNC_FILE_RANGE_WRITE 2
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/gfs2_ondisk.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/gfs2_ondisk.h
---- linux-4.9.207/include/uapi/linux/gfs2_ondisk.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/gfs2_ondisk.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/gfs2_ondisk.h linux-4.9/include/uapi/linux/gfs2_ondisk.h
+--- linux-4.9/include/uapi/linux/gfs2_ondisk.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/uapi/linux/gfs2_ondisk.h 2021-02-24 15:47:45.104409971 +0100
@@ -225,6 +225,9 @@ enum {
gfs2fl_Sync = 8,
gfs2fl_System = 9,
#define GFS2_DIF_TRUNC_IN_PROG 0x20000000 /* New in gfs2 */
#define GFS2_DIF_INHERIT_DIRECTIO 0x40000000 /* only in gfs1 */
#define GFS2_DIF_INHERIT_JDATA 0x80000000
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/if_tun.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/if_tun.h
---- linux-4.9.207/include/uapi/linux/if_tun.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/if_tun.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/if_tun.h linux-4.9/include/uapi/linux/if_tun.h
+--- linux-4.9/include/uapi/linux/if_tun.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/uapi/linux/if_tun.h 2021-02-24 15:47:45.104409971 +0100
@@ -56,6 +56,7 @@
*/
#define TUNSETVNETBE _IOW('T', 222, int)
/* TUNSETIFF ifr flags */
#define IFF_TUN 0x0001
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/major.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/major.h
---- linux-4.9.207/include/uapi/linux/major.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/major.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/major.h linux-4.9/include/uapi/linux/major.h
+--- linux-4.9/include/uapi/linux/major.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/uapi/linux/major.h 2021-02-24 15:47:45.104409971 +0100
@@ -15,6 +15,7 @@
#define HD_MAJOR IDE0_MAJOR
#define PTY_SLAVE_MAJOR 3
#define TTYAUX_MAJOR 5
#define LP_MAJOR 6
#define VCS_MAJOR 7
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/nfs_mount.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/nfs_mount.h
---- linux-4.9.207/include/uapi/linux/nfs_mount.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/nfs_mount.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/nfs_mount.h linux-4.9/include/uapi/linux/nfs_mount.h
+--- linux-4.9/include/uapi/linux/nfs_mount.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/uapi/linux/nfs_mount.h 2021-02-24 15:47:45.104409971 +0100
@@ -63,7 +63,8 @@ struct nfs_mount_data {
#define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 non-text parsed mount data only */
#define NFS_MOUNT_NORDIRPLUS 0x4000 /* 5 */
/* The following are for internal use only */
#define NFS_MOUNT_LOOKUP_CACHE_NONEG 0x10000
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/reboot.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/reboot.h
---- linux-4.9.207/include/uapi/linux/reboot.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/reboot.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/reboot.h linux-4.9/include/uapi/linux/reboot.h
+--- linux-4.9/include/uapi/linux/reboot.h 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/include/uapi/linux/reboot.h 2021-02-24 15:47:45.104409971 +0100
@@ -33,7 +33,7 @@
#define LINUX_REBOOT_CMD_RESTART2 0xA1B2C3D4
#define LINUX_REBOOT_CMD_SW_SUSPEND 0xD000FCE2
#endif /* _UAPI_LINUX_REBOOT_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/linux/sysctl.h linux-4.9.207-vs2.3.9.11/include/uapi/linux/sysctl.h
---- linux-4.9.207/include/uapi/linux/sysctl.h 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/linux/sysctl.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/sysctl.h linux-4.9/include/uapi/linux/sysctl.h
+--- linux-4.9/include/uapi/linux/sysctl.h 2021-02-24 15:47:32.450680782 +0100
++++ linux-4.9/include/uapi/linux/sysctl.h 2021-02-24 15:47:45.104409971 +0100
@@ -58,6 +58,7 @@ enum
CTL_ABI=9, /* Binary emulation */
CTL_CPU=10, /* CPU stuff (speed scaling, etc) */
KERN_SPARC_REBOOT=21, /* reboot command on Sparc */
KERN_CTLALTDEL=22, /* int: allow ctl-alt-del to reboot */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/cacct_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/cacct_cmd.h
---- linux-4.9.207/include/uapi/vserver/cacct_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/cacct_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/Kbuild linux-4.9/include/uapi/vserver/Kbuild
+--- linux-4.9/include/uapi/vserver/Kbuild 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/Kbuild 2021-02-24 15:47:45.104409971 +0100
+@@ -0,0 +1,9 @@
++
++header-y += context_cmd.h network_cmd.h space_cmd.h \
++ cacct_cmd.h cvirt_cmd.h limit_cmd.h dlimit_cmd.h \
++ inode_cmd.h tag_cmd.h sched_cmd.h signal_cmd.h \
++ debug_cmd.h device_cmd.h
++
++header-y += switch.h context.h network.h monitor.h \
++ limit.h inode.h device.h
++
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/cacct_cmd.h linux-4.9/include/uapi/vserver/cacct_cmd.h
+--- linux-4.9/include/uapi/vserver/cacct_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/cacct_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,15 @@
+#ifndef _UAPI_VS_CACCT_CMD_H
+#define _UAPI_VS_CACCT_CMD_H
+};
+
+#endif /* _UAPI_VS_CACCT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/context_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/context_cmd.h
---- linux-4.9.207/include/uapi/vserver/context_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/context_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/context.h linux-4.9/include/uapi/vserver/context.h
+--- linux-4.9/include/uapi/vserver/context.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/context.h 2021-02-24 15:47:45.104409971 +0100
+@@ -0,0 +1,81 @@
++#ifndef _UAPI_VS_CONTEXT_H
++#define _UAPI_VS_CONTEXT_H
++
++#include <linux/types.h>
++#include <linux/capability.h>
++
++
++/* context flags */
++
++#define VXF_INFO_SCHED 0x00000002
++#define VXF_INFO_NPROC 0x00000004
++#define VXF_INFO_PRIVATE 0x00000008
++
++#define VXF_INFO_INIT 0x00000010
++#define VXF_INFO_HIDE 0x00000020
++#define VXF_INFO_ULIMIT 0x00000040
++#define VXF_INFO_NSPACE 0x00000080
++
++#define VXF_SCHED_HARD 0x00000100
++#define VXF_SCHED_PRIO 0x00000200
++#define VXF_SCHED_PAUSE 0x00000400
++
++#define VXF_VIRT_MEM 0x00010000
++#define VXF_VIRT_UPTIME 0x00020000
++#define VXF_VIRT_CPU 0x00040000
++#define VXF_VIRT_LOAD 0x00080000
++#define VXF_VIRT_TIME 0x00100000
++
++#define VXF_HIDE_MOUNT 0x01000000
++/* was VXF_HIDE_NETIF 0x02000000 */
++#define VXF_HIDE_VINFO 0x04000000
++
++#define VXF_STATE_SETUP (1ULL << 32)
++#define VXF_STATE_INIT (1ULL << 33)
++#define VXF_STATE_ADMIN (1ULL << 34)
++
++#define VXF_SC_HELPER (1ULL << 36)
++#define VXF_REBOOT_KILL (1ULL << 37)
++#define VXF_PERSISTENT (1ULL << 38)
++
++#define VXF_FORK_RSS (1ULL << 48)
++#define VXF_PROLIFIC (1ULL << 49)
++
++#define VXF_IGNEG_NICE (1ULL << 52)
++
++#define VXF_ONE_TIME (0x0007ULL << 32)
++
++#define VXF_INIT_SET (VXF_STATE_SETUP | VXF_STATE_INIT | VXF_STATE_ADMIN)
++
++
++/* context migration */
++
++#define VXM_SET_INIT 0x00000001
++#define VXM_SET_REAPER 0x00000002
++
++/* context caps */
++
++#define VXC_SET_UTSNAME 0x00000001
++#define VXC_SET_RLIMIT 0x00000002
++#define VXC_FS_SECURITY 0x00000004
++#define VXC_FS_TRUSTED 0x00000008
++#define VXC_TIOCSTI 0x00000010
++
++/* was VXC_RAW_ICMP 0x00000100 */
++#define VXC_SYSLOG 0x00001000
++#define VXC_OOM_ADJUST 0x00002000
++#define VXC_AUDIT_CONTROL 0x00004000
++
++#define VXC_SECURE_MOUNT 0x00010000
++/* #define VXC_SECURE_REMOUNT 0x00020000 */
++#define VXC_BINARY_MOUNT 0x00040000
++#define VXC_DEV_MOUNT 0x00080000
++
++#define VXC_QUOTA_CTL 0x00100000
++#define VXC_ADMIN_MAPPER 0x00200000
++#define VXC_ADMIN_CLOOP 0x00400000
++
++#define VXC_KTHREAD 0x01000000
++#define VXC_NAMESPACE 0x02000000
++
++#endif /* _UAPI_VS_CONTEXT_H */
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/context_cmd.h linux-4.9/include/uapi/vserver/context_cmd.h
+--- linux-4.9/include/uapi/vserver/context_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/context_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,115 @@
+#ifndef _UAPI_VS_CONTEXT_CMD_H
+#define _UAPI_VS_CONTEXT_CMD_H
+};
+
+#endif /* _UAPI_VS_CONTEXT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/context.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/context.h
---- linux-4.9.207/include/uapi/vserver/context.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/context.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,81 @@
-+#ifndef _UAPI_VS_CONTEXT_H
-+#define _UAPI_VS_CONTEXT_H
-+
-+#include <linux/types.h>
-+#include <linux/capability.h>
-+
-+
-+/* context flags */
-+
-+#define VXF_INFO_SCHED 0x00000002
-+#define VXF_INFO_NPROC 0x00000004
-+#define VXF_INFO_PRIVATE 0x00000008
-+
-+#define VXF_INFO_INIT 0x00000010
-+#define VXF_INFO_HIDE 0x00000020
-+#define VXF_INFO_ULIMIT 0x00000040
-+#define VXF_INFO_NSPACE 0x00000080
-+
-+#define VXF_SCHED_HARD 0x00000100
-+#define VXF_SCHED_PRIO 0x00000200
-+#define VXF_SCHED_PAUSE 0x00000400
-+
-+#define VXF_VIRT_MEM 0x00010000
-+#define VXF_VIRT_UPTIME 0x00020000
-+#define VXF_VIRT_CPU 0x00040000
-+#define VXF_VIRT_LOAD 0x00080000
-+#define VXF_VIRT_TIME 0x00100000
-+
-+#define VXF_HIDE_MOUNT 0x01000000
-+/* was VXF_HIDE_NETIF 0x02000000 */
-+#define VXF_HIDE_VINFO 0x04000000
-+
-+#define VXF_STATE_SETUP (1ULL << 32)
-+#define VXF_STATE_INIT (1ULL << 33)
-+#define VXF_STATE_ADMIN (1ULL << 34)
-+
-+#define VXF_SC_HELPER (1ULL << 36)
-+#define VXF_REBOOT_KILL (1ULL << 37)
-+#define VXF_PERSISTENT (1ULL << 38)
-+
-+#define VXF_FORK_RSS (1ULL << 48)
-+#define VXF_PROLIFIC (1ULL << 49)
-+
-+#define VXF_IGNEG_NICE (1ULL << 52)
-+
-+#define VXF_ONE_TIME (0x0007ULL << 32)
-+
-+#define VXF_INIT_SET (VXF_STATE_SETUP | VXF_STATE_INIT | VXF_STATE_ADMIN)
-+
-+
-+/* context migration */
-+
-+#define VXM_SET_INIT 0x00000001
-+#define VXM_SET_REAPER 0x00000002
-+
-+/* context caps */
-+
-+#define VXC_SET_UTSNAME 0x00000001
-+#define VXC_SET_RLIMIT 0x00000002
-+#define VXC_FS_SECURITY 0x00000004
-+#define VXC_FS_TRUSTED 0x00000008
-+#define VXC_TIOCSTI 0x00000010
-+
-+/* was VXC_RAW_ICMP 0x00000100 */
-+#define VXC_SYSLOG 0x00001000
-+#define VXC_OOM_ADJUST 0x00002000
-+#define VXC_AUDIT_CONTROL 0x00004000
-+
-+#define VXC_SECURE_MOUNT 0x00010000
-+/* #define VXC_SECURE_REMOUNT 0x00020000 */
-+#define VXC_BINARY_MOUNT 0x00040000
-+#define VXC_DEV_MOUNT 0x00080000
-+
-+#define VXC_QUOTA_CTL 0x00100000
-+#define VXC_ADMIN_MAPPER 0x00200000
-+#define VXC_ADMIN_CLOOP 0x00400000
-+
-+#define VXC_KTHREAD 0x01000000
-+#define VXC_NAMESPACE 0x02000000
-+
-+#endif /* _UAPI_VS_CONTEXT_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/cvirt_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/cvirt_cmd.h
---- linux-4.9.207/include/uapi/vserver/cvirt_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/cvirt_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/cvirt_cmd.h linux-4.9/include/uapi/vserver/cvirt_cmd.h
+--- linux-4.9/include/uapi/vserver/cvirt_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/cvirt_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,41 @@
+#ifndef _UAPI_VS_CVIRT_CMD_H
+#define _UAPI_VS_CVIRT_CMD_H
+};
+
+#endif /* _UAPI_VS_CVIRT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/debug_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/debug_cmd.h
---- linux-4.9.207/include/uapi/vserver/debug_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/debug_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/debug_cmd.h linux-4.9/include/uapi/vserver/debug_cmd.h
+--- linux-4.9/include/uapi/vserver/debug_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/debug_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,24 @@
+#ifndef _UAPI_VS_DEBUG_CMD_H
+#define _UAPI_VS_DEBUG_CMD_H
+};
+
+#endif /* _UAPI_VS_DEBUG_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/device_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/device_cmd.h
---- linux-4.9.207/include/uapi/vserver/device_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/device_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/device.h linux-4.9/include/uapi/vserver/device.h
+--- linux-4.9/include/uapi/vserver/device.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/device.h 2021-02-24 15:47:45.104409971 +0100
+@@ -0,0 +1,12 @@
++#ifndef _UAPI_VS_DEVICE_H
++#define _UAPI_VS_DEVICE_H
++
++
++#define DATTR_CREATE 0x00000001
++#define DATTR_OPEN 0x00000002
++
++#define DATTR_REMAP 0x00000010
++
++#define DATTR_MASK 0x00000013
++
++#endif /* _UAPI_VS_DEVICE_H */
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/device_cmd.h linux-4.9/include/uapi/vserver/device_cmd.h
+--- linux-4.9/include/uapi/vserver/device_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/device_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,16 @@
+#ifndef _UAPI_VS_DEVICE_CMD_H
+#define _UAPI_VS_DEVICE_CMD_H
+};
+
+#endif /* _UAPI_VS_DEVICE_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/device.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/device.h
---- linux-4.9.207/include/uapi/vserver/device.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/device.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,12 @@
-+#ifndef _UAPI_VS_DEVICE_H
-+#define _UAPI_VS_DEVICE_H
-+
-+
-+#define DATTR_CREATE 0x00000001
-+#define DATTR_OPEN 0x00000002
-+
-+#define DATTR_REMAP 0x00000010
-+
-+#define DATTR_MASK 0x00000013
-+
-+#endif /* _UAPI_VS_DEVICE_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/dlimit_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/dlimit_cmd.h
---- linux-4.9.207/include/uapi/vserver/dlimit_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/dlimit_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/dlimit_cmd.h linux-4.9/include/uapi/vserver/dlimit_cmd.h
+--- linux-4.9/include/uapi/vserver/dlimit_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/dlimit_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,67 @@
+#ifndef _UAPI_VS_DLIMIT_CMD_H
+#define _UAPI_VS_DLIMIT_CMD_H
+{
+ int exp = 0;
+
-+ if (*flags & DLIMF_SHIFT) {
-+ while (val > (1LL << 32) && (exp < 3)) {
-+ val >>= 10;
-+ exp++;
-+ }
-+ *flags &= ~(DLIME_GIGA << shift);
-+ *flags |= exp << shift;
-+ } else
-+ val >>= 10;
-+ return val;
-+}
++ if (*flags & DLIMF_SHIFT) {
++ while (val > (1LL << 32) && (exp < 3)) {
++ val >>= 10;
++ exp++;
++ }
++ *flags &= ~(DLIME_GIGA << shift);
++ *flags |= exp << shift;
++ } else
++ val >>= 10;
++ return val;
++}
++
++#endif /* _UAPI_VS_DLIMIT_CMD_H */
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/inode.h linux-4.9/include/uapi/vserver/inode.h
+--- linux-4.9/include/uapi/vserver/inode.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/inode.h 2021-02-24 15:47:45.104409971 +0100
+@@ -0,0 +1,23 @@
++#ifndef _UAPI_VS_INODE_H
++#define _UAPI_VS_INODE_H
++
++
++#define IATTR_TAG 0x01000000
++
++#define IATTR_ADMIN 0x00000001
++#define IATTR_WATCH 0x00000002
++#define IATTR_HIDE 0x00000004
++#define IATTR_FLAGS 0x00000007
++
++#define IATTR_BARRIER 0x00010000
++#define IATTR_IXUNLINK 0x00020000
++#define IATTR_IMMUTABLE 0x00040000
++#define IATTR_COW 0x00080000
++
+
-+#endif /* _UAPI_VS_DLIMIT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/inode_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/inode_cmd.h
---- linux-4.9.207/include/uapi/vserver/inode_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/inode_cmd.h 2018-10-20 04:58:14.000000000 +0000
++/* inode ioctls */
++
++#define FIOC_GETXFLG _IOR('x', 5, long)
++#define FIOC_SETXFLG _IOW('x', 6, long)
++
++#endif /* _UAPI_VS_INODE_H */
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/inode_cmd.h linux-4.9/include/uapi/vserver/inode_cmd.h
+--- linux-4.9/include/uapi/vserver/inode_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/inode_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,26 @@
+#ifndef _UAPI_VS_INODE_CMD_H
+#define _UAPI_VS_INODE_CMD_H
+};
+
+#endif /* _UAPI_VS_INODE_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/inode.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/inode.h
---- linux-4.9.207/include/uapi/vserver/inode.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/inode.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,23 @@
-+#ifndef _UAPI_VS_INODE_H
-+#define _UAPI_VS_INODE_H
-+
-+
-+#define IATTR_TAG 0x01000000
-+
-+#define IATTR_ADMIN 0x00000001
-+#define IATTR_WATCH 0x00000002
-+#define IATTR_HIDE 0x00000004
-+#define IATTR_FLAGS 0x00000007
-+
-+#define IATTR_BARRIER 0x00010000
-+#define IATTR_IXUNLINK 0x00020000
-+#define IATTR_IMMUTABLE 0x00040000
-+#define IATTR_COW 0x00080000
-+
-+
-+/* inode ioctls */
-+
-+#define FIOC_GETXFLG _IOR('x', 5, long)
-+#define FIOC_SETXFLG _IOW('x', 6, long)
-+
-+#endif /* _UAPI_VS_INODE_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/Kbuild linux-4.9.207-vs2.3.9.11/include/uapi/vserver/Kbuild
---- linux-4.9.207/include/uapi/vserver/Kbuild 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/Kbuild 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,9 @@
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/limit.h linux-4.9/include/uapi/vserver/limit.h
+--- linux-4.9/include/uapi/vserver/limit.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/limit.h 2021-02-24 15:47:45.104409971 +0100
+@@ -0,0 +1,14 @@
++#ifndef _UAPI_VS_LIMIT_H
++#define _UAPI_VS_LIMIT_H
+
-+header-y += context_cmd.h network_cmd.h space_cmd.h \
-+ cacct_cmd.h cvirt_cmd.h limit_cmd.h dlimit_cmd.h \
-+ inode_cmd.h tag_cmd.h sched_cmd.h signal_cmd.h \
-+ debug_cmd.h device_cmd.h
+
-+header-y += switch.h context.h network.h monitor.h \
-+ limit.h inode.h device.h
++#define VLIMIT_NSOCK 16
++#define VLIMIT_OPENFD 17
++#define VLIMIT_ANON 18
++#define VLIMIT_SHMEM 19
++#define VLIMIT_SEMARY 20
++#define VLIMIT_NSEMS 21
++#define VLIMIT_DENTRY 22
++#define VLIMIT_MAPPED 23
