1 diff -NurpP --minimal linux-3.0-rc5/Documentation/vserver/debug.txt linux-3.0-rc5-vs2.3.1-pre3/Documentation/vserver/debug.txt
2 --- linux-3.0-rc5/Documentation/vserver/debug.txt 1970-01-01 01:00:00.000000000 +0100
3 +++ linux-3.0-rc5-vs2.3.1-pre3/Documentation/vserver/debug.txt 2011-06-10 22:11:24.000000000 +0200
8 + 2 4 "vx_map_tgid: %p/%llx: %d -> %d"
9 + "vx_rmap_tgid: %p/%llx: %d -> %d"
13 + 0 1 "ALLOC (%p,#%d)%c inode (%d)"
14 + "FREE (%p,#%d)%c inode"
15 + 1 2 "ALLOC (%p,#%d)%c %lld bytes (%d)"
16 + "FREE (%p,#%d)%c %lld bytes"
17 + 2 4 "ADJUST: %lld,%lld on %ld,%ld [mult=%d]"
18 + 3 8 "ext3_has_free_blocks(%p): %lu<%lu+1, %c, %u!=%u r=%d"
19 + "ext3_has_free_blocks(%p): free=%lu, root=%lu"
20 + "rcu_free_dl_info(%p)"
21 + 4 10 "alloc_dl_info(%p,%d) = %p"
22 + "dealloc_dl_info(%p)"
23 + "get_dl_info(%p[#%d.%d])"
24 + "put_dl_info(%p[#%d.%d])"
25 + 5 20 "alloc_dl_info(%p,%d)*"
26 + 6 40 "__hash_dl_info: %p[#%d]"
27 + "__unhash_dl_info: %p[#%d]"
28 + 7 80 "locate_dl_info(%p,#%d) = %p"
32 + 0 1 "destroy_dqhash: %p [#0x%08x] c=%d"
33 + "new_dqhash: %p [#0x%08x]"
34 + "vroot[%d]_clr_dev: dev=%p[%lu,%d:%d]"
35 + "vroot[%d]_get_real_bdev: dev=%p[%lu,%d:%d]"
36 + "vroot[%d]_set_dev: dev=%p[%lu,%d:%d]"
37 + "vroot_get_real_bdev not set"
38 + 1 2 "cow_break_link(»%s«)"
40 + 2 4 "dentry_open(new): %p"
41 + "dentry_open(old): %p"
42 + "lookup_create(new): %p"
44 + "path_lookup(old): %d"
45 + "vfs_create(new): %d"
48 + 3 8 "fput(new_file=%p[#%d])"
49 + "fput(old_file=%p[#%d])"
50 + 4 10 "vx_info_kill(%p[#%d],%d,%d) = %d"
51 + "vx_info_kill(%p[#%d],%d,%d)*"
52 + 5 20 "vs_reboot(%p[#%d],%d)"
53 + 6 40 "dropping task %p[#%u,%u] for %p[#%u,%u]"
57 + 2 4 "nx_addr_conflict(%p,%p) %d.%d,%d.%d"
58 + 3 8 "inet_bind(%p) %d.%d.%d.%d, %d.%d.%d.%d, %d.%d.%d.%d"
59 + "inet_bind(%p)* %p,%p;%lx %d.%d.%d.%d"
60 + 4 10 "ip_route_connect(%p) %p,%p;%lx"
61 + 5 20 "__addr_in_socket(%p,%d.%d.%d.%d) %p:%d.%d.%d.%d %p;%lx"
62 + 6 40 "sk,egf: %p [#%d] (from %d)"
63 + "sk,egn: %p [#%d] (from %d)"
64 + "sk,req: %p [#%d] (from %d)"
65 + "sk: %p [#%d] (from %d)"
66 + "tw: %p [#%d] (from %d)"
67 + 7 80 "__sock_recvmsg: %p[%p,%p,%p;%d]:%d/%d"
68 + "__sock_sendmsg: %p[%p,%p,%p;%d]:%d/%d"
72 + 0 1 "__lookup_nx_info(#%u): %p[#%u]"
73 + "alloc_nx_info(%d) = %p"
74 + "create_nx_info(%d) (dynamic rejected)"
75 + "create_nx_info(%d) = %p (already there)"
76 + "create_nx_info(%d) = %p (new)"
77 + "dealloc_nx_info(%p)"
78 + 1 2 "alloc_nx_info(%d)*"
79 + "create_nx_info(%d)*"
80 + 2 4 "get_nx_info(%p[#%d.%d])"
81 + "put_nx_info(%p[#%d.%d])"
82 + 3 8 "claim_nx_info(%p[#%d.%d.%d]) %p"
83 + "clr_nx_info(%p[#%d.%d])"
84 + "init_nx_info(%p[#%d.%d])"
85 + "release_nx_info(%p[#%d.%d.%d]) %p"
86 + "set_nx_info(%p[#%d.%d])"
87 + 4 10 "__hash_nx_info: %p[#%d]"
88 + "__nx_dynamic_id: [#%d]"
89 + "__unhash_nx_info: %p[#%d.%d.%d]"
90 + 5 20 "moved task %p into nxi:%p[#%d]"
91 + "nx_migrate_task(%p,%p[#%d.%d.%d])"
92 + "task_get_nx_info(%p)"
93 + 6 40 "nx_clear_persistent(%p[#%d])"
97 + 0 1 "quota_sync_dqh(%p,%d) discard inode %p"
98 + 1 2 "quota_sync_dqh(%p,%d)"
99 + "sync_dquots(%p,%d)"
100 + "sync_dquots_dqh(%p,%d)"
101 + 3 8 "do_quotactl(%p,%d,cmd=%d,id=%d,%p)"
105 + 0 1 "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]"
106 + 1 2 "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]"
107 + 4 10 "%s: (%s %s) returned %s with %d"
111 + 7 80 "dx_parse_tag(»%s«): %d:#%d"
112 + "dx_propagate_tag(%p[#%lu.%d]): %d,%d"