+
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/limit_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/limit_cmd.h
---- linux-4.9.207/include/uapi/vserver/limit_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/limit_cmd.h 2018-10-20 04:58:14.000000000 +0000
++#endif /* _UAPI_VS_LIMIT_H */
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/limit_cmd.h linux-4.9/include/uapi/vserver/limit_cmd.h
+--- linux-4.9/include/uapi/vserver/limit_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/limit_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,40 @@
+#ifndef _UAPI_VS_LIMIT_CMD_H
+#define _UAPI_VS_LIMIT_CMD_H
+#define CRLIM_KEEP (~1ULL)
+
+#endif /* _UAPI_VS_LIMIT_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/limit.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/limit.h
---- linux-4.9.207/include/uapi/vserver/limit.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/limit.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,14 @@
-+#ifndef _UAPI_VS_LIMIT_H
-+#define _UAPI_VS_LIMIT_H
-+
-+
-+#define VLIMIT_NSOCK 16
-+#define VLIMIT_OPENFD 17
-+#define VLIMIT_ANON 18
-+#define VLIMIT_SHMEM 19
-+#define VLIMIT_SEMARY 20
-+#define VLIMIT_NSEMS 21
-+#define VLIMIT_DENTRY 22
-+#define VLIMIT_MAPPED 23
-+
-+#endif /* _UAPI_VS_LIMIT_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/monitor.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/monitor.h
---- linux-4.9.207/include/uapi/vserver/monitor.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/monitor.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/monitor.h linux-4.9/include/uapi/vserver/monitor.h
+--- linux-4.9/include/uapi/vserver/monitor.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/monitor.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,96 @@
+#ifndef _UAPI_VS_MONITOR_H
+#define _UAPI_VS_MONITOR_H
+};
+
+#endif /* _UAPI_VS_MONITOR_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/network_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/network_cmd.h
---- linux-4.9.207/include/uapi/vserver/network_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/network_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/network.h linux-4.9/include/uapi/vserver/network.h
+--- linux-4.9/include/uapi/vserver/network.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/network.h 2021-02-24 15:47:45.104409971 +0100
+@@ -0,0 +1,76 @@
++#ifndef _UAPI_VS_NETWORK_H
++#define _UAPI_VS_NETWORK_H
++
++#include <linux/types.h>
++
++
++#define MAX_N_CONTEXT 65535 /* Arbitrary limit */
++
++
++/* network flags */
++
++#define NXF_INFO_PRIVATE 0x00000008
++
++#define NXF_SINGLE_IP 0x00000100
++#define NXF_LBACK_REMAP 0x00000200
++#define NXF_LBACK_ALLOW 0x00000400
++
++#define NXF_HIDE_NETIF 0x02000000
++#define NXF_HIDE_LBACK 0x04000000
++
++#define NXF_STATE_SETUP (1ULL << 32)
++#define NXF_STATE_ADMIN (1ULL << 34)
++
++#define NXF_SC_HELPER (1ULL << 36)
++#define NXF_PERSISTENT (1ULL << 38)
++
++#define NXF_ONE_TIME (0x0005ULL << 32)
++
++
++#define NXF_INIT_SET (__nxf_init_set())
++
++static inline uint64_t __nxf_init_set(void) {
++ return NXF_STATE_ADMIN
++#ifdef CONFIG_VSERVER_AUTO_LBACK
++ | NXF_LBACK_REMAP
++ | NXF_HIDE_LBACK
++#endif
++#ifdef CONFIG_VSERVER_AUTO_SINGLE
++ | NXF_SINGLE_IP
++#endif
++ | NXF_HIDE_NETIF;
++}
++
++
++/* network caps */
++
++#define NXC_TUN_CREATE 0x00000001
++
++#define NXC_RAW_ICMP 0x00000100
++
++#define NXC_MULTICAST 0x00001000
++
++
++/* address types */
++
++#define NXA_TYPE_IPV4 0x0001
++#define NXA_TYPE_IPV6 0x0002
++
++#define NXA_TYPE_NONE 0x0000
++#define NXA_TYPE_ANY 0x00FF
++
++#define NXA_TYPE_ADDR 0x0010
++#define NXA_TYPE_MASK 0x0020
++#define NXA_TYPE_RANGE 0x0040
++
++#define NXA_MASK_ALL (NXA_TYPE_ADDR | NXA_TYPE_MASK | NXA_TYPE_RANGE)
++
++#define NXA_MOD_BCAST 0x0100
++#define NXA_MOD_LBACK 0x0200
++
++#define NXA_LOOPBACK 0x1000
++
++#define NXA_MASK_BIND (NXA_MASK_ALL | NXA_MOD_BCAST | NXA_MOD_LBACK)
++#define NXA_MASK_SHOW (NXA_MASK_ALL | NXA_LOOPBACK)
++
++#endif /* _UAPI_VS_NETWORK_H */
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/network_cmd.h linux-4.9/include/uapi/vserver/network_cmd.h
+--- linux-4.9/include/uapi/vserver/network_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/network_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,123 @@
+#ifndef _UAPI_VS_NETWORK_CMD_H
+#define _UAPI_VS_NETWORK_CMD_H
+};
+
+#endif /* _UAPI_VS_NETWORK_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/network.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/network.h
---- linux-4.9.207/include/uapi/vserver/network.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/network.h 2018-10-20 04:58:14.000000000 +0000
-@@ -0,0 +1,76 @@
-+#ifndef _UAPI_VS_NETWORK_H
-+#define _UAPI_VS_NETWORK_H
-+
-+#include <linux/types.h>
-+
-+
-+#define MAX_N_CONTEXT 65535 /* Arbitrary limit */
-+
-+
-+/* network flags */
-+
-+#define NXF_INFO_PRIVATE 0x00000008
-+
-+#define NXF_SINGLE_IP 0x00000100
-+#define NXF_LBACK_REMAP 0x00000200
-+#define NXF_LBACK_ALLOW 0x00000400
-+
-+#define NXF_HIDE_NETIF 0x02000000
-+#define NXF_HIDE_LBACK 0x04000000
-+
-+#define NXF_STATE_SETUP (1ULL << 32)
-+#define NXF_STATE_ADMIN (1ULL << 34)
-+
-+#define NXF_SC_HELPER (1ULL << 36)
-+#define NXF_PERSISTENT (1ULL << 38)
-+
-+#define NXF_ONE_TIME (0x0005ULL << 32)
-+
-+
-+#define NXF_INIT_SET (__nxf_init_set())
-+
-+static inline uint64_t __nxf_init_set(void) {
-+ return NXF_STATE_ADMIN
-+#ifdef CONFIG_VSERVER_AUTO_LBACK
-+ | NXF_LBACK_REMAP
-+ | NXF_HIDE_LBACK
-+#endif
-+#ifdef CONFIG_VSERVER_AUTO_SINGLE
-+ | NXF_SINGLE_IP
-+#endif
-+ | NXF_HIDE_NETIF;
-+}
-+
-+
-+/* network caps */
-+
-+#define NXC_TUN_CREATE 0x00000001
-+
-+#define NXC_RAW_ICMP 0x00000100
-+
-+#define NXC_MULTICAST 0x00001000
-+
-+
-+/* address types */
-+
-+#define NXA_TYPE_IPV4 0x0001
-+#define NXA_TYPE_IPV6 0x0002
-+
-+#define NXA_TYPE_NONE 0x0000
-+#define NXA_TYPE_ANY 0x00FF
-+
-+#define NXA_TYPE_ADDR 0x0010
-+#define NXA_TYPE_MASK 0x0020
-+#define NXA_TYPE_RANGE 0x0040
-+
-+#define NXA_MASK_ALL (NXA_TYPE_ADDR | NXA_TYPE_MASK | NXA_TYPE_RANGE)
-+
-+#define NXA_MOD_BCAST 0x0100
-+#define NXA_MOD_LBACK 0x0200
-+
-+#define NXA_LOOPBACK 0x1000
-+
-+#define NXA_MASK_BIND (NXA_MASK_ALL | NXA_MOD_BCAST | NXA_MOD_LBACK)
-+#define NXA_MASK_SHOW (NXA_MASK_ALL | NXA_LOOPBACK)
-+
-+#endif /* _UAPI_VS_NETWORK_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/sched_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/sched_cmd.h
---- linux-4.9.207/include/uapi/vserver/sched_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/sched_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/sched_cmd.h linux-4.9/include/uapi/vserver/sched_cmd.h
+--- linux-4.9/include/uapi/vserver/sched_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/sched_cmd.h 2021-02-24 15:47:45.104409971 +0100
@@ -0,0 +1,13 @@
+#ifndef _UAPI_VS_SCHED_CMD_H
+#define _UAPI_VS_SCHED_CMD_H
+#define VCMD_get_prio_bias VC_CMD(SCHED, 5, 0)
+
+#endif /* _UAPI_VS_SCHED_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/signal_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/signal_cmd.h
---- linux-4.9.207/include/uapi/vserver/signal_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/signal_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/signal_cmd.h linux-4.9/include/uapi/vserver/signal_cmd.h
+--- linux-4.9/include/uapi/vserver/signal_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/signal_cmd.h 2021-02-24 15:47:45.107743409 +0100
@@ -0,0 +1,31 @@
+#ifndef _UAPI_VS_SIGNAL_CMD_H
+#define _UAPI_VS_SIGNAL_CMD_H
+};
+
+#endif /* _UAPI_VS_SIGNAL_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/space_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/space_cmd.h
---- linux-4.9.207/include/uapi/vserver/space_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/space_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/space_cmd.h linux-4.9/include/uapi/vserver/space_cmd.h
+--- linux-4.9/include/uapi/vserver/space_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/space_cmd.h 2021-02-24 15:47:45.107743409 +0100
@@ -0,0 +1,28 @@
+#ifndef _UAPI_VS_SPACE_CMD_H
+#define _UAPI_VS_SPACE_CMD_H
+};
+
+#endif /* _UAPI_VS_SPACE_CMD_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/switch.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/switch.h
---- linux-4.9.207/include/uapi/vserver/switch.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/switch.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/switch.h linux-4.9/include/uapi/vserver/switch.h
+--- linux-4.9/include/uapi/vserver/switch.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/switch.h 2021-02-24 15:47:45.107743409 +0100
@@ -0,0 +1,90 @@
+#ifndef _UAPI_VS_SWITCH_H
+#define _UAPI_VS_SWITCH_H
+#define VCMD_get_vci VC_CMD(VERSION, 1, 0)
+
+#endif /* _UAPI_VS_SWITCH_H */
-diff -NurpP --minimal linux-4.9.207/include/uapi/vserver/tag_cmd.h linux-4.9.207-vs2.3.9.11/include/uapi/vserver/tag_cmd.h
---- linux-4.9.207/include/uapi/vserver/tag_cmd.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/include/uapi/vserver/tag_cmd.h 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/include/uapi/vserver/tag_cmd.h linux-4.9/include/uapi/vserver/tag_cmd.h
+--- linux-4.9/include/uapi/vserver/tag_cmd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/include/uapi/vserver/tag_cmd.h 2021-02-24 15:47:45.107743409 +0100
@@ -0,0 +1,14 @@
+#ifndef _UAPI_VS_TAG_CMD_H
+#define _UAPI_VS_TAG_CMD_H
+#define VCMD_tag_migrate VC_CMD(TAGMIG, 1, 0)
+
+#endif /* _UAPI_VS_TAG_CMD_H */
-diff -NurpP --minimal linux-4.9.207/init/Kconfig linux-4.9.207-vs2.3.9.11/init/Kconfig
---- linux-4.9.207/init/Kconfig 2019-12-25 15:28:42.767228378 +0000
-+++ linux-4.9.207-vs2.3.9.11/init/Kconfig 2018-10-20 04:58:14.000000000 +0000
-@@ -958,6 +958,7 @@ config NUMA_BALANCING_DEFAULT_ENABLED
+diff -urNp -x '*.orig' linux-4.9/init/Kconfig linux-4.9/init/Kconfig
+--- linux-4.9/init/Kconfig 2021-02-24 15:47:32.454014219 +0100
++++ linux-4.9/init/Kconfig 2021-02-24 15:47:45.107743409 +0100
+@@ -959,6 +959,7 @@ config NUMA_BALANCING_DEFAULT_ENABLED
menuconfig CGROUPS
bool "Control Group support"
select KERNFS
help
This option adds support for grouping sets of processes together, for
use with process control subsystems such as Cpusets, CFS, memory
-diff -NurpP --minimal linux-4.9.207/init/main.c linux-4.9.207-vs2.3.9.11/init/main.c
---- linux-4.9.207/init/main.c 2019-12-25 15:28:42.767228378 +0000
-+++ linux-4.9.207-vs2.3.9.11/init/main.c 2019-10-05 14:58:45.760306119 +0000
+diff -urNp -x '*.orig' linux-4.9/init/main.c linux-4.9/init/main.c
+--- linux-4.9/init/main.c 2021-02-24 15:47:32.454014219 +0100
++++ linux-4.9/init/main.c 2021-02-24 15:47:45.107743409 +0100
@@ -82,6 +82,7 @@
#include <linux/io.h>
#include <linux/kaiser.h>
#include <asm/io.h>
#include <asm/bugs.h>
-diff -NurpP --minimal linux-4.9.207/ipc/mqueue.c linux-4.9.207-vs2.3.9.11/ipc/mqueue.c
---- linux-4.9.207/ipc/mqueue.c 2019-12-25 15:28:42.797227893 +0000
-+++ linux-4.9.207-vs2.3.9.11/ipc/mqueue.c 2019-10-05 15:01:19.537840241 +0000
+diff -urNp -x '*.orig' linux-4.9/ipc/mqueue.c linux-4.9/ipc/mqueue.c
+--- linux-4.9/ipc/mqueue.c 2021-02-24 15:47:32.454014219 +0100
++++ linux-4.9/ipc/mqueue.c 2021-02-24 15:47:45.107743409 +0100
@@ -35,6 +35,8 @@
#include <linux/ipc_namespace.h>
#include <linux/user_namespace.h>
free_uid(user);
}
if (ipc_ns)
-diff -NurpP --minimal linux-4.9.207/ipc/msg.c linux-4.9.207-vs2.3.9.11/ipc/msg.c
---- linux-4.9.207/ipc/msg.c 2019-12-25 15:28:42.817227568 +0000
-+++ linux-4.9.207-vs2.3.9.11/ipc/msg.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/ipc/msg.c linux-4.9/ipc/msg.c
+--- linux-4.9/ipc/msg.c 2021-02-24 15:47:32.454014219 +0100
++++ linux-4.9/ipc/msg.c 2021-02-24 15:47:45.107743409 +0100
@@ -37,6 +37,7 @@
#include <linux/rwsem.h>
#include <linux/nsproxy.h>
msq->q_perm.security = NULL;
retval = security_msg_queue_alloc(msq);
-diff -NurpP --minimal linux-4.9.207/ipc/namespace.c linux-4.9.207-vs2.3.9.11/ipc/namespace.c
---- linux-4.9.207/ipc/namespace.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/ipc/namespace.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/ipc/namespace.c linux-4.9/ipc/namespace.c
+--- linux-4.9/ipc/namespace.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/ipc/namespace.c 2021-02-24 15:47:45.107743409 +0100
@@ -13,6 +13,7 @@
#include <linux/mount.h>
#include <linux/user_namespace.h>
kfree(ns);
}
-diff -NurpP --minimal linux-4.9.207/ipc/sem.c linux-4.9.207-vs2.3.9.11/ipc/sem.c
---- linux-4.9.207/ipc/sem.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/ipc/sem.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/ipc/sem.c linux-4.9/ipc/sem.c
+--- linux-4.9/ipc/sem.c 2021-02-24 15:47:32.454014219 +0100
++++ linux-4.9/ipc/sem.c 2021-02-24 15:47:45.107743409 +0100
@@ -85,6 +85,8 @@
#include <linux/rwsem.h>
#include <linux/nsproxy.h>
ipc_rcu_putref(sma, sem_rcu_free);
}
-diff -NurpP --minimal linux-4.9.207/ipc/shm.c linux-4.9.207-vs2.3.9.11/ipc/shm.c
---- linux-4.9.207/ipc/shm.c 2019-12-25 15:28:42.837227244 +0000
-+++ linux-4.9.207-vs2.3.9.11/ipc/shm.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/ipc/shm.c linux-4.9/ipc/shm.c
+--- linux-4.9/ipc/shm.c 2021-02-24 15:47:32.454014219 +0100
++++ linux-4.9/ipc/shm.c 2021-02-24 15:47:45.107743409 +0100
@@ -42,6 +42,8 @@
#include <linux/nsproxy.h>
#include <linux/mount.h>
return error;
no_id:
-diff -NurpP --minimal linux-4.9.207/kernel/auditsc.c linux-4.9.207-vs2.3.9.11/kernel/auditsc.c
---- linux-4.9.207/kernel/auditsc.c 2019-12-25 15:28:42.937225627 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/auditsc.c 2019-12-25 15:37:52.348423568 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/Makefile linux-4.9/kernel/Makefile
+--- linux-4.9/kernel/Makefile 2021-02-24 15:47:32.454014219 +0100
++++ linux-4.9/kernel/Makefile 2021-02-24 15:47:45.111076846 +0100
+@@ -40,6 +40,7 @@ obj-y += printk/
+ obj-y += irq/
+ obj-y += rcu/
+ obj-y += livepatch/
++obj-y += vserver/
+
+ obj-$(CONFIG_CHECKPOINT_RESTORE) += kcmp.o
+ obj-$(CONFIG_FREEZER) += freezer.o
+diff -urNp -x '*.orig' linux-4.9/kernel/auditsc.c linux-4.9/kernel/auditsc.c
+--- linux-4.9/kernel/auditsc.c 2021-02-24 15:47:32.457347657 +0100
++++ linux-4.9/kernel/auditsc.c 2021-02-24 15:47:45.107743409 +0100
@@ -1967,7 +1967,7 @@ static int audit_set_loginuid_perm(kuid_
if (is_audit_feature_set(AUDIT_FEATURE_LOGINUID_IMMUTABLE))
return -EPERM;
return -EPERM;
/* reject if this is not an unset and we don't allow that */
if (is_audit_feature_set(AUDIT_FEATURE_ONLY_UNSET_LOGINUID) && uid_valid(loginuid))
-diff -NurpP --minimal linux-4.9.207/kernel/capability.c linux-4.9.207-vs2.3.9.11/kernel/capability.c
---- linux-4.9.207/kernel/capability.c 2019-12-25 15:28:43.057223690 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/capability.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/capability.c linux-4.9/kernel/capability.c
+--- linux-4.9/kernel/capability.c 2021-02-24 15:47:32.460681095 +0100
++++ linux-4.9/kernel/capability.c 2021-02-24 15:47:45.111076846 +0100
@@ -17,6 +17,7 @@
#include <linux/syscalls.h>
#include <linux/pid_namespace.h>
/**
* has_capability_noaudit - Does a task have a capability (unaudited) in the
* initial user ns
-diff -NurpP --minimal linux-4.9.207/kernel/compat.c linux-4.9.207-vs2.3.9.11/kernel/compat.c
---- linux-4.9.207/kernel/compat.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/compat.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/compat.c linux-4.9/kernel/compat.c
+--- linux-4.9/kernel/compat.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/kernel/compat.c 2021-02-24 15:47:45.111076846 +0100
@@ -27,6 +27,7 @@
#include <linux/times.h>
#include <linux/ptrace.h>
return 0;
}
-diff -NurpP --minimal linux-4.9.207/kernel/cred.c linux-4.9.207-vs2.3.9.11/kernel/cred.c
---- linux-4.9.207/kernel/cred.c 2019-12-25 15:28:43.087223204 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/cred.c 2019-10-05 14:58:45.880304199 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/cred.c linux-4.9/kernel/cred.c
+--- linux-4.9/kernel/cred.c 2021-02-24 15:47:32.460681095 +0100
++++ linux-4.9/kernel/cred.c 2021-02-24 15:47:45.111076846 +0100
@@ -64,31 +64,6 @@ struct cred init_cred = {
.group_info = &init_groups,
};
EXPORT_SYMBOL(prepare_creds);
/*
-diff -NurpP --minimal linux-4.9.207/kernel/exit.c linux-4.9.207-vs2.3.9.11/kernel/exit.c
---- linux-4.9.207/kernel/exit.c 2019-12-25 15:28:43.277220132 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/exit.c 2019-02-24 12:44:58.353750946 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/exit.c linux-4.9/kernel/exit.c
+--- linux-4.9/kernel/exit.c 2021-02-24 15:47:32.467347970 +0100
++++ linux-4.9/kernel/exit.c 2021-02-24 15:47:45.111076846 +0100
@@ -48,6 +48,10 @@
#include <linux/fs_struct.h>
#include <linux/init_task.h>
#include <trace/events/sched.h>
#include <linux/hw_breakpoint.h>
#include <linux/oom.h>
-@@ -532,15 +536,25 @@ static struct task_struct *find_child_re
+@@ -535,15 +539,25 @@ static struct task_struct *find_child_re
{
struct pid_namespace *pid_ns = task_active_pid_ns(father);
struct task_struct *reaper = pid_ns->child_reaper;
}
write_unlock_irq(&tasklist_lock);
-@@ -557,7 +571,10 @@ static struct task_struct *find_child_re
+@@ -560,7 +574,10 @@ static struct task_struct *find_child_re
zap_pid_ns_processes(pid_ns);
write_lock_irq(&tasklist_lock);
}
/*
-@@ -645,9 +662,13 @@ static void forget_original_parent(struc
+@@ -648,9 +665,13 @@ static void forget_original_parent(struc
return;
reaper = find_new_reaper(father, reaper);
BUG_ON((!t->ptrace) != (t->parent == father));
if (likely(!t->ptrace))
t->parent = t->real_parent;
-@@ -659,10 +680,13 @@ static void forget_original_parent(struc
+@@ -662,10 +683,13 @@ static void forget_original_parent(struc
* If this is a threaded reparent there is no need to
* notify anyone anything has happened.