116 + 0 1 "__lookup_vx_info(#%u): %p[#%u]"
117 + "alloc_vx_info(%d) = %p"
118 + "alloc_vx_info(%d)*"
119 + "create_vx_info(%d) (dynamic rejected)"
120 + "create_vx_info(%d) = %p (already there)"
121 + "create_vx_info(%d) = %p (new)"
122 + "dealloc_vx_info(%p)"
123 + "loc_vx_info(%d) = %p (found)"
124 + "loc_vx_info(%d) = %p (new)"
125 + "loc_vx_info(%d) = %p (not available)"
126 + 1 2 "create_vx_info(%d)*"
128 + 2 4 "get_vx_info(%p[#%d.%d])"
129 + "put_vx_info(%p[#%d.%d])"
130 + 3 8 "claim_vx_info(%p[#%d.%d.%d]) %p"
131 + "clr_vx_info(%p[#%d.%d])"
132 + "init_vx_info(%p[#%d.%d])"
133 + "release_vx_info(%p[#%d.%d.%d]) %p"
134 + "set_vx_info(%p[#%d.%d])"
135 + 4 10 "__hash_vx_info: %p[#%d]"
136 + "__unhash_vx_info: %p[#%d.%d.%d]"
137 + "__vx_dynamic_id: [#%d]"
138 + 5 20 "enter_vx_info(%p[#%d],%p) %p[#%d,%p]"
139 + "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]"
140 + "moved task %p into vxi:%p[#%d]"
141 + "task_get_vx_info(%p)"
142 + "vx_migrate_task(%p,%p[#%d.%d])"
143 + 6 40 "vx_clear_persistent(%p[#%d])"
144 + "vx_exit_init(%p[#%d],%p[#%d,%d,%d])"
145 + "vx_set_init(%p[#%d],%p[#%d,%d,%d])"
146 + "vx_set_persistent(%p[#%d])"
147 + "vx_set_reaper(%p[#%d],%p[#%d,%d])"
148 + 7 80 "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]"
153 + n 2^n "vx_acc_cres[%5d,%s,%2d]: %5d%s"
154 + "vx_cres_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
156 + m 2^m "vx_acc_page[%5d,%s,%2d]: %5d%s"
157 + "vx_acc_pages[%5d,%s,%2d]: %5d += %5d"
158 + "vx_pages_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
159 diff -NurpP --minimal linux-3.0-rc5/arch/alpha/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/Kconfig
160 --- linux-3.0-rc5/arch/alpha/Kconfig 2011-07-01 11:13:32.000000000 +0200
161 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/Kconfig 2011-06-10 22:11:24.000000000 +0200
162 @@ -668,6 +668,8 @@ config DUMMY_CONSOLE
166 +source "kernel/vserver/Kconfig"
168 source "security/Kconfig"
170 source "crypto/Kconfig"
171 diff -NurpP --minimal linux-3.0-rc5/arch/alpha/kernel/entry.S linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/entry.S
172 --- linux-3.0-rc5/arch/alpha/kernel/entry.S 2010-10-21 13:06:45.000000000 +0200
173 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/entry.S 2011-06-10 22:11:24.000000000 +0200
174 @@ -860,24 +860,15 @@ sys_getxgid:
181 - ldq $2, TI_TASK($8)
183 - /* See linux/kernel/timer.c sys_getppid for discussion
184 - about this loop. */
185 - ldq $3, TASK_GROUP_LEADER($2)
186 - ldq $4, TASK_REAL_PARENT($3)
187 - ldl $0, TASK_TGID($2)
188 -1: ldl $1, TASK_TGID($4)
192 - ldq $3, TASK_GROUP_LEADER($2)
193 - ldq $4, TASK_REAL_PARENT($3)
199 + jsr $26, do_getxpid
206 diff -NurpP --minimal linux-3.0-rc5/arch/alpha/kernel/ptrace.c linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/ptrace.c
207 --- linux-3.0-rc5/arch/alpha/kernel/ptrace.c 2011-01-05 21:48:40.000000000 +0100
208 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/ptrace.c 2011-06-10 22:11:24.000000000 +0200
210 #include <linux/user.h>
211 #include <linux/security.h>
212 #include <linux/signal.h>
213 +#include <linux/vs_base.h>
215 #include <asm/uaccess.h>
216 #include <asm/pgtable.h>
217 diff -NurpP --minimal linux-3.0-rc5/arch/alpha/kernel/systbls.S linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/systbls.S
218 --- linux-3.0-rc5/arch/alpha/kernel/systbls.S 2011-07-01 11:13:32.000000000 +0200
219 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/systbls.S 2011-06-10 22:11:24.000000000 +0200