*/
}
/*
-@@ -852,6 +876,9 @@ void __noreturn do_exit(long code)
+@@ -843,6 +867,9 @@ void __noreturn do_exit(long code)
*/
flush_ptrace_hw_breakpoint(tsk);
TASKS_RCU(preempt_disable());
TASKS_RCU(tasks_rcu_i = __srcu_read_lock(&tasks_rcu_exit_srcu));
TASKS_RCU(preempt_enable());
-@@ -884,6 +911,10 @@ void __noreturn do_exit(long code)
+@@ -869,6 +896,10 @@ void __noreturn do_exit(long code)
validate_creds_for_do_exit(tsk);
check_stack_usage();
preempt_disable();
if (tsk->nr_dirtied)
-diff -NurpP --minimal linux-4.9.207/kernel/fork.c linux-4.9.207-vs2.3.9.11/kernel/fork.c
---- linux-4.9.207/kernel/fork.c 2019-12-25 15:28:43.277220132 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/fork.c 2019-10-22 13:47:05.619629084 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/fork.c linux-4.9/kernel/fork.c
+--- linux-4.9/kernel/fork.c 2021-02-24 15:47:32.467347970 +0100
++++ linux-4.9/kernel/fork.c 2021-02-24 15:47:45.111076846 +0100
@@ -77,6 +77,9 @@
#include <linux/compiler.h>
#include <linux/sysctl.h>
ftrace_graph_exit_task(tsk);
put_seccomp_filter(tsk);
arch_release_task_struct(tsk);
-@@ -1480,6 +1485,8 @@ static __latent_entropy struct task_stru
+@@ -1476,6 +1481,8 @@ static __latent_entropy struct task_stru
{
int retval;
struct task_struct *p;
if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS))
return ERR_PTR(-EINVAL);
-@@ -1552,7 +1559,12 @@ static __latent_entropy struct task_stru
+@@ -1548,7 +1555,12 @@ static __latent_entropy struct task_stru
DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled);
DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
#endif
if (atomic_read(&p->real_cred->user->processes) >=
task_rlimit(p, RLIMIT_NPROC)) {
if (p->real_cred->user != INIT_USER &&
-@@ -1853,6 +1865,18 @@ static __latent_entropy struct task_stru
+@@ -1843,6 +1855,18 @@ static __latent_entropy struct task_stru
total_forks++;
spin_unlock(¤t->sighand->siglock);
syscall_tracepoint_update(p);
write_unlock_irq(&tasklist_lock);
proc_fork_connector(p);
-diff -NurpP --minimal linux-4.9.207/kernel/kthread.c linux-4.9.207-vs2.3.9.11/kernel/kthread.c
---- linux-4.9.207/kernel/kthread.c 2019-12-25 15:28:43.417217867 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/kthread.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/kthread.c linux-4.9/kernel/kthread.c
+--- linux-4.9/kernel/kthread.c 2021-02-24 15:47:32.474014845 +0100
++++ linux-4.9/kernel/kthread.c 2021-02-24 15:47:45.111076846 +0100
@@ -19,6 +19,7 @@
#include <linux/ptrace.h>
#include <linux/uaccess.h>
#include <trace/events/sched.h>
static DEFINE_SPINLOCK(kthread_create_lock);
-diff -NurpP --minimal linux-4.9.207/kernel/Makefile linux-4.9.207-vs2.3.9.11/kernel/Makefile
---- linux-4.9.207/kernel/Makefile 2019-12-25 15:28:42.867226759 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/Makefile 2019-10-05 14:58:46.030301805 +0000
-@@ -40,6 +40,7 @@ obj-y += printk/
- obj-y += irq/
- obj-y += rcu/
- obj-y += livepatch/
-+obj-y += vserver/
-
- obj-$(CONFIG_CHECKPOINT_RESTORE) += kcmp.o
- obj-$(CONFIG_FREEZER) += freezer.o
-diff -NurpP --minimal linux-4.9.207/kernel/nsproxy.c linux-4.9.207-vs2.3.9.11/kernel/nsproxy.c
---- linux-4.9.207/kernel/nsproxy.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/nsproxy.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/nsproxy.c linux-4.9/kernel/nsproxy.c
+--- linux-4.9/kernel/nsproxy.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/kernel/nsproxy.c 2021-02-24 15:47:45.111076846 +0100
@@ -20,12 +20,15 @@
#include <linux/mnt_namespace.h>
#include <linux/utsname.h>
return -EPERM;
*new_nsp = create_new_namespaces(unshare_flags, current, user_ns,
-diff -NurpP --minimal linux-4.9.207/kernel/pid.c linux-4.9.207-vs2.3.9.11/kernel/pid.c
---- linux-4.9.207/kernel/pid.c 2019-12-25 15:28:43.497216574 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/pid.c 2018-10-20 04:58:14.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/pid.c linux-4.9/kernel/pid.c
+--- linux-4.9/kernel/pid.c 2021-02-24 15:47:32.477348283 +0100
++++ linux-4.9/kernel/pid.c 2021-02-24 15:47:45.111076846 +0100
@@ -38,6 +38,7 @@
#include <linux/syscalls.h>
#include <linux/proc_ns.h>
pid_t pid_vnr(struct pid *pid)
{
return pid_nr_ns(pid, task_active_pid_ns(current));
-diff -NurpP --minimal linux-4.9.207/kernel/pid_namespace.c linux-4.9.207-vs2.3.9.11/kernel/pid_namespace.c
---- linux-4.9.207/kernel/pid_namespace.c 2019-12-25 15:28:43.497216574 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/pid_namespace.c 2019-10-05 14:58:46.030301805 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/pid_namespace.c linux-4.9/kernel/pid_namespace.c
+--- linux-4.9/kernel/pid_namespace.c 2021-02-24 15:47:32.477348283 +0100
++++ linux-4.9/kernel/pid_namespace.c 2021-02-24 15:47:45.111076846 +0100
@@ -18,6 +18,7 @@
#include <linux/proc_ns.h>
#include <linux/reboot.h>
kmem_cache_free(pid_ns_cachep, ns);
out_dec:
dec_pid_namespaces(ucounts);
-diff -NurpP --minimal linux-4.9.207/kernel/printk/printk.c linux-4.9.207-vs2.3.9.11/kernel/printk/printk.c
---- linux-4.9.207/kernel/printk/printk.c 2019-12-25 15:28:43.597214959 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/printk/printk.c 2019-12-25 15:37:52.568420017 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/printk/printk.c linux-4.9/kernel/printk/printk.c
+--- linux-4.9/kernel/printk/printk.c 2021-02-24 15:47:32.480681720 +0100
++++ linux-4.9/kernel/printk/printk.c 2021-02-24 15:47:45.114410284 +0100
@@ -45,6 +45,7 @@
#include <linux/utsname.h>
#include <linux/ctype.h>
error = syslog_print_all(buf, len, clear);
break;
/* Clear ring buffer */
-diff -NurpP --minimal linux-4.9.207/kernel/ptrace.c linux-4.9.207-vs2.3.9.11/kernel/ptrace.c
---- linux-4.9.207/kernel/ptrace.c 2019-12-25 15:28:43.597214959 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/ptrace.c 2019-10-05 14:59:56.929168738 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/ptrace.c linux-4.9/kernel/ptrace.c
+--- linux-4.9/kernel/ptrace.c 2021-02-24 15:47:32.480681720 +0100
++++ linux-4.9/kernel/ptrace.c 2021-02-24 15:47:45.114410284 +0100
@@ -23,6 +23,7 @@
#include <linux/syscalls.h>
#include <linux/uaccess.h>
if (mode & PTRACE_MODE_SCHED)
return 0;
return security_ptrace_access_check(task, mode);
-diff -NurpP --minimal linux-4.9.207/kernel/reboot.c linux-4.9.207-vs2.3.9.11/kernel/reboot.c
---- linux-4.9.207/kernel/reboot.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/reboot.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/reboot.c linux-4.9/kernel/reboot.c
+--- linux-4.9/kernel/reboot.c 2021-02-24 15:47:32.484015158 +0100
++++ linux-4.9/kernel/reboot.c 2021-02-24 15:47:45.114410284 +0100
@@ -16,6 +16,7 @@
#include <linux/syscalls.h>
#include <linux/syscore_ops.h>
mutex_lock(&reboot_mutex);
switch (cmd) {
case LINUX_REBOOT_CMD_RESTART:
-diff -NurpP --minimal linux-4.9.207/kernel/sched/core.c linux-4.9.207-vs2.3.9.11/kernel/sched/core.c
---- linux-4.9.207/kernel/sched/core.c 2019-12-25 15:28:43.667213827 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/sched/core.c 2019-10-22 13:47:05.639628767 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/sched/core.c linux-4.9/kernel/sched/core.c
+--- linux-4.9/kernel/sched/core.c 2021-02-24 15:47:32.484015158 +0100
++++ linux-4.9/kernel/sched/core.c 2021-02-24 15:47:45.114410284 +0100
@@ -75,6 +75,8 @@
#include <linux/compiler.h>
#include <linux/frame.h>
BUG();
/* Avoid "noreturn function does return". */
for (;;)
-@@ -3824,7 +3827,7 @@ SYSCALL_DEFINE1(nice, int, increment)
+@@ -3825,7 +3828,7 @@ SYSCALL_DEFINE1(nice, int, increment)
nice = clamp_val(nice, MIN_NICE, MAX_NICE);
if (increment < 0 && !can_nice(current, nice))
retval = security_task_setnice(current, nice);
if (retval)
-diff -NurpP --minimal linux-4.9.207/kernel/sched/cputime.c linux-4.9.207-vs2.3.9.11/kernel/sched/cputime.c
---- linux-4.9.207/kernel/sched/cputime.c 2019-12-25 15:28:43.697213342 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/sched/cputime.c 2018-10-20 11:46:17.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/sched/cputime.c linux-4.9/kernel/sched/cputime.c
+--- linux-4.9/kernel/sched/cputime.c 2021-02-24 15:47:32.484015158 +0100
++++ linux-4.9/kernel/sched/cputime.c 2021-02-24 15:47:45.114410284 +0100
@@ -4,6 +4,7 @@
#include <linux/kernel_stat.h>
#include <linux/static_key.h>
account_group_system_time(p, cputime);
/* Add system time to cpustat. */
-diff -NurpP --minimal linux-4.9.207/kernel/sched/fair.c linux-4.9.207-vs2.3.9.11/kernel/sched/fair.c
---- linux-4.9.207/kernel/sched/fair.c 2019-12-25 15:28:43.697213342 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/sched/fair.c 2019-12-25 15:37:52.578419856 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/sched/fair.c linux-4.9/kernel/sched/fair.c
+--- linux-4.9/kernel/sched/fair.c 2021-02-24 15:47:32.487348596 +0100
++++ linux-4.9/kernel/sched/fair.c 2021-02-24 15:47:45.117743722 +0100
@@ -30,6 +30,7 @@
#include <linux/mempolicy.h>
#include <linux/migrate.h>
account_entity_dequeue(cfs_rq, se);
/*
-diff -NurpP --minimal linux-4.9.207/kernel/sched/loadavg.c linux-4.9.207-vs2.3.9.11/kernel/sched/loadavg.c
---- linux-4.9.207/kernel/sched/loadavg.c 2019-12-25 15:28:43.697213342 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/sched/loadavg.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/sched/loadavg.c linux-4.9/kernel/sched/loadavg.c
+--- linux-4.9/kernel/sched/loadavg.c 2021-02-24 15:47:32.487348596 +0100
++++ linux-4.9/kernel/sched/loadavg.c 2021-02-24 15:47:45.117743722 +0100
@@ -73,9 +73,16 @@ EXPORT_SYMBOL(avenrun); /* should be rem
*/
void get_avenrun(unsigned long *loads, unsigned long offset, int shift)
}
long calc_load_fold_active(struct rq *this_rq, long adjust)
-diff -NurpP --minimal linux-4.9.207/kernel/signal.c linux-4.9.207-vs2.3.9.11/kernel/signal.c
---- linux-4.9.207/kernel/signal.c 2019-12-25 15:28:43.717213017 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/signal.c 2019-12-25 15:37:52.578419856 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/signal.c linux-4.9/kernel/signal.c
+--- linux-4.9/kernel/signal.c 2021-02-24 15:47:32.490682033 +0100
++++ linux-4.9/kernel/signal.c 2021-02-24 15:47:45.117743722 +0100
@@ -34,6 +34,8 @@
#include <linux/compat.h>
#include <linux/cn_proc.h>
#define CREATE_TRACE_POINTS
#include <trace/events/signal.h>
-@@ -772,9 +774,18 @@ static int check_kill_permission(int sig
+@@ -782,9 +784,18 @@ static int check_kill_permission(int sig
struct pid *sid;
int error;
if (!si_fromuser(info))
return 0;
-@@ -798,6 +809,20 @@ static int check_kill_permission(int sig
+@@ -808,6 +819,20 @@ static int check_kill_permission(int sig
}
}
return security_task_kill(t, info, sig, 0);
}
-@@ -1349,8 +1374,14 @@ int kill_pid_info(int sig, struct siginf
+@@ -1359,8 +1384,14 @@ int kill_pid_info(int sig, struct siginf
for (;;) {
rcu_read_lock();
p = pid_task(pid, PIDTYPE_PID);
rcu_read_unlock();
if (likely(!p || error != -ESRCH))
return error;
-@@ -1395,7 +1426,7 @@ int kill_pid_info_as_cred(int sig, struc
+@@ -1405,7 +1436,7 @@ int kill_pid_info_as_cred(int sig, struc
rcu_read_lock();
p = pid_task(pid, PIDTYPE_PID);
ret = -ESRCH;
goto out_unlock;
}
-@@ -1451,8 +1482,10 @@ static int kill_something_info(int sig,
+@@ -1461,8 +1492,10 @@ static int kill_something_info(int sig,
struct task_struct * p;
for_each_process(p) {
int err = group_send_sig_info(sig, info, p);
++count;
if (err != -EPERM)
-@@ -2323,6 +2356,11 @@ relock:
+@@ -2333,6 +2366,11 @@ relock:
!sig_kernel_only(signr))
continue;
if (sig_kernel_stop(signr)) {
/*
* The default action is to stop all threads in
-diff -NurpP --minimal linux-4.9.207/kernel/softirq.c linux-4.9.207-vs2.3.9.11/kernel/softirq.c
---- linux-4.9.207/kernel/softirq.c 2019-12-25 15:28:43.727212857 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/softirq.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/softirq.c linux-4.9/kernel/softirq.c
+--- linux-4.9/kernel/softirq.c 2021-02-24 15:47:32.490682033 +0100
++++ linux-4.9/kernel/softirq.c 2021-02-24 15:47:45.117743722 +0100
@@ -26,6 +26,7 @@
#include <linux/smpboot.h>
#include <linux/tick.h>
#define CREATE_TRACE_POINTS
#include <trace/events/irq.h>
-diff -NurpP --minimal linux-4.9.207/kernel/sys.c linux-4.9.207-vs2.3.9.11/kernel/sys.c
---- linux-4.9.207/kernel/sys.c 2019-12-25 15:28:43.747212532 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/sys.c 2019-10-13 16:09:18.098106817 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/sys.c linux-4.9/kernel/sys.c
+--- linux-4.9/kernel/sys.c 2021-02-24 15:47:32.490682033 +0100
++++ linux-4.9/kernel/sys.c 2021-02-24 15:47:45.117743722 +0100
@@ -56,6 +56,7 @@
#include <linux/nospec.h>
if (uid_eq(task_uid(p), uid) && task_pid_vnr(p)) {
niceval = nice_to_rlimit(task_nice(p));
if (niceval > retval)
-@@ -1211,7 +1221,8 @@ SYSCALL_DEFINE2(sethostname, char __user
+@@ -1213,7 +1223,8 @@ SYSCALL_DEFINE2(sethostname, char __user
int errno;
char tmp[__NEW_UTS_LEN];
return -EPERM;
if (len < 0 || len > __NEW_UTS_LEN)
-@@ -1264,7 +1275,8 @@ SYSCALL_DEFINE2(setdomainname, char __us
+@@ -1266,7 +1277,8 @@ SYSCALL_DEFINE2(setdomainname, char __us
int errno;
char tmp[__NEW_UTS_LEN];
return -EPERM;
if (len < 0 || len > __NEW_UTS_LEN)
return -EINVAL;
-@@ -1384,7 +1396,7 @@ int do_prlimit(struct task_struct *tsk,
+@@ -1386,7 +1398,7 @@ int do_prlimit(struct task_struct *tsk,
/* Keep the capable check against init_user_ns until
cgroups can contain all limits */
if (new_rlim->rlim_max > rlim->rlim_max &&
retval = -EPERM;
if (!retval)
retval = security_task_setrlimit(tsk->group_leader,
-@@ -1437,7 +1449,8 @@ static int check_prlimit_permission(stru
+@@ -1439,7 +1451,8 @@ static int check_prlimit_permission(stru
gid_eq(cred->gid, tcred->sgid) &&
gid_eq(cred->gid, tcred->gid))
return 0;
return 0;
return -EPERM;
-@@ -2326,7 +2339,12 @@ static int do_sysinfo(struct sysinfo *in
+@@ -2328,7 +2341,12 @@ static int do_sysinfo(struct sysinfo *in
get_avenrun(info->loads, 0, SI_LOAD_SHIFT - FSHIFT);
+ info->procs = atomic_read(&vxi->cvirt.nr_threads);
+ } else {
+ info->procs = nr_threads;
-+ }
-
- si_meminfo(info);
- si_swapinfo(info);
-diff -NurpP --minimal linux-4.9.207/kernel/sysctl_binary.c linux-4.9.207-vs2.3.9.11/kernel/sysctl_binary.c
---- linux-4.9.207/kernel/sysctl_binary.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/sysctl_binary.c 2018-10-20 04:58:15.000000000 +0000
-@@ -74,6 +74,7 @@ static const struct bin_table bin_kern_t
-
- { CTL_INT, KERN_PANIC, "panic" },
- { CTL_INT, KERN_REALROOTDEV, "real-root-dev" },
-+ { CTL_STR, KERN_VSHELPER, "vshelper" },
++ }
- { CTL_STR, KERN_SPARC_REBOOT, "reboot-cmd" },
- { CTL_INT, KERN_CTLALTDEL, "ctrl-alt-del" },
-diff -NurpP --minimal linux-4.9.207/kernel/sysctl.c linux-4.9.207-vs2.3.9.11/kernel/sysctl.c
---- linux-4.9.207/kernel/sysctl.c 2019-12-25 15:28:43.747212532 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/sysctl.c 2019-10-05 14:58:46.110300525 +0000
+ si_meminfo(info);
+ si_swapinfo(info);
+diff -urNp -x '*.orig' linux-4.9/kernel/sysctl.c linux-4.9/kernel/sysctl.c
+--- linux-4.9/kernel/sysctl.c 2021-02-24 15:47:32.490682033 +0100
++++ linux-4.9/kernel/sysctl.c 2021-02-24 15:47:45.117743722 +0100
@@ -87,6 +87,7 @@
#if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT)
#include <linux/lockdep.h>
#endif /* CONFIG_COMPACTION */
{
.procname = "min_free_kbytes",
-diff -NurpP --minimal linux-4.9.207/kernel/time/posix-timers.c linux-4.9.207-vs2.3.9.11/kernel/time/posix-timers.c
---- linux-4.9.207/kernel/time/posix-timers.c 2019-12-25 15:28:43.837211076 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/time/posix-timers.c 2019-02-22 08:37:55.983044969 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/sysctl_binary.c linux-4.9/kernel/sysctl_binary.c
+--- linux-4.9/kernel/sysctl_binary.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/kernel/sysctl_binary.c 2021-02-24 15:47:45.117743722 +0100
+@@ -74,6 +74,7 @@ static const struct bin_table bin_kern_t
+
+ { CTL_INT, KERN_PANIC, "panic" },
+ { CTL_INT, KERN_REALROOTDEV, "real-root-dev" },
++ { CTL_STR, KERN_VSHELPER, "vshelper" },
+
+ { CTL_STR, KERN_SPARC_REBOOT, "reboot-cmd" },
+ { CTL_INT, KERN_CTLALTDEL, "ctrl-alt-del" },
+diff -urNp -x '*.orig' linux-4.9/kernel/time/posix-timers.c linux-4.9/kernel/time/posix-timers.c
+--- linux-4.9/kernel/time/posix-timers.c 2021-02-24 15:47:32.494015471 +0100
++++ linux-4.9/kernel/time/posix-timers.c 2021-02-24 15:47:45.117743722 +0100
@@ -48,6 +48,7 @@
#include <linux/workqueue.h>
#include <linux/export.h>
/* If we failed to send the signal the timer stops. */
return ret > 0;
}
-diff -NurpP --minimal linux-4.9.207/kernel/time/time.c linux-4.9.207-vs2.3.9.11/kernel/time/time.c
---- linux-4.9.207/kernel/time/time.c 2019-12-25 15:28:43.857210755 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/time/time.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/time/time.c linux-4.9/kernel/time/time.c
+--- linux-4.9/kernel/time/time.c 2021-02-24 15:47:32.494015471 +0100
++++ linux-4.9/kernel/time/time.c 2021-02-24 15:47:45.117743722 +0100
@@ -38,6 +38,7 @@
#include <linux/fs.h>
#include <linux/math64.h>
return 0;
}
-diff -NurpP --minimal linux-4.9.207/kernel/time/timekeeping.c linux-4.9.207-vs2.3.9.11/kernel/time/timekeeping.c
---- linux-4.9.207/kernel/time/timekeeping.c 2019-12-25 15:28:43.857210755 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/time/timekeeping.c 2019-12-25 15:09:47.185439847 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/time/timekeeping.c linux-4.9/kernel/time/timekeeping.c
+--- linux-4.9/kernel/time/timekeeping.c 2021-02-24 15:47:32.494015471 +0100
++++ linux-4.9/kernel/time/timekeeping.c 2021-02-24 15:47:45.121077159 +0100
@@ -23,6 +23,8 @@
#include <linux/stop_machine.h>
#include <linux/pvclock_gtod.h>
return ktime_add_ns(base, nsecs);
}
-diff -NurpP --minimal linux-4.9.207/kernel/time/timer.c linux-4.9.207-vs2.3.9.11/kernel/time/timer.c
---- linux-4.9.207/kernel/time/timer.c 2019-12-25 15:28:43.857210755 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/time/timer.c 2019-10-22 13:47:05.659628449 +0000
-@@ -42,6 +42,10 @@
- #include <linux/sched/sysctl.h>
+diff -urNp -x '*.orig' linux-4.9/kernel/time/timer.c linux-4.9/kernel/time/timer.c
+--- linux-4.9/kernel/time/timer.c 2021-02-24 15:47:32.494015471 +0100
++++ linux-4.9/kernel/time/timer.c 2021-02-24 15:47:45.121077159 +0100
+@@ -43,6 +43,10 @@
#include <linux/slab.h>
#include <linux/compat.h>
+ #include <linux/random.h>
+#include <linux/vs_base.h>
+#include <linux/vs_cvirt.h>
+#include <linux/vs_pid.h>
#include <asm/uaccess.h>
#include <asm/unistd.h>
-diff -NurpP --minimal linux-4.9.207/kernel/user_namespace.c linux-4.9.207-vs2.3.9.11/kernel/user_namespace.c
---- linux-4.9.207/kernel/user_namespace.c 2019-12-25 15:28:43.967208975 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/user_namespace.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/user_namespace.c linux-4.9/kernel/user_namespace.c
+--- linux-4.9/kernel/user_namespace.c 2021-02-24 15:47:32.504015783 +0100
++++ linux-4.9/kernel/user_namespace.c 2021-02-24 15:47:45.121077159 +0100
@@ -22,6 +22,7 @@
#include <linux/ctype.h>
#include <linux/projid.h>
/**
* make_kprojid - Map a user-namespace projid pair into a kprojid.
* @ns: User namespace that the projid is in
-diff -NurpP --minimal linux-4.9.207/kernel/utsname.c linux-4.9.207-vs2.3.9.11/kernel/utsname.c
---- linux-4.9.207/kernel/utsname.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/utsname.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/utsname.c linux-4.9/kernel/utsname.c
+--- linux-4.9/kernel/utsname.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/kernel/utsname.c 2021-02-24 15:47:45.121077159 +0100
@@ -16,6 +16,7 @@
#include <linux/slab.h>
#include <linux/user_namespace.h>
kfree(ns);
}
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/cacct.c linux-4.9.207-vs2.3.9.11/kernel/vserver/cacct.c
---- linux-4.9.207/kernel/vserver/cacct.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/cacct.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/Kconfig linux-4.9/kernel/vserver/Kconfig
+--- linux-4.9/kernel/vserver/Kconfig 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/Kconfig 2021-02-24 15:47:45.124410596 +0100
+@@ -0,0 +1,230 @@
++#
++# Linux VServer configuration
++#
++
++menu "Linux VServer"
++
++config VSERVER_AUTO_LBACK
++ bool "Automatically Assign Loopback IP"
++ default y
++ help
++ Automatically assign a guest specific loopback
++ IP and add it to the kernel network stack on
++ startup.
++
++config VSERVER_AUTO_SINGLE
++ bool "Automatic Single IP Special Casing"
++ default n
++ help
++ This allows network contexts with a single IP to
++ automatically remap 0.0.0.0 bindings to that IP,
++ avoiding further network checks and improving
++ performance.
++
++ (note: such guests do not allow to change the ip
++ on the fly and do not show loopback addresses)
++
++config VSERVER_COWBL
++ bool "Enable COW Immutable Link Breaking"
++ default y
++ help
++ This enables the COW (Copy-On-Write) link break code.
++ It allows you to treat unified files like normal files
++ when writing to them (which will implicitely break the
++ link and create a copy of the unified file)
++
++config VSERVER_VTIME
++ bool "Enable Virtualized Guest Time (EXPERIMENTAL)"
++ default n
++ help
++ This enables per guest time offsets to allow for
++ adjusting the system clock individually per guest.
++ this adds some overhead to the time functions and
++ therefore should not be enabled without good reason.
++
++config VSERVER_DEVICE
++ bool "Enable Guest Device Mapping (EXPERIMENTAL)"
++ default n
++ help
++ This enables generic device remapping.
++
++config VSERVER_PROC_SECURE
++ bool "Enable Proc Security"
++ depends on PROC_FS
++ default y
++ help
++ This configures ProcFS security to initially hide
++ non-process entries for all contexts except the main and
++ spectator context (i.e. for all guests), which is a secure
++ default.
++
++ (note: on 1.2x the entries were visible by default)
++
++choice
++ prompt "Persistent Inode Tagging"
++ default TAGGING_ID24
++ help
++ This adds persistent context information to filesystems
++ mounted with the tagxid option. Tagging is a requirement
++ for per-context disk limits and per-context quota.
++
++
++config TAGGING_NONE
++ bool "Disabled"
++ help
++ do not store per-context information in inodes.
++
++config TAGGING_UID16
++ bool "UID16/GID32"
++ help
++ reduces UID to 16 bit, but leaves GID at 32 bit.
++
++config TAGGING_GID16
++ bool "UID32/GID16"
++ help
++ reduces GID to 16 bit, but leaves UID at 32 bit.
++
++config TAGGING_ID24
++ bool "UID24/GID24"
++ help
++ uses the upper 8bit from UID and GID for XID tagging
++ which leaves 24bit for UID/GID each, which should be
++ more than sufficient for normal use.
++
++config TAGGING_INTERN
++ bool "UID32/GID32"
++ help
++ this uses otherwise reserved inode fields in the on
++ disk representation, which limits the use to a few
++ filesystems (currently ext2 and ext3)
++
++endchoice
++
++config TAG_NFSD
++ bool "Tag NFSD User Auth and Files"
++ default n
++ help
++ Enable this if you do want the in-kernel NFS
++ Server to use the tagging specified above.
++ (will require patched clients too)
++
++config VSERVER_PRIVACY
++ bool "Honor Privacy Aspects of Guests"
++ default n
++ help
++ When enabled, most context checks will disallow
++ access to structures assigned to a specific context,
++ like ptys or loop devices.
++
++config VSERVER_CONTEXTS
++ int "Maximum number of Contexts (1-65533)" if EMBEDDED
++ range 1 65533
++ default "768" if 64BIT
++ default "256"
++ help
++ This setting will optimize certain data structures
++ and memory allocations according to the expected
++ maximum.
++
++ note: this is not a strict upper limit.
++
++config VSERVER_WARN
++ bool "VServer Warnings"
++ default y
++ help
++ This enables various runtime warnings, which will
++ notify about potential manipulation attempts or
++ resource shortage. It is generally considered to
++ be a good idea to have that enabled.
++
++config VSERVER_WARN_DEVPTS
++ bool "VServer DevPTS Warnings"
++ depends on VSERVER_WARN
++ default y
++ help
++ This enables DevPTS related warnings, issued when a
++ process inside a context tries to lookup or access
++ a dynamic pts from the host or a different context.
++
++config VSERVER_DEBUG
++ bool "VServer Debugging Code"
++ default n
++ help
++ Set this to yes if you want to be able to activate
++ debugging output at runtime. It adds a very small
++ overhead to all vserver related functions and
++ increases the kernel size by about 20k.
++
++config VSERVER_HISTORY
++ bool "VServer History Tracing"
++ depends on VSERVER_DEBUG
++ default n
++ help
++ Set this to yes if you want to record the history of
++ linux-vserver activities, so they can be replayed in
++ the event of a kernel panic or oops.
++
++config VSERVER_HISTORY_SIZE
++ int "Per-CPU History Size (32-65536)"
++ depends on VSERVER_HISTORY
++ range 32 65536
++ default 64
++ help
++ This allows you to specify the number of entries in
++ the per-CPU history buffer.
++
++config VSERVER_EXTRA_MNT_CHECK
++ bool "Extra Checks for Reachability"
++ default n
++ help
++ Set this to yes if you want to do extra checks for
++ vfsmount reachability in the proc filesystem code.
++ This shouldn't be required on any setup utilizing
++ mnt namespaces.
++
++choice
++ prompt "Quotes used in debug and warn messages"
++ default QUOTES_ISO8859
++
++config QUOTES_ISO8859
++ bool "Extended ASCII (ISO 8859) angle quotes"
++ help
++ This uses the extended ASCII characters \xbb
++ and \xab for quoting file and process names.
++
++config QUOTES_UTF8
++ bool "UTF-8 angle quotes"
++ help
++ This uses the the UTF-8 sequences for angle
++ quotes to quote file and process names.
++
++config QUOTES_ASCII
++ bool "ASCII single quotes"
++ help
++ This uses the ASCII single quote character
++ (\x27) to quote file and process names.
++
++endchoice
++
++endmenu
++
++
++config VSERVER
++ bool
++ default y
++ select NAMESPACES
++ select UTS_NS
++ select IPC_NS
++# select USER_NS
++ select SYSVIPC
++
++config VSERVER_SECURITY
++ bool
++ depends on SECURITY
++ default y
++ select SECURITY_CAPABILITIES
++
++config VSERVER_DISABLED
++ bool
++ default n
++
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/Makefile linux-4.9/kernel/vserver/Makefile
+--- linux-4.9/kernel/vserver/Makefile 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/Makefile 2021-02-24 15:47:45.124410596 +0100
+@@ -0,0 +1,18 @@
++#
++# Makefile for the Linux vserver routines.
++#
++
++
++obj-y += vserver.o
++
++vserver-y := switch.o context.o space.o sched.o network.o inode.o \
++ limit.o cvirt.o cacct.o signal.o helper.o init.o \
++ dlimit.o tag.o
++
++vserver-$(CONFIG_INET) += inet.o
++vserver-$(CONFIG_PROC_FS) += proc.o
++vserver-$(CONFIG_VSERVER_DEBUG) += sysctl.o debug.o
++vserver-$(CONFIG_VSERVER_HISTORY) += history.o
++vserver-$(CONFIG_VSERVER_MONITOR) += monitor.o
++vserver-$(CONFIG_VSERVER_DEVICE) += device.o
++
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/cacct.c linux-4.9/kernel/vserver/cacct.c
+--- linux-4.9/kernel/vserver/cacct.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/cacct.c 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,42 @@
+/*
+ * linux/kernel/vserver/cacct.c
+ return 0;
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/cacct_init.h linux-4.9.207-vs2.3.9.11/kernel/vserver/cacct_init.h
---- linux-4.9.207/kernel/vserver/cacct_init.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/cacct_init.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/cacct_init.h linux-4.9/kernel/vserver/cacct_init.h
+--- linux-4.9/kernel/vserver/cacct_init.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/cacct_init.h 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,25 @@
+
+
+ return;
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/cacct_proc.h linux-4.9.207-vs2.3.9.11/kernel/vserver/cacct_proc.h
---- linux-4.9.207/kernel/vserver/cacct_proc.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/cacct_proc.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/cacct_proc.h linux-4.9/kernel/vserver/cacct_proc.h
+--- linux-4.9/kernel/vserver/cacct_proc.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/cacct_proc.h 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,53 @@
+#ifndef _VX_CACCT_PROC_H
+#define _VX_CACCT_PROC_H
+}
+
+#endif /* _VX_CACCT_PROC_H */
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/context.c linux-4.9.207-vs2.3.9.11/kernel/vserver/context.c
---- linux-4.9.207/kernel/vserver/context.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/context.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/context.c linux-4.9/kernel/vserver/context.c
+--- linux-4.9/kernel/vserver/context.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/context.c 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,1119 @@
+/*
+ * linux/kernel/vserver/context.c
+
+EXPORT_SYMBOL_GPL(free_vx_info);
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/cvirt.c linux-4.9.207-vs2.3.9.11/kernel/vserver/cvirt.c
---- linux-4.9.207/kernel/vserver/cvirt.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/cvirt.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/cvirt.c linux-4.9/kernel/vserver/cvirt.c
+--- linux-4.9/kernel/vserver/cvirt.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/cvirt.c 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,350 @@
+/*
+ * linux/kernel/vserver/cvirt.c
+
+#endif
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/cvirt_init.h linux-4.9.207-vs2.3.9.11/kernel/vserver/cvirt_init.h
---- linux-4.9.207/kernel/vserver/cvirt_init.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/cvirt_init.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/cvirt_init.h linux-4.9/kernel/vserver/cvirt_init.h
+--- linux-4.9/kernel/vserver/cvirt_init.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/cvirt_init.h 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,70 @@
+
+
+ return;
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/cvirt_proc.h linux-4.9.207-vs2.3.9.11/kernel/vserver/cvirt_proc.h
---- linux-4.9.207/kernel/vserver/cvirt_proc.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/cvirt_proc.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/cvirt_proc.h linux-4.9/kernel/vserver/cvirt_proc.h
+--- linux-4.9/kernel/vserver/cvirt_proc.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/cvirt_proc.h 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,123 @@
+#ifndef _VX_CVIRT_PROC_H
+#define _VX_CVIRT_PROC_H
+}
+
+#endif /* _VX_CVIRT_PROC_H */
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/debug.c linux-4.9.207-vs2.3.9.11/kernel/vserver/debug.c
---- linux-4.9.207/kernel/vserver/debug.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/debug.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/debug.c linux-4.9/kernel/vserver/debug.c
+--- linux-4.9/kernel/vserver/debug.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/debug.c 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,32 @@
+/*
+ * kernel/vserver/debug.c
+
+EXPORT_SYMBOL_GPL(dump_vx_info);
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/device.c linux-4.9.207-vs2.3.9.11/kernel/vserver/device.c
---- linux-4.9.207/kernel/vserver/device.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/device.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/device.c linux-4.9/kernel/vserver/device.c
+--- linux-4.9/kernel/vserver/device.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/device.c 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,443 @@
+/*
+ * linux/kernel/vserver/device.c
+#endif /* CONFIG_COMPAT */
+
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/dlimit.c linux-4.9.207-vs2.3.9.11/kernel/vserver/dlimit.c
---- linux-4.9.207/kernel/vserver/dlimit.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/dlimit.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/dlimit.c linux-4.9/kernel/vserver/dlimit.c
+--- linux-4.9/kernel/vserver/dlimit.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/dlimit.c 2021-02-24 15:47:45.121077159 +0100
@@ -0,0 +1,528 @@
+/*
+ * linux/kernel/vserver/dlimit.c
+EXPORT_SYMBOL_GPL(locate_dl_info);
+EXPORT_SYMBOL_GPL(rcu_free_dl_info);
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/helper.c linux-4.9.207-vs2.3.9.11/kernel/vserver/helper.c
---- linux-4.9.207/kernel/vserver/helper.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/helper.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/helper.c linux-4.9/kernel/vserver/helper.c
+--- linux-4.9/kernel/vserver/helper.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/helper.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,242 @@
+/*
+ * linux/kernel/vserver/helper.c
+ return do_vshelper(vshelper_path, argv, envp, 1);
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/history.c linux-4.9.207-vs2.3.9.11/kernel/vserver/history.c
---- linux-4.9.207/kernel/vserver/history.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/history.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/history.c linux-4.9/kernel/vserver/history.c
+--- linux-4.9/kernel/vserver/history.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/history.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,258 @@
+/*
+ * kernel/vserver/history.c
+
+#endif /* CONFIG_COMPAT */
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/inet.c linux-4.9.207-vs2.3.9.11/kernel/vserver/inet.c
---- linux-4.9.207/kernel/vserver/inet.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/inet.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/inet.c linux-4.9/kernel/vserver/inet.c
+--- linux-4.9/kernel/vserver/inet.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/inet.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,236 @@
+
+#include <linux/in.h>
+
+EXPORT_SYMBOL_GPL(ip_v4_find_src);
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/init.c linux-4.9.207-vs2.3.9.11/kernel/vserver/init.c
---- linux-4.9.207/kernel/vserver/init.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/init.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/init.c linux-4.9/kernel/vserver/init.c
+--- linux-4.9/kernel/vserver/init.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/init.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,46 @@
+/*
+ * linux/kernel/init.c
+module_init(init_vserver);
+module_exit(exit_vserver);
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/inode.c linux-4.9.207-vs2.3.9.11/kernel/vserver/inode.c
---- linux-4.9.207/kernel/vserver/inode.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/inode.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/inode.c linux-4.9/kernel/vserver/inode.c
+--- linux-4.9/kernel/vserver/inode.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/inode.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,440 @@
+/*
+ * linux/kernel/vserver/inode.c
+
+ fput(filp);
+
-+ if (copy_to_user(data, &vc_data, sizeof(vc_data)))
-+ return -EFAULT;
-+ return ret;
-+}
-+
-+
-+enum { Opt_notagcheck, Opt_tag, Opt_notag, Opt_tagid, Opt_err };
-+
-+static match_table_t tokens = {
-+ {Opt_notagcheck, "notagcheck"},
-+#ifdef CONFIG_PROPAGATE
-+ {Opt_notag, "notag"},
-+ {Opt_tag, "tag"},
-+ {Opt_tagid, "tagid=%u"},
-+#endif
-+ {Opt_err, NULL}
-+};
-+
-+
-+static void __dx_parse_remove(char *string, char *opt)
-+{
-+ char *p = strstr(string, opt);
-+ char *q = p;
-+
-+ if (p) {
-+ while (*q != '\0' && *q != ',')
-+ q++;
-+ while (*q)
-+ *p++ = *q++;
-+ while (*p)
-+ *p++ = '\0';
-+ }
-+}
-+
-+int dx_parse_tag(char *string, vtag_t *tag, int remove, int *mnt_flags,
-+ unsigned long *flags)
-+{
-+ int set = 0;
-+ substring_t args[MAX_OPT_ARGS];
-+ int token;
-+ char *s, *p, *opts;
-+#if defined(CONFIG_PROPAGATE) || defined(CONFIG_VSERVER_DEBUG)
-+ int option = 0;
-+#endif
-+
-+ if (!string)
-+ return 0;
-+ s = kstrdup(string, GFP_KERNEL | GFP_ATOMIC);
-+ if (!s)
-+ return 0;
-+
-+ opts = s;
-+ while ((p = strsep(&opts, ",")) != NULL) {
-+ token = match_token(p, tokens, args);
-+
-+ switch (token) {
-+#ifdef CONFIG_PROPAGATE
-+ case Opt_tag:
-+ if (tag)
-+ *tag = 0;
-+ if (remove)
-+ __dx_parse_remove(s, "tag");
-+ *mnt_flags |= MNT_TAGID;
-+ set |= MNT_TAGID;
-+ break;
-+ case Opt_notag:
-+ if (remove)
-+ __dx_parse_remove(s, "notag");
-+ *mnt_flags |= MNT_NOTAG;
-+ set |= MNT_NOTAG;
-+ break;
-+ case Opt_tagid:
-+ if (tag && !match_int(args, &option))
-+ *tag = option;
-+ if (remove)
-+ __dx_parse_remove(s, "tagid");
-+ *mnt_flags |= MNT_TAGID;
-+ set |= MNT_TAGID;
-+ break;
-+#endif /* CONFIG_PROPAGATE */
-+ case Opt_notagcheck:
-+ if (remove)
-+ __dx_parse_remove(s, "notagcheck");
-+ *flags |= MS_NOTAGCHECK;
-+ set |= MS_NOTAGCHECK;
-+ break;
-+ }
-+ vxdprintk(VXD_CBIT(tag, 7),
-+ "dx_parse_tag(" VS_Q("%s") "): %d:#%d",
-+ p, token, option);
-+ }
-+ if (set)
-+ strcpy(string, s);
-+ kfree(s);
-+ return set;
-+}
-+
-+#ifdef CONFIG_PROPAGATE
-+
-+void __dx_propagate_tag(struct nameidata *nd, struct inode *inode)
-+{
-+ vtag_t new_tag = 0;
-+ struct vfsmount *mnt;
-+ int propagate;
-+
-+ if (!nd)
-+ return;
-+ mnt = nd->path.mnt;
-+ if (!mnt)
-+ return;
-+
-+ propagate = (mnt->mnt_flags & MNT_TAGID);
-+ if (propagate)
-+ new_tag = mnt->mnt_tag;
-+
-+ vxdprintk(VXD_CBIT(tag, 7),
-+ "dx_propagate_tag(%p[#%lu.%d]): %d,%d",
-+ inode, inode->i_ino, inode->i_tag,
-+ new_tag, (propagate) ? 1 : 0);
-+
-+ if (propagate)
-+ i_tag_write(inode, new_tag);
-+}
-+
-+#include <linux/module.h>
-+
-+EXPORT_SYMBOL_GPL(__dx_propagate_tag);
-+
-+#endif /* CONFIG_PROPAGATE */
-+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/Kconfig linux-4.9.207-vs2.3.9.11/kernel/vserver/Kconfig
---- linux-4.9.207/kernel/vserver/Kconfig 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/Kconfig 2018-10-20 04:58:15.000000000 +0000
-@@ -0,0 +1,230 @@
-+#
-+# Linux VServer configuration
-+#
-+
-+menu "Linux VServer"
-+
-+config VSERVER_AUTO_LBACK
-+ bool "Automatically Assign Loopback IP"
-+ default y
-+ help
-+ Automatically assign a guest specific loopback
-+ IP and add it to the kernel network stack on
-+ startup.
-+
-+config VSERVER_AUTO_SINGLE
-+ bool "Automatic Single IP Special Casing"
-+ default n
-+ help
-+ This allows network contexts with a single IP to
-+ automatically remap 0.0.0.0 bindings to that IP,
-+ avoiding further network checks and improving
-+ performance.
-+
-+ (note: such guests do not allow to change the ip
-+ on the fly and do not show loopback addresses)
-+
-+config VSERVER_COWBL
-+ bool "Enable COW Immutable Link Breaking"
-+ default y
-+ help
-+ This enables the COW (Copy-On-Write) link break code.
-+ It allows you to treat unified files like normal files
-+ when writing to them (which will implicitely break the
-+ link and create a copy of the unified file)
-+
-+config VSERVER_VTIME
-+ bool "Enable Virtualized Guest Time (EXPERIMENTAL)"
-+ default n
-+ help
-+ This enables per guest time offsets to allow for
-+ adjusting the system clock individually per guest.
-+ this adds some overhead to the time functions and
-+ therefore should not be enabled without good reason.
-+
-+config VSERVER_DEVICE
-+ bool "Enable Guest Device Mapping (EXPERIMENTAL)"
-+ default n
-+ help
-+ This enables generic device remapping.
-+
-+config VSERVER_PROC_SECURE
-+ bool "Enable Proc Security"
-+ depends on PROC_FS
-+ default y
-+ help
-+ This configures ProcFS security to initially hide
-+ non-process entries for all contexts except the main and
-+ spectator context (i.e. for all guests), which is a secure
-+ default.
-+
-+ (note: on 1.2x the entries were visible by default)
-+
-+choice
-+ prompt "Persistent Inode Tagging"
-+ default TAGGING_ID24
-+ help
-+ This adds persistent context information to filesystems
-+ mounted with the tagxid option. Tagging is a requirement
-+ for per-context disk limits and per-context quota.
-+
-+
-+config TAGGING_NONE
-+ bool "Disabled"
-+ help
-+ do not store per-context information in inodes.
-+
-+config TAGGING_UID16
-+ bool "UID16/GID32"
-+ help
-+ reduces UID to 16 bit, but leaves GID at 32 bit.
-+
-+config TAGGING_GID16
-+ bool "UID32/GID16"
-+ help
-+ reduces GID to 16 bit, but leaves UID at 32 bit.
-+
-+config TAGGING_ID24
-+ bool "UID24/GID24"
-+ help
-+ uses the upper 8bit from UID and GID for XID tagging
-+ which leaves 24bit for UID/GID each, which should be
-+ more than sufficient for normal use.
-+
-+config TAGGING_INTERN
-+ bool "UID32/GID32"
-+ help
-+ this uses otherwise reserved inode fields in the on
-+ disk representation, which limits the use to a few
-+ filesystems (currently ext2 and ext3)
-+
-+endchoice
-+
-+config TAG_NFSD
-+ bool "Tag NFSD User Auth and Files"
-+ default n
-+ help
-+ Enable this if you do want the in-kernel NFS
-+ Server to use the tagging specified above.
-+ (will require patched clients too)
-+
-+config VSERVER_PRIVACY
-+ bool "Honor Privacy Aspects of Guests"
-+ default n
-+ help
-+ When enabled, most context checks will disallow
-+ access to structures assigned to a specific context,
-+ like ptys or loop devices.
++ if (copy_to_user(data, &vc_data, sizeof(vc_data)))
++ return -EFAULT;
++ return ret;
++}
+
-+config VSERVER_CONTEXTS
-+ int "Maximum number of Contexts (1-65533)" if EMBEDDED
-+ range 1 65533
-+ default "768" if 64BIT
-+ default "256"
-+ help
-+ This setting will optimize certain data structures
-+ and memory allocations according to the expected
-+ maximum.
+
-+ note: this is not a strict upper limit.
++enum { Opt_notagcheck, Opt_tag, Opt_notag, Opt_tagid, Opt_err };
+
-+config VSERVER_WARN
-+ bool "VServer Warnings"
-+ default y
-+ help
-+ This enables various runtime warnings, which will
-+ notify about potential manipulation attempts or
-+ resource shortage. It is generally considered to
-+ be a good idea to have that enabled.
++static match_table_t tokens = {
++ {Opt_notagcheck, "notagcheck"},
++#ifdef CONFIG_PROPAGATE
++ {Opt_notag, "notag"},
++ {Opt_tag, "tag"},
++ {Opt_tagid, "tagid=%u"},
++#endif
++ {Opt_err, NULL}
++};
+
-+config VSERVER_WARN_DEVPTS
-+ bool "VServer DevPTS Warnings"
-+ depends on VSERVER_WARN
-+ default y
-+ help
-+ This enables DevPTS related warnings, issued when a
-+ process inside a context tries to lookup or access
-+ a dynamic pts from the host or a different context.
+
-+config VSERVER_DEBUG
-+ bool "VServer Debugging Code"
-+ default n
-+ help
-+ Set this to yes if you want to be able to activate
-+ debugging output at runtime. It adds a very small
-+ overhead to all vserver related functions and
-+ increases the kernel size by about 20k.
++static void __dx_parse_remove(char *string, char *opt)
++{
++ char *p = strstr(string, opt);
++ char *q = p;
+
-+config VSERVER_HISTORY
-+ bool "VServer History Tracing"
-+ depends on VSERVER_DEBUG
-+ default n
-+ help
-+ Set this to yes if you want to record the history of
-+ linux-vserver activities, so they can be replayed in
-+ the event of a kernel panic or oops.
++ if (p) {
++ while (*q != '\0' && *q != ',')
++ q++;
++ while (*q)
++ *p++ = *q++;
++ while (*p)
++ *p++ = '\0';
++ }
++}
+
-+config VSERVER_HISTORY_SIZE
-+ int "Per-CPU History Size (32-65536)"
-+ depends on VSERVER_HISTORY
-+ range 32 65536
-+ default 64
-+ help
-+ This allows you to specify the number of entries in
-+ the per-CPU history buffer.
++int dx_parse_tag(char *string, vtag_t *tag, int remove, int *mnt_flags,
++ unsigned long *flags)
++{
++ int set = 0;
++ substring_t args[MAX_OPT_ARGS];
++ int token;
++ char *s, *p, *opts;
++#if defined(CONFIG_PROPAGATE) || defined(CONFIG_VSERVER_DEBUG)
++ int option = 0;
++#endif
+
-+config VSERVER_EXTRA_MNT_CHECK
-+ bool "Extra Checks for Reachability"
-+ default n
-+ help
-+ Set this to yes if you want to do extra checks for
-+ vfsmount reachability in the proc filesystem code.
-+ This shouldn't be required on any setup utilizing
-+ mnt namespaces.
++ if (!string)
++ return 0;
++ s = kstrdup(string, GFP_KERNEL | GFP_ATOMIC);
++ if (!s)
++ return 0;
+
-+choice
-+ prompt "Quotes used in debug and warn messages"
-+ default QUOTES_ISO8859
++ opts = s;
++ while ((p = strsep(&opts, ",")) != NULL) {
++ token = match_token(p, tokens, args);
+
-+config QUOTES_ISO8859
-+ bool "Extended ASCII (ISO 8859) angle quotes"
-+ help
-+ This uses the extended ASCII characters \xbb
-+ and \xab for quoting file and process names.
++ switch (token) {
++#ifdef CONFIG_PROPAGATE
++ case Opt_tag:
++ if (tag)
++ *tag = 0;
++ if (remove)
++ __dx_parse_remove(s, "tag");
++ *mnt_flags |= MNT_TAGID;
++ set |= MNT_TAGID;
++ break;
++ case Opt_notag:
++ if (remove)
++ __dx_parse_remove(s, "notag");
++ *mnt_flags |= MNT_NOTAG;
++ set |= MNT_NOTAG;
++ break;
++ case Opt_tagid:
++ if (tag && !match_int(args, &option))
++ *tag = option;
++ if (remove)
++ __dx_parse_remove(s, "tagid");
++ *mnt_flags |= MNT_TAGID;
++ set |= MNT_TAGID;
++ break;
++#endif /* CONFIG_PROPAGATE */
++ case Opt_notagcheck:
++ if (remove)
++ __dx_parse_remove(s, "notagcheck");
++ *flags |= MS_NOTAGCHECK;
++ set |= MS_NOTAGCHECK;
++ break;
++ }
++ vxdprintk(VXD_CBIT(tag, 7),
++ "dx_parse_tag(" VS_Q("%s") "): %d:#%d",
++ p, token, option);
++ }
++ if (set)
++ strcpy(string, s);
++ kfree(s);
++ return set;
++}
+
-+config QUOTES_UTF8
-+ bool "UTF-8 angle quotes"
-+ help
-+ This uses the the UTF-8 sequences for angle
-+ quotes to quote file and process names.
++#ifdef CONFIG_PROPAGATE
+
-+config QUOTES_ASCII
-+ bool "ASCII single quotes"
-+ help
-+ This uses the ASCII single quote character
-+ (\x27) to quote file and process names.
++void __dx_propagate_tag(struct nameidata *nd, struct inode *inode)
++{
++ vtag_t new_tag = 0;
++ struct vfsmount *mnt;
++ int propagate;
+
-+endchoice
++ if (!nd)
++ return;
++ mnt = nd->path.mnt;
++ if (!mnt)
++ return;
+
-+endmenu
++ propagate = (mnt->mnt_flags & MNT_TAGID);
++ if (propagate)
++ new_tag = mnt->mnt_tag;
+
++ vxdprintk(VXD_CBIT(tag, 7),
++ "dx_propagate_tag(%p[#%lu.%d]): %d,%d",
++ inode, inode->i_ino, inode->i_tag,
++ new_tag, (propagate) ? 1 : 0);
+
-+config VSERVER
-+ bool
-+ default y
-+ select NAMESPACES
-+ select UTS_NS
-+ select IPC_NS
-+# select USER_NS
-+ select SYSVIPC
++ if (propagate)
++ i_tag_write(inode, new_tag);
++}
+
-+config VSERVER_SECURITY
-+ bool
-+ depends on SECURITY
-+ default y
-+ select SECURITY_CAPABILITIES
++#include <linux/module.h>
+
-+config VSERVER_DISABLED
-+ bool
-+ default n
++EXPORT_SYMBOL_GPL(__dx_propagate_tag);
++
++#endif /* CONFIG_PROPAGATE */
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/limit.c linux-4.9.207-vs2.3.9.11/kernel/vserver/limit.c
---- linux-4.9.207/kernel/vserver/limit.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/limit.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/limit.c linux-4.9/kernel/vserver/limit.c
+--- linux-4.9/kernel/vserver/limit.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/limit.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,386 @@
+/*
+ * linux/kernel/vserver/limit.c
+}
+#endif /* !CONFIG_MEMCG */
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/limit_init.h linux-4.9.207-vs2.3.9.11/kernel/vserver/limit_init.h
---- linux-4.9.207/kernel/vserver/limit_init.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/limit_init.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/limit_init.h linux-4.9/kernel/vserver/limit_init.h
+--- linux-4.9/kernel/vserver/limit_init.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/limit_init.h 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,31 @@
+
+
+ }
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/limit_proc.h linux-4.9.207-vs2.3.9.11/kernel/vserver/limit_proc.h
---- linux-4.9.207/kernel/vserver/limit_proc.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/limit_proc.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/limit_proc.h linux-4.9/kernel/vserver/limit_proc.h
+--- linux-4.9/kernel/vserver/limit_proc.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/limit_proc.h 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,57 @@
+#ifndef _VX_LIMIT_PROC_H
+#define _VX_LIMIT_PROC_H
+#endif /* _VX_LIMIT_PROC_H */
+
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/Makefile linux-4.9.207-vs2.3.9.11/kernel/vserver/Makefile
---- linux-4.9.207/kernel/vserver/Makefile 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/Makefile 2018-10-20 04:58:15.000000000 +0000
-@@ -0,0 +1,18 @@
-+#
-+# Makefile for the Linux vserver routines.
-+#
-+
-+
-+obj-y += vserver.o
-+
-+vserver-y := switch.o context.o space.o sched.o network.o inode.o \
-+ limit.o cvirt.o cacct.o signal.o helper.o init.o \
-+ dlimit.o tag.o
-+
-+vserver-$(CONFIG_INET) += inet.o
-+vserver-$(CONFIG_PROC_FS) += proc.o
-+vserver-$(CONFIG_VSERVER_DEBUG) += sysctl.o debug.o
-+vserver-$(CONFIG_VSERVER_HISTORY) += history.o
-+vserver-$(CONFIG_VSERVER_MONITOR) += monitor.o
-+vserver-$(CONFIG_VSERVER_DEVICE) += device.o
-+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/network.c linux-4.9.207-vs2.3.9.11/kernel/vserver/network.c
---- linux-4.9.207/kernel/vserver/network.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/network.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/network.c linux-4.9/kernel/vserver/network.c
+--- linux-4.9/kernel/vserver/network.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/network.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,1053 @@
+/*
+ * linux/kernel/vserver/network.c
+EXPORT_SYMBOL_GPL(free_nx_info);
+EXPORT_SYMBOL_GPL(unhash_nx_info);
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/proc.c linux-4.9.207-vs2.3.9.11/kernel/vserver/proc.c
---- linux-4.9.207/kernel/vserver/proc.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/proc.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/proc.c linux-4.9/kernel/vserver/proc.c
+--- linux-4.9/kernel/vserver/proc.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/proc.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,1040 @@
+/*
+ * linux/kernel/vserver/proc.c
+ return 0;
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/sched.c linux-4.9.207-vs2.3.9.11/kernel/vserver/sched.c
---- linux-4.9.207/kernel/vserver/sched.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/sched.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/sched.c linux-4.9/kernel/vserver/sched.c
+--- linux-4.9/kernel/vserver/sched.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/sched.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,83 @@
+/*
+ * linux/kernel/vserver/sched.c
+ return 0;
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/sched_init.h linux-4.9.207-vs2.3.9.11/kernel/vserver/sched_init.h
---- linux-4.9.207/kernel/vserver/sched_init.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/sched_init.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/sched_init.h linux-4.9/kernel/vserver/sched_init.h
+--- linux-4.9/kernel/vserver/sched_init.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/sched_init.h 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,27 @@
+
+static inline void vx_info_init_sched(struct _vx_sched *sched)
+{
+ return;
+}
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/sched_proc.h linux-4.9.207-vs2.3.9.11/kernel/vserver/sched_proc.h
---- linux-4.9.207/kernel/vserver/sched_proc.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/sched_proc.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/sched_proc.h linux-4.9/kernel/vserver/sched_proc.h
+--- linux-4.9/kernel/vserver/sched_proc.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/sched_proc.h 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,32 @@
+#ifndef _VX_SCHED_PROC_H
+#define _VX_SCHED_PROC_H
+}
+
+#endif /* _VX_SCHED_PROC_H */
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/signal.c linux-4.9.207-vs2.3.9.11/kernel/vserver/signal.c
---- linux-4.9.207/kernel/vserver/signal.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/signal.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/signal.c linux-4.9/kernel/vserver/signal.c
+--- linux-4.9/kernel/vserver/signal.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/signal.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,134 @@
+/*
+ * linux/kernel/vserver/signal.c
+ return ret;
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/space.c linux-4.9.207-vs2.3.9.11/kernel/vserver/space.c
---- linux-4.9.207/kernel/vserver/space.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/space.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/space.c linux-4.9/kernel/vserver/space.c
+--- linux-4.9/kernel/vserver/space.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/space.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,437 @@
+/*
+ * linux/kernel/vserver/space.c
+ return 0;
+}
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/switch.c linux-4.9.207-vs2.3.9.11/kernel/vserver/switch.c
---- linux-4.9.207/kernel/vserver/switch.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/switch.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/switch.c linux-4.9/kernel/vserver/switch.c
+--- linux-4.9/kernel/vserver/switch.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/switch.c 2021-02-24 15:47:45.124410596 +0100
@@ -0,0 +1,556 @@
+/*
+ * linux/kernel/vserver/switch.c
+}
+
+#endif /* CONFIG_COMPAT */
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/sysctl.c linux-4.9.207-vs2.3.9.11/kernel/vserver/sysctl.c
---- linux-4.9.207/kernel/vserver/sysctl.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/sysctl.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/sysctl.c linux-4.9/kernel/vserver/sysctl.c
+--- linux-4.9/kernel/vserver/sysctl.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/sysctl.c 2021-02-24 15:47:45.127744035 +0100
@@ -0,0 +1,249 @@
+/*
+ * kernel/vserver/sysctl.c
+EXPORT_SYMBOL_GPL(vs_debug_perm);
+EXPORT_SYMBOL_GPL(vs_debug_misc);
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/tag.c linux-4.9.207-vs2.3.9.11/kernel/vserver/tag.c
---- linux-4.9.207/kernel/vserver/tag.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/tag.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/tag.c linux-4.9/kernel/vserver/tag.c
+--- linux-4.9/kernel/vserver/tag.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/tag.c 2021-02-24 15:47:45.127744035 +0100
@@ -0,0 +1,63 @@
+/*
+ * linux/kernel/vserver/tag.c
+}
+
+
-diff -NurpP --minimal linux-4.9.207/kernel/vserver/vci_config.h linux-4.9.207-vs2.3.9.11/kernel/vserver/vci_config.h
---- linux-4.9.207/kernel/vserver/vci_config.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/kernel/vserver/vci_config.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/kernel/vserver/vci_config.h linux-4.9/kernel/vserver/vci_config.h
+--- linux-4.9/kernel/vserver/vci_config.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/kernel/vserver/vci_config.h 2021-02-24 15:47:45.127744035 +0100
@@ -0,0 +1,80 @@
+
+/* interface version */
+ 0;
+}
+
-diff -NurpP --minimal linux-4.9.207/mm/memcontrol.c linux-4.9.207-vs2.3.9.11/mm/memcontrol.c
---- linux-4.9.207/mm/memcontrol.c 2019-12-25 15:28:44.407201863 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/memcontrol.c 2019-12-25 15:37:52.838415659 +0000
-@@ -2854,6 +2854,41 @@ static u64 mem_cgroup_read_u64(struct cg
+diff -urNp -x '*.orig' linux-4.9/mm/memcontrol.c linux-4.9/mm/memcontrol.c
+--- linux-4.9/mm/memcontrol.c 2021-02-24 15:47:32.527349847 +0100
++++ linux-4.9/mm/memcontrol.c 2021-02-24 15:47:45.127744035 +0100
+@@ -2873,6 +2873,41 @@ static u64 mem_cgroup_read_u64(struct cg
}
}
#ifndef CONFIG_SLOB
static int memcg_online_kmem(struct mem_cgroup *memcg)
{
-diff -NurpP --minimal linux-4.9.207/mm/oom_kill.c linux-4.9.207-vs2.3.9.11/mm/oom_kill.c
---- linux-4.9.207/mm/oom_kill.c 2019-12-25 15:28:44.447201214 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/oom_kill.c 2019-02-22 08:37:56.143042249 +0000
+diff -urNp -x '*.orig' linux-4.9/mm/oom_kill.c linux-4.9/mm/oom_kill.c
+--- linux-4.9/mm/oom_kill.c 2021-02-24 15:47:32.534016722 +0100
++++ linux-4.9/mm/oom_kill.c 2021-02-24 15:47:45.127744035 +0100
@@ -38,6 +38,8 @@
#include <linux/kthread.h>
#include <linux/init.h>
}
if (oc->chosen && oc->chosen != (void *)-1UL) {
oom_kill_process(oc, !is_memcg_oom(oc) ? "Out of memory" :
-diff -NurpP --minimal linux-4.9.207/mm/page_alloc.c linux-4.9.207-vs2.3.9.11/mm/page_alloc.c
---- linux-4.9.207/mm/page_alloc.c 2019-12-25 15:28:44.447201214 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/page_alloc.c 2019-10-05 14:58:46.190299248 +0000
-@@ -64,6 +64,8 @@
- #include <linux/page_owner.h>
+diff -urNp -x '*.orig' linux-4.9/mm/page_alloc.c linux-4.9/mm/page_alloc.c
+--- linux-4.9/mm/page_alloc.c 2021-02-24 15:47:32.534016722 +0100
++++ linux-4.9/mm/page_alloc.c 2021-02-24 15:47:45.127744035 +0100
+@@ -65,6 +65,8 @@
#include <linux/kthread.h>
#include <linux/memcontrol.h>
+ #include <linux/khugepaged.h>
+#include <linux/vs_base.h>
+#include <linux/vs_limit.h>
#include <asm/sections.h>
#include <asm/tlbflush.h>
-@@ -4188,6 +4190,9 @@ void si_meminfo(struct sysinfo *val)
+@@ -4171,14 +4173,17 @@ long si_mem_available(void)
+ */
+ pagecache = pages[LRU_ACTIVE_FILE] + pages[LRU_INACTIVE_FILE];
+ pagecache -= min(pagecache / 2, wmark_low);
+- available += pagecache;
++ if (!vx_flags(VXF_VIRT_MEM, 0))
++ available += pagecache;
+
+ /*
+ * Part of the reclaimable slab consists of items that are in use,
+ * and cannot be freed. Cap this estimate at the low watermark.
+ */
+- available += global_page_state(NR_SLAB_RECLAIMABLE) -
+- min(global_page_state(NR_SLAB_RECLAIMABLE) / 2, wmark_low);
++ if (!vx_flags(VXF_VIRT_MEM, 0))
++ available += global_page_state(NR_SLAB_RECLAIMABLE) -
++ min(global_page_state(NR_SLAB_RECLAIMABLE) / 2,
++ wmark_low);
+
+ if (available < 0)
+ available = 0;
+@@ -4195,6 +4200,9 @@ void si_meminfo(struct sysinfo *val)
val->totalhigh = totalhigh_pages;
val->freehigh = nr_free_highpages();
val->mem_unit = PAGE_SIZE;
}
EXPORT_SYMBOL(si_meminfo);
-@@ -4222,6 +4227,9 @@ void si_meminfo_node(struct sysinfo *val
+@@ -4229,6 +4237,9 @@ void si_meminfo_node(struct sysinfo *val
val->freehigh = free_highpages;
#endif
val->mem_unit = PAGE_SIZE;
}
#endif
-diff -NurpP --minimal linux-4.9.207/mm/pgtable-generic.c linux-4.9.207-vs2.3.9.11/mm/pgtable-generic.c
---- linux-4.9.207/mm/pgtable-generic.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/pgtable-generic.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/mm/pgtable-generic.c linux-4.9/mm/pgtable-generic.c
+--- linux-4.9/mm/pgtable-generic.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/mm/pgtable-generic.c 2021-02-24 15:47:45.127744035 +0100
@@ -6,6 +6,8 @@
* Copyright (C) 2010 Linus Torvalds
*/
#include <linux/pagemap.h>
#include <asm/tlb.h>
#include <asm-generic/pgtable.h>
-diff -NurpP --minimal linux-4.9.207/mm/shmem.c linux-4.9.207-vs2.3.9.11/mm/shmem.c
---- linux-4.9.207/mm/shmem.c 2019-12-25 15:28:44.477200729 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/shmem.c 2019-12-25 15:37:52.838415659 +0000
-@@ -2803,7 +2803,7 @@ static int shmem_statfs(struct dentry *d
+diff -urNp -x '*.orig' linux-4.9/mm/shmem.c linux-4.9/mm/shmem.c
+--- linux-4.9/mm/shmem.c 2021-02-24 15:47:32.537350160 +0100
++++ linux-4.9/mm/shmem.c 2021-02-24 15:47:45.127744035 +0100
+@@ -2806,7 +2806,7 @@ static int shmem_statfs(struct dentry *d
{
struct shmem_sb_info *sbinfo = SHMEM_SB(dentry->d_sb);
buf->f_bsize = PAGE_SIZE;
buf->f_namelen = NAME_MAX;
if (sbinfo->max_blocks) {
-@@ -3628,7 +3628,7 @@ int shmem_fill_super(struct super_block
+@@ -3631,7 +3631,7 @@ int shmem_fill_super(struct super_block
sb->s_maxbytes = MAX_LFS_FILESIZE;
sb->s_blocksize = PAGE_SIZE;
sb->s_blocksize_bits = PAGE_SHIFT;
sb->s_op = &shmem_ops;
sb->s_time_gran = 1;
#ifdef CONFIG_TMPFS_XATTR
-diff -NurpP --minimal linux-4.9.207/mm/slab.c linux-4.9.207-vs2.3.9.11/mm/slab.c
---- linux-4.9.207/mm/slab.c 2019-12-25 15:28:44.477200729 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/slab.c 2019-10-05 14:58:46.200299086 +0000
+diff -urNp -x '*.orig' linux-4.9/mm/slab.c linux-4.9/mm/slab.c
+--- linux-4.9/mm/slab.c 2021-02-24 15:47:32.537350160 +0100
++++ linux-4.9/mm/slab.c 2021-02-24 15:47:45.131077472 +0100
@@ -307,6 +307,8 @@ static void kmem_cache_node_init(struct
#define STATS_INC_FREEMISS(x) do { } while (0)
#endif
kmemcheck_slab_free(cachep, objp, cachep->object_size);
-diff -NurpP --minimal linux-4.9.207/mm/slab_vs.h linux-4.9.207-vs2.3.9.11/mm/slab_vs.h
---- linux-4.9.207/mm/slab_vs.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/slab_vs.h 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/mm/slab_vs.h linux-4.9/mm/slab_vs.h
+--- linux-4.9/mm/slab_vs.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-4.9/mm/slab_vs.h 2021-02-24 15:47:45.131077472 +0100
@@ -0,0 +1,29 @@
+
+#include <linux/vserver/context.h>
+ atomic_sub(cachep->size, &vxi->cacct.slab[what]);
+}
+
-diff -NurpP --minimal linux-4.9.207/mm/swapfile.c linux-4.9.207-vs2.3.9.11/mm/swapfile.c
---- linux-4.9.207/mm/swapfile.c 2019-12-25 15:28:44.477200729 +0000
-+++ linux-4.9.207-vs2.3.9.11/mm/swapfile.c 2018-10-20 05:55:43.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/mm/swapfile.c linux-4.9/mm/swapfile.c
+--- linux-4.9/mm/swapfile.c 2021-02-24 15:47:32.540683597 +0100
++++ linux-4.9/mm/swapfile.c 2021-02-24 15:47:45.131077472 +0100
@@ -39,6 +39,7 @@
#include <asm/tlbflush.h>
#include <linux/swapops.h>
}
/*
-diff -NurpP --minimal linux-4.9.207/net/bridge/br_multicast.c linux-4.9.207-vs2.3.9.11/net/bridge/br_multicast.c
---- linux-4.9.207/net/bridge/br_multicast.c 2019-12-25 15:28:44.897193938 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/bridge/br_multicast.c 2019-10-05 14:58:46.250298288 +0000
+diff -urNp -x '*.orig' linux-4.9/net/bridge/br_multicast.c linux-4.9/net/bridge/br_multicast.c
+--- linux-4.9/net/bridge/br_multicast.c 2021-02-24 15:47:32.564017661 +0100
++++ linux-4.9/net/bridge/br_multicast.c 2021-02-24 15:47:45.131077472 +0100
@@ -465,7 +465,7 @@ static struct sk_buff *br_ip6_multicast_
ip6h->hop_limit = 1;
ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
kfree_skb(skb);
br->has_ipv6_addr = 0;
return NULL;
-diff -NurpP --minimal linux-4.9.207/net/core/dev.c linux-4.9.207-vs2.3.9.11/net/core/dev.c
---- linux-4.9.207/net/core/dev.c 2019-12-25 15:28:44.977192647 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/core/dev.c 2019-12-25 15:37:52.958413722 +0000
-@@ -126,6 +126,7 @@
+diff -urNp -x '*.orig' linux-4.9/net/core/dev.c linux-4.9/net/core/dev.c
+--- linux-4.9/net/core/dev.c 2021-02-24 15:47:33.077367054 +0100
++++ linux-4.9/net/core/dev.c 2021-02-24 15:47:45.131077472 +0100
+@@ -127,6 +127,7 @@
#include <linux/in.h>
#include <linux/jhash.h>
#include <linux/random.h>
#include <trace/events/napi.h>
#include <trace/events/net.h>
#include <trace/events/skb.h>
-@@ -730,7 +731,8 @@ struct net_device *__dev_get_by_name(str
+@@ -734,7 +735,8 @@ struct net_device *__dev_get_by_name(str
struct hlist_head *head = dev_name_hash(net, name);
hlist_for_each_entry(dev, head, name_hlist)
return dev;
return NULL;
-@@ -755,7 +757,8 @@ struct net_device *dev_get_by_name_rcu(s
+@@ -759,7 +761,8 @@ struct net_device *dev_get_by_name_rcu(s
struct hlist_head *head = dev_name_hash(net, name);
hlist_for_each_entry_rcu(dev, head, name_hlist)
return dev;
return NULL;
-@@ -805,7 +808,8 @@ struct net_device *__dev_get_by_index(st
+@@ -809,7 +812,8 @@ struct net_device *__dev_get_by_index(st
struct hlist_head *head = dev_index_hash(net, ifindex);
hlist_for_each_entry(dev, head, index_hlist)
return dev;
return NULL;
-@@ -823,7 +827,7 @@ EXPORT_SYMBOL(__dev_get_by_index);
+@@ -827,7 +831,7 @@ EXPORT_SYMBOL(__dev_get_by_index);
* about locking. The caller must hold RCU lock.
*/
{
struct net_device *dev;
struct hlist_head *head = dev_index_hash(net, ifindex);
-@@ -834,6 +838,16 @@ struct net_device *dev_get_by_index_rcu(
+@@ -838,6 +842,16 @@ struct net_device *dev_get_by_index_rcu(
return NULL;
}
EXPORT_SYMBOL(dev_get_by_index_rcu);
-@@ -916,7 +930,8 @@ struct net_device *dev_getbyhwaddr_rcu(s
+@@ -915,7 +929,8 @@ struct net_device *dev_getbyhwaddr_rcu(s
for_each_netdev_rcu(net, dev)
if (dev->type == type &&
return dev;
return NULL;
-@@ -928,9 +943,11 @@ struct net_device *__dev_getfirstbyhwtyp
+@@ -927,9 +942,11 @@ struct net_device *__dev_getfirstbyhwtyp
struct net_device *dev;
ASSERT_RTNL();
return NULL;
}
-@@ -942,7 +959,8 @@ struct net_device *dev_getfirstbyhwtype(
+@@ -941,7 +958,8 @@ struct net_device *dev_getfirstbyhwtype(
rcu_read_lock();
for_each_netdev_rcu(net, dev)
dev_hold(dev);
ret = dev;
break;
-@@ -972,7 +990,8 @@ struct net_device *__dev_get_by_flags(st
+@@ -971,7 +989,8 @@ struct net_device *__dev_get_by_flags(st
ret = NULL;
for_each_netdev(net, dev) {
ret = dev;
break;
}
-@@ -1050,6 +1069,8 @@ static int __dev_alloc_name(struct net *
+@@ -1049,6 +1068,8 @@ static int __dev_alloc_name(struct net *
continue;
if (i < 0 || i >= max_netdevices)
continue;
/* avoid cases where sscanf is not exact inverse of printf */
snprintf(buf, IFNAMSIZ, name, i);
-diff -NurpP --minimal linux-4.9.207/net/core/net-procfs.c linux-4.9.207-vs2.3.9.11/net/core/net-procfs.c
---- linux-4.9.207/net/core/net-procfs.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/core/net-procfs.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/core/net-procfs.c linux-4.9/net/core/net-procfs.c
+--- linux-4.9/net/core/net-procfs.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/net/core/net-procfs.c 2021-02-24 15:47:45.131077472 +0100
@@ -1,6 +1,7 @@
#include <linux/netdevice.h>
#include <linux/proc_fs.h>
struct rtnl_link_stats64 temp;
- const struct rtnl_link_stats64 *stats = dev_get_stats(dev, &temp);
+ const struct rtnl_link_stats64 *stats;
-+
+
+ /* device visible inside network context? */
+ if (!nx_dev_visible(current_nx_info(), dev))
+ return;
-
++
+ stats = dev_get_stats(dev, &temp);
seq_printf(seq, "%6s: %7llu %7llu %4llu %4llu %4llu %5llu %10llu %9llu "
"%8llu %7llu %4llu %4llu %4llu %5llu %7llu %10llu\n",
dev->name, stats->rx_bytes, stats->rx_packets,
-diff -NurpP --minimal linux-4.9.207/net/core/rtnetlink.c linux-4.9.207-vs2.3.9.11/net/core/rtnetlink.c
---- linux-4.9.207/net/core/rtnetlink.c 2019-12-25 15:28:44.997192322 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/core/rtnetlink.c 2019-12-25 15:37:52.958413722 +0000
+diff -urNp -x '*.orig' linux-4.9/net/core/rtnetlink.c linux-4.9/net/core/rtnetlink.c
+--- linux-4.9/net/core/rtnetlink.c 2021-02-24 15:47:32.577351411 +0100
++++ linux-4.9/net/core/rtnetlink.c 2021-02-24 15:47:45.134410910 +0100
@@ -1615,6 +1615,8 @@ static int rtnl_dump_ifinfo(struct sk_bu
goto cont;
if (idx < s_idx)
if (dev->reg_state != NETREG_REGISTERED)
return;
-diff -NurpP --minimal linux-4.9.207/net/core/sock.c linux-4.9.207-vs2.3.9.11/net/core/sock.c
---- linux-4.9.207/net/core/sock.c 2019-12-25 15:28:44.997192322 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/core/sock.c 2019-12-25 15:37:52.958413722 +0000
+diff -urNp -x '*.orig' linux-4.9/net/core/sock.c linux-4.9/net/core/sock.c
+--- linux-4.9/net/core/sock.c 2021-02-24 15:47:32.580684849 +0100
++++ linux-4.9/net/core/sock.c 2021-02-24 15:47:45.134410910 +0100
@@ -135,6 +135,10 @@
#include <linux/filter.h>
#include <trace/events/sock.h>
-@@ -1340,6 +1344,8 @@ static struct sock *sk_prot_alloc(struct
+@@ -1339,6 +1343,9 @@ static struct sock *sk_prot_alloc(struct
+ if (!try_module_get(prot->owner))
goto out_free_sec;
sk_tx_queue_clear(sk);
- }
++
+ sock_vx_init(sk);
+ sock_nx_init(sk);
+ }
return sk;
-
-@@ -1443,6 +1449,11 @@ static void __sk_destruct(struct rcu_hea
+@@ -1444,6 +1451,11 @@ static void __sk_destruct(struct rcu_hea
put_pid(sk->sk_peer_pid);
if (likely(sk->sk_net_refcnt))
put_net(sock_net(sk));
sk_prot_free(sk->sk_prot_creator, sk);
}
-@@ -1504,6 +1515,8 @@ struct sock *sk_clone_lock(const struct
+@@ -1505,6 +1517,8 @@ struct sock *sk_clone_lock(const struct
/* SANITY */
if (likely(newsk->sk_net_refcnt))
get_net(sock_net(newsk));
sk_node_init(&newsk->sk_node);
sock_lock_init(newsk);
bh_lock_sock(newsk);
-@@ -1574,6 +1587,12 @@ struct sock *sk_clone_lock(const struct
+@@ -1575,6 +1589,12 @@ struct sock *sk_clone_lock(const struct
smp_wmb();
atomic_set(&newsk->sk_refcnt, 2);
/*
* Increment the counter in the same struct proto as the master
* sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
-@@ -2477,6 +2496,12 @@ void sock_init_data(struct socket *sock,
+@@ -2500,6 +2520,12 @@ void sock_init_data(struct socket *sock,
seqlock_init(&sk->sk_stamp_seq);
#endif
#ifdef CONFIG_NET_RX_BUSY_POLL
sk->sk_napi_id = 0;
sk->sk_ll_usec = sysctl_net_busy_read;
-diff -NurpP --minimal linux-4.9.207/net/ipv4/af_inet.c linux-4.9.207-vs2.3.9.11/net/ipv4/af_inet.c
---- linux-4.9.207/net/ipv4/af_inet.c 2019-12-25 15:28:45.207188929 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/af_inet.c 2018-10-20 05:55:44.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/af_inet.c linux-4.9/net/ipv4/af_inet.c
+--- linux-4.9/net/ipv4/af_inet.c 2021-02-24 15:47:32.587351724 +0100
++++ linux-4.9/net/ipv4/af_inet.c 2021-02-24 15:47:45.134410910 +0100
@@ -303,10 +303,15 @@ lookup_protocol:
}
const struct proto_ops inet_stream_ops = {
.family = PF_INET,
-diff -NurpP --minimal linux-4.9.207/net/ipv4/arp.c linux-4.9.207-vs2.3.9.11/net/ipv4/arp.c
---- linux-4.9.207/net/ipv4/arp.c 2019-12-25 15:28:45.207188929 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/arp.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/arp.c linux-4.9/net/ipv4/arp.c
+--- linux-4.9/net/ipv4/arp.c 2021-02-24 15:47:32.587351724 +0100
++++ linux-4.9/net/ipv4/arp.c 2021-02-24 15:47:45.134410910 +0100
@@ -1320,6 +1320,7 @@ static void arp_format_neigh_entry(struc
struct net_device *dev = n->dev;
int hatype = dev->type;
sprintf(tbuf, "%pI4", n->key);
seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
-diff -NurpP --minimal linux-4.9.207/net/ipv4/devinet.c linux-4.9.207-vs2.3.9.11/net/ipv4/devinet.c
---- linux-4.9.207/net/ipv4/devinet.c 2019-12-25 15:28:45.207188929 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/devinet.c 2019-12-25 15:37:52.998413076 +0000
-@@ -546,6 +546,7 @@ struct in_device *inetdev_by_index(struc
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/devinet.c linux-4.9/net/ipv4/devinet.c
+--- linux-4.9/net/ipv4/devinet.c 2021-02-24 15:47:32.587351724 +0100
++++ linux-4.9/net/ipv4/devinet.c 2021-02-24 15:47:45.134410910 +0100
+@@ -547,6 +547,7 @@ struct in_device *inetdev_by_index(struc
}
EXPORT_SYMBOL(inetdev_by_index);
/* Called only from RTNL semaphored context. No locks. */
struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
-@@ -1000,6 +1001,8 @@ int devinet_ioctl(struct net *net, unsig
+@@ -1006,6 +1007,8 @@ int devinet_ioctl(struct net *net, unsig
in_dev = __in_dev_get_rtnl(dev);
if (in_dev) {
if (tryaddrmatch) {
/* Matthias Andree */
/* compare label and address (4.4BSD style) */
-@@ -1008,6 +1011,8 @@ int devinet_ioctl(struct net *net, unsig
+@@ -1014,6 +1017,8 @@ int devinet_ioctl(struct net *net, unsig
This is checked above. */
for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
ifap = &ifa->ifa_next) {
if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
sin_orig.sin_addr.s_addr ==
ifa->ifa_local) {
-@@ -1020,9 +1025,12 @@ int devinet_ioctl(struct net *net, unsig
+@@ -1026,9 +1031,12 @@ int devinet_ioctl(struct net *net, unsig
comparing just the label */
if (!ifa) {
for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
}
}
-@@ -1176,6 +1184,8 @@ static int inet_gifconf(struct net_devic
+@@ -1182,6 +1190,8 @@ static int inet_gifconf(struct net_devic
goto out;
for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
if (!buf) {
done += sizeof(ifr);
continue;
-@@ -1598,6 +1608,7 @@ static int inet_dump_ifaddr(struct sk_bu
+@@ -1604,6 +1614,7 @@ static int inet_dump_ifaddr(struct sk_bu
struct net_device *dev;
struct in_device *in_dev;
struct in_ifaddr *ifa;
struct hlist_head *head;
s_h = cb->args[0];
-@@ -1621,6 +1632,8 @@ static int inet_dump_ifaddr(struct sk_bu
+@@ -1627,6 +1638,8 @@ static int inet_dump_ifaddr(struct sk_bu
for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
ifa = ifa->ifa_next, ip_idx++) {
if (ip_idx < s_ip_idx)
continue;
if (inet_fill_ifaddr(skb, ifa,
-diff -NurpP --minimal linux-4.9.207/net/ipv4/fib_trie.c linux-4.9.207-vs2.3.9.11/net/ipv4/fib_trie.c
---- linux-4.9.207/net/ipv4/fib_trie.c 2019-12-25 15:28:45.207188929 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/fib_trie.c 2019-02-22 08:37:56.413037657 +0000
-@@ -2627,6 +2627,7 @@ static int fib_route_seq_show(struct seq
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/fib_trie.c linux-4.9/net/ipv4/fib_trie.c
+--- linux-4.9/net/ipv4/fib_trie.c 2021-02-24 15:47:32.590685161 +0100
++++ linux-4.9/net/ipv4/fib_trie.c 2021-02-24 15:47:45.134410910 +0100
+@@ -2630,6 +2630,7 @@ static int fib_route_seq_show(struct seq
seq_setwidth(seq, 127);
if (fi)
seq_printf(seq,
"%s\t%08X\t%08X\t%04X\t%d\t%u\t"
-diff -NurpP --minimal linux-4.9.207/net/ipv4/inet_connection_sock.c linux-4.9.207-vs2.3.9.11/net/ipv4/inet_connection_sock.c
---- linux-4.9.207/net/ipv4/inet_connection_sock.c 2019-12-25 15:28:45.217188765 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/inet_connection_sock.c 2019-10-05 14:58:46.260298130 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/inet_connection_sock.c linux-4.9/net/ipv4/inet_connection_sock.c
+--- linux-4.9/net/ipv4/inet_connection_sock.c 2021-02-24 15:47:32.590685161 +0100
++++ linux-4.9/net/ipv4/inet_connection_sock.c 2021-02-24 15:47:45.134410910 +0100
@@ -16,6 +16,7 @@
#include <linux/module.h>
#include <linux/jhash.h>
break;
}
}
-diff -NurpP --minimal linux-4.9.207/net/ipv4/inet_diag.c linux-4.9.207-vs2.3.9.11/net/ipv4/inet_diag.c
---- linux-4.9.207/net/ipv4/inet_diag.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/inet_diag.c 2018-10-20 06:33:52.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/inet_diag.c linux-4.9/net/ipv4/inet_diag.c
+--- linux-4.9/net/ipv4/inet_diag.c 2021-02-24 15:47:32.590685161 +0100
++++ linux-4.9/net/ipv4/inet_diag.c 2021-02-24 15:47:45.134410910 +0100
@@ -31,6 +31,8 @@
#include <linux/inet.h>
}
}
EXPORT_SYMBOL_GPL(inet_diag_msg_common_fill);
-@@ -879,6 +881,9 @@ void inet_diag_dump_icsk(struct inet_has
+@@ -882,6 +884,9 @@ void inet_diag_dump_icsk(struct inet_has
if (!net_eq(sock_net(sk), net))
continue;
if (num < s_num) {
num++;
continue;
-@@ -941,6 +946,8 @@ skip_listen_ht:
+@@ -944,6 +949,8 @@ skip_listen_ht:
if (!net_eq(sock_net(sk), net))
continue;
if (num < s_num)
goto next_normal;
state = (sk->sk_state == TCP_TIME_WAIT) ?
-diff -NurpP --minimal linux-4.9.207/net/ipv4/inet_hashtables.c linux-4.9.207-vs2.3.9.11/net/ipv4/inet_hashtables.c
---- linux-4.9.207/net/ipv4/inet_hashtables.c 2019-12-25 15:28:45.217188765 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/inet_hashtables.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/inet_hashtables.c linux-4.9/net/ipv4/inet_hashtables.c
+--- linux-4.9/net/ipv4/inet_hashtables.c 2021-02-24 15:47:32.594018600 +0100
++++ linux-4.9/net/ipv4/inet_hashtables.c 2021-02-24 15:47:45.134410910 +0100
@@ -24,6 +24,7 @@
#include <net/inet_connection_sock.h>
#include <net/inet_hashtables.h>
#include <net/ip.h>
#include <net/tcp.h>
#include <net/sock_reuseport.h>
-@@ -186,6 +187,11 @@ static inline int compute_score(struct s
+@@ -187,6 +188,11 @@ static inline int compute_score(struct s
if (rcv_saddr != daddr)
return -1;
score += 4;
}
if (sk->sk_bound_dev_if || exact_dif) {
if (sk->sk_bound_dev_if != dif)
-@@ -300,6 +306,7 @@ begin:
+@@ -302,6 +308,7 @@ begin:
goto found;
}
}
/*
* if the nulls value we got at the end of this lookup is
* not the expected one, we must restart lookup.
-diff -NurpP --minimal linux-4.9.207/net/ipv4/netfilter.c linux-4.9.207-vs2.3.9.11/net/ipv4/netfilter.c
---- linux-4.9.207/net/ipv4/netfilter.c 2019-12-25 15:28:45.267187958 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/netfilter.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/netfilter.c linux-4.9/net/ipv4/netfilter.c
+--- linux-4.9/net/ipv4/netfilter.c 2021-02-24 15:47:32.597352037 +0100
++++ linux-4.9/net/ipv4/netfilter.c 2021-02-24 15:47:45.134410910 +0100
@@ -11,7 +11,7 @@
#include <linux/skbuff.h>
#include <linux/gfp.h>
#include <net/xfrm.h>
#include <net/ip.h>
#include <net/netfilter/nf_queue.h>
-diff -NurpP --minimal linux-4.9.207/net/ipv4/raw.c linux-4.9.207-vs2.3.9.11/net/ipv4/raw.c
---- linux-4.9.207/net/ipv4/raw.c 2019-12-25 15:28:45.297187472 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/raw.c 2019-10-05 14:58:46.260298130 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/raw.c linux-4.9/net/ipv4/raw.c
+--- linux-4.9/net/ipv4/raw.c 2021-02-24 15:47:32.600685475 +0100
++++ linux-4.9/net/ipv4/raw.c 2021-02-24 15:47:45.137744347 +0100
@@ -128,7 +128,7 @@ static struct sock *__raw_v4_lookup(stru
if (net_eq(sock_net(sk), net) && inet->inet_num == num &&
err = NF_HOOK(NFPROTO_IPV4, NF_INET_LOCAL_OUT,
net, sk, skb, NULL, rt->dst.dev,
dst_output);
-@@ -623,6 +629,16 @@ static int raw_sendmsg(struct sock *sk,
+@@ -625,6 +631,16 @@ static int raw_sendmsg(struct sock *sk,
goto done;
}
security_sk_classify_flow(sk, flowi4_to_flowi(&fl4));
rt = ip_route_output_flow(net, &fl4, sk);
if (IS_ERR(rt)) {
-@@ -701,17 +717,19 @@ static int raw_bind(struct sock *sk, str
+@@ -703,17 +719,19 @@ static int raw_bind(struct sock *sk, str
{
struct inet_sock *inet = inet_sk(sk);
struct sockaddr_in *addr = (struct sockaddr_in *) uaddr;
if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
inet->inet_saddr = 0; /* Use device */
sk_dst_reset(sk);
-@@ -760,7 +778,8 @@ static int raw_recvmsg(struct sock *sk,
+@@ -762,7 +780,8 @@ static int raw_recvmsg(struct sock *sk,
/* Copy the address. */
if (sin) {
sin->sin_family = AF_INET;
sin->sin_port = 0;
memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
*addr_len = sizeof(*sin);
-@@ -956,7 +975,8 @@ static struct sock *raw_get_first(struct
+@@ -958,7 +977,8 @@ static struct sock *raw_get_first(struct
for (state->bucket = 0; state->bucket < RAW_HTABLE_SIZE;
++state->bucket) {
sk_for_each(sk, &state->h->ht[state->bucket])
goto found;
}
sk = NULL;
-@@ -972,7 +992,8 @@ static struct sock *raw_get_next(struct
+@@ -974,7 +994,8 @@ static struct sock *raw_get_next(struct
sk = sk_next(sk);
try_again:
;
if (!sk && ++state->bucket < RAW_HTABLE_SIZE) {
sk = sk_head(&state->h->ht[state->bucket]);
-diff -NurpP --minimal linux-4.9.207/net/ipv4/route.c linux-4.9.207-vs2.3.9.11/net/ipv4/route.c
---- linux-4.9.207/net/ipv4/route.c 2019-12-25 15:28:45.297187472 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/route.c 2019-12-25 15:37:52.998413076 +0000
-@@ -2289,7 +2289,7 @@ struct rtable *__ip_route_output_key_has
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/route.c linux-4.9/net/ipv4/route.c
+--- linux-4.9/net/ipv4/route.c 2021-02-24 15:47:32.600685475 +0100
++++ linux-4.9/net/ipv4/route.c 2021-02-24 15:47:45.137744347 +0100
+@@ -2287,7 +2287,7 @@ struct rtable *__ip_route_output_key_has
if (fl4->flowi4_oif) {
rth = ERR_PTR(-ENODEV);
if (!dev_out)
goto out;
-diff -NurpP --minimal linux-4.9.207/net/ipv4/tcp.c linux-4.9.207-vs2.3.9.11/net/ipv4/tcp.c
---- linux-4.9.207/net/ipv4/tcp.c 2019-12-25 15:28:45.297187472 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/tcp.c 2019-10-05 14:58:46.260298130 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/tcp.c linux-4.9/net/ipv4/tcp.c
+--- linux-4.9/net/ipv4/tcp.c 2021-02-24 15:47:32.600685475 +0100
++++ linux-4.9/net/ipv4/tcp.c 2021-02-24 15:47:45.137744347 +0100
@@ -269,6 +269,7 @@
#include <linux/err.h>
#include <linux/time.h>
#include <net/icmp.h>
#include <net/inet_common.h>
-diff -NurpP --minimal linux-4.9.207/net/ipv4/tcp_ipv4.c linux-4.9.207-vs2.3.9.11/net/ipv4/tcp_ipv4.c
---- linux-4.9.207/net/ipv4/tcp_ipv4.c 2019-12-25 15:28:45.317187148 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/tcp_ipv4.c 2019-12-25 15:37:52.998413076 +0000
-@@ -1935,8 +1935,12 @@ get_head:
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/tcp_ipv4.c linux-4.9/net/ipv4/tcp_ipv4.c
+--- linux-4.9/net/ipv4/tcp_ipv4.c 2021-02-24 15:47:32.604018912 +0100
++++ linux-4.9/net/ipv4/tcp_ipv4.c 2021-02-24 15:47:45.137744347 +0100
+@@ -1944,8 +1944,12 @@ get_head:
sk = sk_nulls_next(sk);
get_sk:
sk_nulls_for_each_from(sk, node) {
+ vxdprintk(VXD_CBIT(net, 6), "sk: %p [#%d] (from %d)",
-+ sk, sk->sk_nid, nx_current_nid());
++ sk, sk->sk_nid, nx_current_nid());
if (!net_eq(sock_net(sk), net))
continue;
+ if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
if (sk->sk_family == st->family)
return sk;
}
-@@ -1989,6 +1993,11 @@ static void *established_get_first(struc
+@@ -1999,6 +2003,11 @@ static void *established_get_first(struc
spin_lock_bh(lock);
sk_nulls_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
if (sk->sk_family != st->family ||
!net_eq(sock_net(sk), net)) {
continue;
-@@ -2015,6 +2024,11 @@ static void *established_get_next(struct
+@@ -2025,6 +2034,11 @@ static void *established_get_next(struct
sk = sk_nulls_next(sk);
sk_nulls_for_each_from(sk, node) {
if (sk->sk_family == st->family && net_eq(sock_net(sk), net))
return sk;
}
-@@ -2206,9 +2220,9 @@ static void get_openreq4(const struct re
+@@ -2216,9 +2230,9 @@ static void get_openreq4(const struct re
seq_printf(f, "%4d: %08X:%04X %08X:%04X"
" %02X %08X:%08X %02X:%08lX %08X %5u %8d %u %d %pK",
i,
ntohs(ireq->ir_rmt_port),
TCP_SYN_RECV,
0, 0, /* could print option size, but that is af dependent. */
-@@ -2231,8 +2245,8 @@ static void get_tcp4_sock(struct sock *s
+@@ -2241,8 +2255,8 @@ static void get_tcp4_sock(struct sock *s
const struct inet_connection_sock *icsk = inet_csk(sk);
const struct inet_sock *inet = inet_sk(sk);
const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
__u16 destp = ntohs(inet->inet_dport);
__u16 srcp = ntohs(inet->inet_sport);
int rx_queue;
-@@ -2291,8 +2305,8 @@ static void get_timewait4_sock(const str
+@@ -2301,8 +2315,8 @@ static void get_timewait4_sock(const str
__be32 dest, src;
__u16 destp, srcp;
destp = ntohs(tw->tw_dport);
srcp = ntohs(tw->tw_sport);
-diff -NurpP --minimal linux-4.9.207/net/ipv4/tcp_minisocks.c linux-4.9.207-vs2.3.9.11/net/ipv4/tcp_minisocks.c
---- linux-4.9.207/net/ipv4/tcp_minisocks.c 2019-12-25 15:28:45.317187148 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/tcp_minisocks.c 2018-10-20 05:55:44.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/tcp_minisocks.c linux-4.9/net/ipv4/tcp_minisocks.c
+--- linux-4.9/net/ipv4/tcp_minisocks.c 2021-02-24 15:47:32.604018912 +0100
++++ linux-4.9/net/ipv4/tcp_minisocks.c 2021-02-24 15:47:45.137744347 +0100
@@ -23,6 +23,9 @@
#include <linux/slab.h>
#include <linux/sysctl.h>
#if IS_ENABLED(CONFIG_IPV6)
if (tw->tw_family == PF_INET6) {
struct ipv6_pinfo *np = inet6_sk(sk);
-diff -NurpP --minimal linux-4.9.207/net/ipv4/udp.c linux-4.9.207-vs2.3.9.11/net/ipv4/udp.c
---- linux-4.9.207/net/ipv4/udp.c 2019-12-25 15:28:45.327186987 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/udp.c 2019-10-05 14:58:46.260298130 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/udp.c linux-4.9/net/ipv4/udp.c
+--- linux-4.9/net/ipv4/udp.c 2021-02-24 15:47:32.607352350 +0100
++++ linux-4.9/net/ipv4/udp.c 2021-02-24 15:47:45.137744347 +0100
@@ -361,12 +361,26 @@ int ipv4_rcv_saddr_equal(const struct so
bool match_wildcard)
{
__u16 destp = ntohs(inet->inet_dport);
__u16 srcp = ntohs(inet->inet_sport);
-diff -NurpP --minimal linux-4.9.207/net/ipv4/udp_diag.c linux-4.9.207-vs2.3.9.11/net/ipv4/udp_diag.c
---- linux-4.9.207/net/ipv4/udp_diag.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv4/udp_diag.c 2018-10-20 06:31:18.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv4/udp_diag.c linux-4.9/net/ipv4/udp_diag.c
+--- linux-4.9/net/ipv4/udp_diag.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/net/ipv4/udp_diag.c 2021-02-24 15:47:45.137744347 +0100
@@ -120,6 +120,8 @@ static void udp_dump(struct udp_table *t
if (!net_eq(sock_net(sk), net))
if (num < s_num)
goto next;
if (!(r->idiag_states & (1 << sk->sk_state)))
-diff -NurpP --minimal linux-4.9.207/net/ipv6/addrconf.c linux-4.9.207-vs2.3.9.11/net/ipv6/addrconf.c
---- linux-4.9.207/net/ipv6/addrconf.c 2019-12-25 15:28:45.367186342 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/addrconf.c 2019-10-22 13:47:05.779626538 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/addrconf.c linux-4.9/net/ipv6/addrconf.c
+--- linux-4.9/net/ipv6/addrconf.c 2021-02-24 15:47:32.607352350 +0100
++++ linux-4.9/net/ipv6/addrconf.c 2021-02-24 15:47:45.141077785 +0100
@@ -92,6 +92,7 @@
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
}
}
-@@ -4130,7 +4137,10 @@ static void if6_seq_stop(struct seq_file
+@@ -4135,7 +4142,10 @@ static void if6_seq_stop(struct seq_file
static int if6_seq_show(struct seq_file *seq, void *v)
{
struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v;
&ifp->addr,
ifp->idev->dev->ifindex,
ifp->prefix_len,
-@@ -4714,6 +4724,11 @@ static int in6_dump_addrs(struct inet6_d
+@@ -4719,6 +4729,11 @@ static int in6_dump_addrs(struct inet6_d
struct ifacaddr6 *ifaca;
int err = 1;
int ip_idx = *p_ip_idx;
read_lock_bh(&idev->lock);
switch (type) {
-@@ -4724,6 +4739,8 @@ static int in6_dump_addrs(struct inet6_d
+@@ -4729,6 +4744,8 @@ static int in6_dump_addrs(struct inet6_d
list_for_each_entry(ifa, &idev->addr_list, if_list) {
if (ip_idx < s_ip_idx)
goto next;
err = inet6_fill_ifaddr(skb, ifa,
NETLINK_CB(cb->skb).portid,
cb->nlh->nlmsg_seq,
-@@ -4743,6 +4760,8 @@ next:
+@@ -4748,6 +4765,8 @@ next:
ifmca = ifmca->next, ip_idx++) {
if (ip_idx < s_ip_idx)
continue;
err = inet6_fill_ifmcaddr(skb, ifmca,
NETLINK_CB(cb->skb).portid,
cb->nlh->nlmsg_seq,
-@@ -4758,6 +4777,8 @@ next:
+@@ -4763,6 +4782,8 @@ next:
ifaca = ifaca->aca_next, ip_idx++) {
if (ip_idx < s_ip_idx)
continue;
err = inet6_fill_ifacaddr(skb, ifaca,
NETLINK_CB(cb->skb).portid,
cb->nlh->nlmsg_seq,
-@@ -4786,6 +4807,10 @@ static int inet6_dump_addr(struct sk_buf
+@@ -4791,6 +4812,10 @@ static int inet6_dump_addr(struct sk_buf
struct inet6_dev *idev;
struct hlist_head *head;
s_h = cb->args[0];
s_idx = idx = cb->args[1];
s_ip_idx = ip_idx = cb->args[2];
-@@ -5304,6 +5329,7 @@ static int inet6_dump_ifinfo(struct sk_b
+@@ -5309,6 +5334,7 @@ static int inet6_dump_ifinfo(struct sk_b
struct net_device *dev;
struct inet6_dev *idev;
struct hlist_head *head;
s_h = cb->args[0];
s_idx = cb->args[1];
-@@ -5315,6 +5341,8 @@ static int inet6_dump_ifinfo(struct sk_b
+@@ -5320,6 +5346,8 @@ static int inet6_dump_ifinfo(struct sk_b
hlist_for_each_entry_rcu(dev, head, index_hlist) {
if (idx < s_idx)
goto cont;
idev = __in6_dev_get(dev);
if (!idev)
goto cont;
-diff -NurpP --minimal linux-4.9.207/net/ipv6/af_inet6.c linux-4.9.207-vs2.3.9.11/net/ipv6/af_inet6.c
---- linux-4.9.207/net/ipv6/af_inet6.c 2019-12-25 15:28:45.367186342 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/af_inet6.c 2019-02-22 08:37:56.413037657 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/af_inet6.c linux-4.9/net/ipv6/af_inet6.c
+--- linux-4.9/net/ipv6/af_inet6.c 2021-02-24 15:47:32.607352350 +0100
++++ linux-4.9/net/ipv6/af_inet6.c 2021-02-24 15:47:45.141077785 +0100
@@ -43,6 +43,7 @@
#include <linux/netdevice.h>
#include <linux/icmpv6.h>
if (ipv6_addr_any(&sk->sk_v6_rcv_saddr))
sin->sin6_addr = np->saddr;
else
-diff -NurpP --minimal linux-4.9.207/net/ipv6/datagram.c linux-4.9.207-vs2.3.9.11/net/ipv6/datagram.c
---- linux-4.9.207/net/ipv6/datagram.c 2019-12-25 15:28:45.367186342 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/datagram.c 2019-02-22 08:37:56.423037487 +0000
-@@ -779,7 +779,7 @@ int ip6_datagram_send_ctl(struct net *ne
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/datagram.c linux-4.9/net/ipv6/datagram.c
+--- linux-4.9/net/ipv6/datagram.c 2021-02-24 15:47:32.610685787 +0100
++++ linux-4.9/net/ipv6/datagram.c 2021-02-24 15:47:45.141077785 +0100
+@@ -792,7 +792,7 @@ int ip6_datagram_send_ctl(struct net *ne
rcu_read_lock();
if (fl6->flowi6_oif) {
if (!dev) {
rcu_read_unlock();
return -ENODEV;
-diff -NurpP --minimal linux-4.9.207/net/ipv6/fib6_rules.c linux-4.9.207-vs2.3.9.11/net/ipv6/fib6_rules.c
---- linux-4.9.207/net/ipv6/fib6_rules.c 2019-12-25 15:28:45.387186017 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/fib6_rules.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/fib6_rules.c linux-4.9/net/ipv6/fib6_rules.c
+--- linux-4.9/net/ipv6/fib6_rules.c 2021-02-24 15:47:32.610685787 +0100
++++ linux-4.9/net/ipv6/fib6_rules.c 2021-02-24 15:47:45.141077785 +0100
@@ -102,7 +102,7 @@ static int fib6_rule_action(struct fib_r
ip6_dst_idev(&rt->dst)->dev,
&flp6->daddr,
goto again;
if (!ipv6_prefix_equal(&saddr, &r->src.addr,
r->src.plen))
-diff -NurpP --minimal linux-4.9.207/net/ipv6/inet6_hashtables.c linux-4.9.207-vs2.3.9.11/net/ipv6/inet6_hashtables.c
---- linux-4.9.207/net/ipv6/inet6_hashtables.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/inet6_hashtables.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/inet6_hashtables.c linux-4.9/net/ipv6/inet6_hashtables.c
+--- linux-4.9/net/ipv6/inet6_hashtables.c 2021-02-24 15:47:32.610685787 +0100
++++ linux-4.9/net/ipv6/inet6_hashtables.c 2021-02-24 15:47:45.141077785 +0100
@@ -16,6 +16,7 @@
#include <linux/module.h>
}
if (sk->sk_bound_dev_if || exact_dif) {
if (sk->sk_bound_dev_if != dif)
-@@ -282,39 +286,71 @@ EXPORT_SYMBOL_GPL(inet6_hash);
+@@ -283,39 +287,71 @@ EXPORT_SYMBOL_GPL(inet6_hash);
* IPV6_ADDR_ANY only equals to IPV6_ADDR_ANY,
* and 0.0.0.0 equals to 0.0.0.0 only
*/
}
- if (addr_type == IPV6_ADDR_ANY && addr_type2 == IPV6_ADDR_ANY)
-- return 1;
+ /* if both are wildcards, check for overlap */
+ if (addr_type1 == IPV6_ADDR_ANY && addr_type2 == IPV6_ADDR_ANY)
+ return nx_v6_addr_conflict(sk1->sk_nx_info, sk2->sk_nx_info);
-
-- if (addr_type2 == IPV6_ADDR_ANY && match_wildcard &&
-- !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED))
++
+ /* if both are valid ipv6 addresses, mapped handled above */
+ if (addr_type1 != IPV6_ADDR_ANY && addr_type2 != IPV6_ADDR_ANY &&
+ sk2_rcv_saddr6 && ipv6_addr_equal(sk1_rcv_saddr6, sk2_rcv_saddr6))
return 1;
-- if (addr_type == IPV6_ADDR_ANY && match_wildcard &&
-- !(ipv6_only_sock(sk) && addr_type2 == IPV6_ADDR_MAPPED))
+- if (addr_type2 == IPV6_ADDR_ANY && match_wildcard &&
+- !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED))
- return 1;
+ if (addr_type1 == IPV6_ADDR_ANY && match_wildcard) {
+ /* ipv6only case handled above */
+ return v6_addr_in_nx_info(sk1->sk_nx_info, sk2_rcv_saddr6, -1);
+ }
-- if (sk2_rcv_saddr6 &&
-- ipv6_addr_equal(&sk->sk_v6_rcv_saddr, sk2_rcv_saddr6))
+- if (addr_type == IPV6_ADDR_ANY && match_wildcard &&
+- !(ipv6_only_sock(sk) && addr_type2 == IPV6_ADDR_MAPPED))
- return 1;
+ if (addr_type2 == IPV6_ADDR_ANY && match_wildcard) {
+ /* ipv6only case handled above */
+ else
+ return v6_addr_in_nx_info(sk2->sk_nx_info, sk1_rcv_saddr6, -1);
+ }
-+
+
+- if (sk2_rcv_saddr6 &&
+- ipv6_addr_equal(&sk->sk_v6_rcv_saddr, sk2_rcv_saddr6))
+- return 1;
+ return 0;
+
+vs_v4:
return 0;
}
-diff -NurpP --minimal linux-4.9.207/net/ipv6/ip6_fib.c linux-4.9.207-vs2.3.9.11/net/ipv6/ip6_fib.c
---- linux-4.9.207/net/ipv6/ip6_fib.c 2019-12-25 15:28:45.387186017 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/ip6_fib.c 2018-10-20 04:58:15.000000000 +0000
-@@ -1976,6 +1976,7 @@ static int ipv6_route_seq_show(struct se
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/ip6_fib.c linux-4.9/net/ipv6/ip6_fib.c
+--- linux-4.9/net/ipv6/ip6_fib.c 2021-02-24 15:47:32.610685787 +0100
++++ linux-4.9/net/ipv6/ip6_fib.c 2021-02-24 15:47:45.141077785 +0100
+@@ -1977,6 +1977,7 @@ static int ipv6_route_seq_show(struct se
struct rt6_info *rt = v;
struct ipv6_route_iter *iter = seq->private;
seq_printf(seq, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen);
#ifdef CONFIG_IPV6_SUBTREES
-diff -NurpP --minimal linux-4.9.207/net/ipv6/ip6_output.c linux-4.9.207-vs2.3.9.11/net/ipv6/ip6_output.c
---- linux-4.9.207/net/ipv6/ip6_output.c 2019-12-25 15:28:45.397185857 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/ip6_output.c 2019-10-05 14:58:46.270297968 +0000
-@@ -962,7 +962,8 @@ static int ip6_dst_lookup_tail(struct ne
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/ip6_output.c linux-4.9/net/ipv6/ip6_output.c
+--- linux-4.9/net/ipv6/ip6_output.c 2021-02-24 15:47:33.077367054 +0100
++++ linux-4.9/net/ipv6/ip6_output.c 2021-02-24 15:47:45.141077785 +0100
+@@ -966,7 +966,8 @@ static int ip6_dst_lookup_tail(struct ne
rt = (*dst)->error ? NULL : (struct rt6_info *)*dst;
err = ip6_route_get_saddr(net, rt, &fl6->daddr,
sk ? inet6_sk(sk)->srcprefs : 0,
if (err)
goto out_err_release;
-diff -NurpP --minimal linux-4.9.207/net/ipv6/ip6_tunnel.c linux-4.9.207-vs2.3.9.11/net/ipv6/ip6_tunnel.c
---- linux-4.9.207/net/ipv6/ip6_tunnel.c 2019-12-25 15:28:45.397185857 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/ip6_tunnel.c 2019-10-05 14:58:46.270297968 +0000
-@@ -1116,7 +1116,7 @@ route_lookup:
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/ip6_tunnel.c linux-4.9/net/ipv6/ip6_tunnel.c
+--- linux-4.9/net/ipv6/ip6_tunnel.c 2021-02-24 15:47:32.614019225 +0100
++++ linux-4.9/net/ipv6/ip6_tunnel.c 2021-02-24 15:47:45.141077785 +0100
+@@ -1124,7 +1124,7 @@ route_lookup:
}
if (t->parms.collect_md &&
ipv6_dev_get_saddr(net, ip6_dst_idev(dst)->dev,
goto tx_err_link_failure;
ndst = dst;
}
-diff -NurpP --minimal linux-4.9.207/net/ipv6/ndisc.c linux-4.9.207-vs2.3.9.11/net/ipv6/ndisc.c
---- linux-4.9.207/net/ipv6/ndisc.c 2019-12-25 15:28:45.407185693 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/ndisc.c 2019-02-22 08:37:56.423037487 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/ndisc.c linux-4.9/net/ipv6/ndisc.c
+--- linux-4.9/net/ipv6/ndisc.c 2021-02-24 15:47:32.614019225 +0100
++++ linux-4.9/net/ipv6/ndisc.c 2021-02-24 15:47:45.141077785 +0100
@@ -512,7 +512,7 @@ void ndisc_send_na(struct net_device *de
} else {
if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
return;
src_addr = &tmpaddr;
}
-diff -NurpP --minimal linux-4.9.207/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c linux-4.9.207-vs2.3.9.11/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c
---- linux-4.9.207/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c linux-4.9/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c
+--- linux-4.9/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/net/ipv6/netfilter/nf_nat_masquerade_ipv6.c 2021-02-24 15:47:45.141077785 +0100
@@ -39,7 +39,7 @@ nf_nat_masquerade_ipv6(struct sk_buff *s
ctinfo == IP_CT_RELATED_REPLY));
return NF_DROP;
nfct_nat(ct)->masq_index = out->ifindex;
-diff -NurpP --minimal linux-4.9.207/net/ipv6/raw.c linux-4.9.207-vs2.3.9.11/net/ipv6/raw.c
---- linux-4.9.207/net/ipv6/raw.c 2019-12-25 15:28:45.477184561 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/raw.c 2019-10-05 14:58:46.270297968 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/raw.c linux-4.9/net/ipv6/raw.c
+--- linux-4.9/net/ipv6/raw.c 2021-02-24 15:47:32.617352663 +0100
++++ linux-4.9/net/ipv6/raw.c 2021-02-24 15:47:45.141077785 +0100
@@ -293,6 +293,13 @@ static int rawv6_bind(struct sock *sk, s
goto out_unlock;
}
/* ipv4 addr of the socket is invalid. Only the
* unspecified and mapped address have a v4 equivalent.
*/
-diff -NurpP --minimal linux-4.9.207/net/ipv6/route.c linux-4.9.207-vs2.3.9.11/net/ipv6/route.c
---- linux-4.9.207/net/ipv6/route.c 2019-12-25 15:28:45.477184561 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/route.c 2019-10-05 14:58:46.270297968 +0000
-@@ -3294,7 +3294,8 @@ static int rt6_fill_node(struct net *net
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/route.c linux-4.9/net/ipv6/route.c
+--- linux-4.9/net/ipv6/route.c 2021-02-24 15:47:32.617352663 +0100
++++ linux-4.9/net/ipv6/route.c 2021-02-24 15:47:45.144411223 +0100
+@@ -3297,7 +3297,8 @@ static int rt6_fill_node(struct net *net
goto nla_put_failure;
} else if (dst) {
struct in6_addr saddr_buf;
nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
goto nla_put_failure;
}
-diff -NurpP --minimal linux-4.9.207/net/ipv6/tcp_ipv6.c linux-4.9.207-vs2.3.9.11/net/ipv6/tcp_ipv6.c
---- linux-4.9.207/net/ipv6/tcp_ipv6.c 2019-12-25 15:28:45.477184561 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/tcp_ipv6.c 2019-10-05 14:58:46.270297968 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/tcp_ipv6.c linux-4.9/net/ipv6/tcp_ipv6.c
+--- linux-4.9/net/ipv6/tcp_ipv6.c 2021-02-24 15:47:32.620686100 +0100
++++ linux-4.9/net/ipv6/tcp_ipv6.c 2021-02-24 15:47:45.144411223 +0100
@@ -149,11 +149,18 @@ static int tcp_v6_connect(struct sock *s
*/
}
addr_type = ipv6_addr_type(&usin->sin6_addr);
-diff -NurpP --minimal linux-4.9.207/net/ipv6/udp.c linux-4.9.207-vs2.3.9.11/net/ipv6/udp.c
---- linux-4.9.207/net/ipv6/udp.c 2019-12-25 15:28:45.487184400 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/udp.c 2019-10-05 14:58:46.270297968 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/udp.c linux-4.9/net/ipv6/udp.c
+--- linux-4.9/net/ipv6/udp.c 2021-02-24 15:47:32.620686100 +0100
++++ linux-4.9/net/ipv6/udp.c 2021-02-24 15:47:45.144411223 +0100
@@ -135,6 +135,10 @@ static int compute_score(struct sock *sk
if (inet->inet_dport != sport)
return -1;
}
if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr)) {
-diff -NurpP --minimal linux-4.9.207/net/ipv6/xfrm6_policy.c linux-4.9.207-vs2.3.9.11/net/ipv6/xfrm6_policy.c
---- linux-4.9.207/net/ipv6/xfrm6_policy.c 2019-12-25 15:28:45.507184076 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/ipv6/xfrm6_policy.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/ipv6/xfrm6_policy.c linux-4.9/net/ipv6/xfrm6_policy.c
+--- linux-4.9/net/ipv6/xfrm6_policy.c 2021-02-24 15:47:32.620686100 +0100
++++ linux-4.9/net/ipv6/xfrm6_policy.c 2021-02-24 15:47:45.144411223 +0100
@@ -64,7 +64,8 @@ static int xfrm6_get_saddr(struct net *n
return -EHOSTUNREACH;
dst_release(dst);
return 0;
}
-diff -NurpP --minimal linux-4.9.207/net/netfilter/ipvs/ip_vs_xmit.c linux-4.9.207-vs2.3.9.11/net/netfilter/ipvs/ip_vs_xmit.c
---- linux-4.9.207/net/netfilter/ipvs/ip_vs_xmit.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/netfilter/ipvs/ip_vs_xmit.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/netfilter/ipvs/ip_vs_xmit.c linux-4.9/net/netfilter/ipvs/ip_vs_xmit.c
+--- linux-4.9/net/netfilter/ipvs/ip_vs_xmit.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/net/netfilter/ipvs/ip_vs_xmit.c 2021-02-24 15:47:45.144411223 +0100
@@ -381,7 +381,7 @@ __ip_vs_route_output_v6(struct net *net,
return dst;
if (ipv6_addr_any(&fl6.saddr) &&
goto out_err;
if (do_xfrm) {
dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
-diff -NurpP --minimal linux-4.9.207/net/netlink/af_netlink.c linux-4.9.207-vs2.3.9.11/net/netlink/af_netlink.c
---- linux-4.9.207/net/netlink/af_netlink.c 2019-12-25 15:28:46.637165893 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/netlink/af_netlink.c 2018-10-20 05:56:16.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/netlink/af_netlink.c linux-4.9/net/netlink/af_netlink.c
+--- linux-4.9/net/netlink/af_netlink.c 2021-02-24 15:47:32.654020476 +0100
++++ linux-4.9/net/netlink/af_netlink.c 2021-02-24 15:47:45.144411223 +0100
@@ -63,6 +63,8 @@
#include <linux/hash.h>
#include <linux/genetlink.h>
#include <net/net_namespace.h>
#include <net/sock.h>
-@@ -2477,7 +2479,8 @@ static void *__netlink_seq_next(struct s
+@@ -2478,7 +2480,8 @@ static void *__netlink_seq_next(struct s
if (err)
return ERR_PTR(err);
}
return nlk;
}
-diff -NurpP --minimal linux-4.9.207/net/packet/diag.c linux-4.9.207-vs2.3.9.11/net/packet/diag.c
---- linux-4.9.207/net/packet/diag.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/packet/diag.c 2018-10-20 06:31:18.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/packet/diag.c linux-4.9/net/packet/diag.c
+--- linux-4.9/net/packet/diag.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/net/packet/diag.c 2021-02-24 15:47:45.144411223 +0100
@@ -4,6 +4,7 @@
#include <linux/netdevice.h>
#include <linux/packet_diag.h>
if (num < s_num)
goto next;
-diff -NurpP --minimal linux-4.9.207/net/socket.c linux-4.9.207-vs2.3.9.11/net/socket.c
---- linux-4.9.207/net/socket.c 2019-12-25 15:28:49.507119801 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/socket.c 2019-10-05 14:58:47.230282628 +0000
+diff -urNp -x '*.orig' linux-4.9/net/socket.c linux-4.9/net/socket.c
+--- linux-4.9/net/socket.c 2021-02-24 15:47:32.680687977 +0100
++++ linux-4.9/net/socket.c 2021-02-24 15:47:45.144411223 +0100
@@ -100,10 +100,12 @@
#include <net/sock.h>
err = sock1->ops->socketpair(sock1, sock2);
if (err < 0)
-diff -NurpP --minimal linux-4.9.207/net/sunrpc/auth.c linux-4.9.207-vs2.3.9.11/net/sunrpc/auth.c
---- linux-4.9.207/net/sunrpc/auth.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/sunrpc/auth.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/sunrpc/auth.c linux-4.9/net/sunrpc/auth.c
+--- linux-4.9/net/sunrpc/auth.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/net/sunrpc/auth.c 2021-02-24 15:47:45.144411223 +0100
@@ -15,6 +15,7 @@
#include <linux/sunrpc/clnt.h>
#include <linux/sunrpc/gss_api.h>
};
dprintk("RPC: %5u looking up %s cred\n",
-diff -NurpP --minimal linux-4.9.207/net/sunrpc/auth_unix.c linux-4.9.207-vs2.3.9.11/net/sunrpc/auth_unix.c
---- linux-4.9.207/net/sunrpc/auth_unix.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/sunrpc/auth_unix.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/net/sunrpc/auth_unix.c linux-4.9/net/sunrpc/auth_unix.c
+--- linux-4.9/net/sunrpc/auth_unix.c 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/net/sunrpc/auth_unix.c 2021-02-24 15:47:45.144411223 +0100
@@ -13,11 +13,13 @@
#include <linux/sunrpc/clnt.h>
#include <linux/sunrpc/auth.h>
hold = p++;
for (i = 0; i < 16 && gid_valid(cred->uc_gids[i]); i++)
*p++ = htonl((u32) from_kgid(&init_user_ns, cred->uc_gids[i]));
-diff -NurpP --minimal linux-4.9.207/net/sunrpc/clnt.c linux-4.9.207-vs2.3.9.11/net/sunrpc/clnt.c
---- linux-4.9.207/net/sunrpc/clnt.c 2019-12-25 15:28:49.887113700 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/sunrpc/clnt.c 2019-10-05 14:58:47.230282628 +0000
+diff -urNp -x '*.orig' linux-4.9/net/sunrpc/clnt.c linux-4.9/net/sunrpc/clnt.c
+--- linux-4.9/net/sunrpc/clnt.c 2021-02-24 15:47:32.684021415 +0100
++++ linux-4.9/net/sunrpc/clnt.c 2021-02-24 15:47:45.147744660 +0100
@@ -31,6 +31,7 @@
#include <linux/in.h>
#include <linux/in6.h>
return clnt;
}
-diff -NurpP --minimal linux-4.9.207/net/unix/af_unix.c linux-4.9.207-vs2.3.9.11/net/unix/af_unix.c
---- linux-4.9.207/net/unix/af_unix.c 2019-12-25 15:28:50.607102137 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/unix/af_unix.c 2019-12-25 15:37:53.138410818 +0000
+diff -urNp -x '*.orig' linux-4.9/net/unix/af_unix.c linux-4.9/net/unix/af_unix.c
+--- linux-4.9/net/unix/af_unix.c 2021-02-24 15:47:32.694021728 +0100
++++ linux-4.9/net/unix/af_unix.c 2021-02-24 15:47:45.147744660 +0100
@@ -117,6 +117,8 @@
#include <net/checksum.h>
#include <linux/security.h>
struct hlist_head unix_socket_table[2 * UNIX_HASH_SIZE];
EXPORT_SYMBOL_GPL(unix_socket_table);
-@@ -284,6 +286,8 @@ static struct sock *__unix_find_socket_b
+@@ -290,6 +292,8 @@ static struct sock *__unix_find_socket_b
if (!net_eq(sock_net(s), net))
continue;
if (u->addr->len == len &&
!memcmp(u->addr->name, sunname, len))
goto found;
-@@ -2744,6 +2748,8 @@ static struct sock *unix_from_bucket(str
+@@ -2751,6 +2755,8 @@ static struct sock *unix_from_bucket(str
for (sk = sk_head(&unix_socket_table[bucket]); sk; sk = sk_next(sk)) {
if (sock_net(sk) != seq_file_net(seq))
continue;
if (++count == offset)
break;
}
-@@ -2761,6 +2767,8 @@ static struct sock *unix_next_socket(str
+@@ -2768,6 +2774,8 @@ static struct sock *unix_next_socket(str
sk = sk_next(sk);
if (!sk)
goto next_bucket;
if (sock_net(sk) == seq_file_net(seq))
return sk;
}
-diff -NurpP --minimal linux-4.9.207/net/unix/diag.c linux-4.9.207-vs2.3.9.11/net/unix/diag.c
---- linux-4.9.207/net/unix/diag.c 2019-12-25 15:28:50.607102137 +0000
-+++ linux-4.9.207-vs2.3.9.11/net/unix/diag.c 2019-10-05 14:58:47.230282628 +0000
+diff -urNp -x '*.orig' linux-4.9/net/unix/diag.c linux-4.9/net/unix/diag.c
+--- linux-4.9/net/unix/diag.c 2021-02-24 15:47:32.694021728 +0100
++++ linux-4.9/net/unix/diag.c 2021-02-24 15:47:45.147744660 +0100
@@ -4,6 +4,7 @@
#include <linux/unix_diag.h>
#include <linux/skbuff.h>
if (num < s_num)
goto next;
if (!(req->udiag_states & (1 << sk->sk_state)))
-diff -NurpP --minimal linux-4.9.207/scripts/checksyscalls.sh linux-4.9.207-vs2.3.9.11/scripts/checksyscalls.sh
---- linux-4.9.207/scripts/checksyscalls.sh 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/scripts/checksyscalls.sh 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/scripts/checksyscalls.sh linux-4.9/scripts/checksyscalls.sh
+--- linux-4.9/scripts/checksyscalls.sh 2016-12-11 20:17:54.000000000 +0100
++++ linux-4.9/scripts/checksyscalls.sh 2021-02-24 15:47:45.147744660 +0100
@@ -196,7 +196,6 @@ cat << EOF
#define __IGNORE_afs_syscall
#define __IGNORE_getpmsg
EOF
}
-diff -NurpP --minimal linux-4.9.207/security/commoncap.c linux-4.9.207-vs2.3.9.11/security/commoncap.c
---- linux-4.9.207/security/commoncap.c 2016-12-11 19:17:54.000000000 +0000
-+++ linux-4.9.207-vs2.3.9.11/security/commoncap.c 2018-10-20 04:58:15.000000000 +0000
+diff -urNp -x '*.orig' linux-4.9/security/commoncap.c linux-4.9/security/commoncap.c
+--- linux-4.9/security/commoncap.c 2021-02-24 15:47:32.714022353 +0100
++++ linux-4.9/security/commoncap.c 2021-02-24 15:47:45.147744660 +0100
@@ -71,6 +71,7 @@ static void warn_setuid_and_fcaps_mixed(
int cap_capable(const struct cred *cred, struct user_namespace *targ_ns,
int cap, int audit)
/* Have we tried all of the parent namespaces? */
if (ns == &init_user_ns)
-@@ -667,7 +672,7 @@ int cap_inode_setxattr(struct dentry *de
+@@ -668,7 +673,7 @@ int cap_inode_setxattr(struct dentry *de
if (!strncmp(name, XATTR_SECURITY_PREFIX,
sizeof(XATTR_SECURITY_PREFIX) - 1) &&
return -EPERM;
return 0;
}
-@@ -693,7 +698,7 @@ int cap_inode_removexattr(struct dentry
+@@ -694,7 +699,7 @@ int cap_inode_removexattr(struct dentry
if (!strncmp(name, XATTR_SECURITY_PREFIX,
sizeof(XATTR_SECURITY_PREFIX) - 1) &&
return -EPERM;
return 0;
}
-diff -NurpP --minimal linux-4.9.207/security/selinux/hooks.c linux-4.9.207-vs2.3.9.11/security/selinux/hooks.c
---- linux-4.9.207/security/selinux/hooks.c 2019-12-25 15:28:52.047079008 +0000
-+++ linux-4.9.207-vs2.3.9.11/security/selinux/hooks.c 2019-10-05 14:58:47.310281348 +0000
+diff -urNp -x '*.orig' linux-4.9/security/selinux/hooks.c linux-4.9/security/selinux/hooks.c
+--- linux-4.9/security/selinux/hooks.c 2021-02-24 15:47:32.720689229 +0100
++++ linux-4.9/security/selinux/hooks.c 2021-02-24 15:47:45.147744660 +0100
@@ -67,7 +67,6 @@
#include <linux/dccp.h>
#include <linux/quota.h>