220 @@ -446,7 +446,7 @@ sys_call_table:
221 .quad sys_stat64 /* 425 */
224 - .quad sys_ni_syscall /* sys_vserver */
225 + .quad sys_vserver /* sys_vserver */
226 .quad sys_ni_syscall /* sys_mbind */
227 .quad sys_ni_syscall /* sys_get_mempolicy */
228 .quad sys_ni_syscall /* sys_set_mempolicy */
229 diff -NurpP --minimal linux-3.0-rc5/arch/alpha/kernel/traps.c linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/traps.c
230 --- linux-3.0-rc5/arch/alpha/kernel/traps.c 2010-10-21 13:06:46.000000000 +0200
231 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/alpha/kernel/traps.c 2011-06-10 22:11:24.000000000 +0200
232 @@ -183,7 +183,8 @@ die_if_kernel(char * str, struct pt_regs
234 printk("CPU %d ", hard_smp_processor_id());
236 - printk("%s(%d): %s %ld\n", current->comm, task_pid_nr(current), str, err);
237 + printk("%s(%d[#%u]): %s %ld\n", current->comm,
238 + task_pid_nr(current), current->xid, str, err);
239 dik_show_regs(regs, r9_15);
240 add_taint(TAINT_DIE);
241 dik_show_trace((unsigned long *)(regs+1));
242 diff -NurpP --minimal linux-3.0-rc5/arch/arm/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/arm/Kconfig
243 --- linux-3.0-rc5/arch/arm/Kconfig 2011-07-01 11:13:32.000000000 +0200
244 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/arm/Kconfig 2011-06-10 22:11:24.000000000 +0200
245 @@ -2035,6 +2035,8 @@ source "fs/Kconfig"
247 source "arch/arm/Kconfig.debug"
249 +source "kernel/vserver/Kconfig"
251 source "security/Kconfig"
253 source "crypto/Kconfig"
254 diff -NurpP --minimal linux-3.0-rc5/arch/arm/kernel/calls.S linux-3.0-rc5-vs2.3.1-pre3/arch/arm/kernel/calls.S
255 --- linux-3.0-rc5/arch/arm/kernel/calls.S 2011-07-01 11:13:32.000000000 +0200
256 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/arm/kernel/calls.S 2011-06-10 22:11:24.000000000 +0200
258 /* 310 */ CALL(sys_request_key)
260 CALL(ABI(sys_semtimedop, sys_oabi_semtimedop))
261 -/* vserver */ CALL(sys_ni_syscall)
264 /* 315 */ CALL(sys_ioprio_get)
265 CALL(sys_inotify_init)
266 diff -NurpP --minimal linux-3.0-rc5/arch/arm/kernel/process.c linux-3.0-rc5-vs2.3.1-pre3/arch/arm/kernel/process.c
267 --- linux-3.0-rc5/arch/arm/kernel/process.c 2011-05-22 16:16:47.000000000 +0200
268 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/arm/kernel/process.c 2011-06-10 22:11:24.000000000 +0200
269 @@ -315,7 +315,8 @@ void __show_regs(struct pt_regs *regs)
270 void show_regs(struct pt_regs * regs)
273 - printk("Pid: %d, comm: %20s\n", task_pid_nr(current), current->comm);
274 + printk("Pid: %d[#%u], comm: %20s\n",
275 + task_pid_nr(current), current->xid, current->comm);
279 diff -NurpP --minimal linux-3.0-rc5/arch/arm/kernel/traps.c linux-3.0-rc5-vs2.3.1-pre3/arch/arm/kernel/traps.c
280 --- linux-3.0-rc5/arch/arm/kernel/traps.c 2011-07-01 11:13:32.000000000 +0200
281 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/arm/kernel/traps.c 2011-06-22 12:39:12.000000000 +0200
282 @@ -242,8 +242,8 @@ static int __die(const char *str, int er
286 - printk(KERN_EMERG "Process %.*s (pid: %d, stack limit = 0x%p)\n",
287 - TASK_COMM_LEN, tsk->comm, task_pid_nr(tsk), thread + 1);
288 + printk(KERN_EMERG "Process %.*s (pid: %d:#%u, stack limit = 0x%p)\n",
289 + TASK_COMM_LEN, tsk->comm, task_pid_nr(tsk), tsk->xid, thread + 1);
291 if (!user_mode(regs) || in_interrupt()) {
292 dump_mem(KERN_EMERG, "Stack: ", regs->ARM_sp,
293 diff -NurpP --minimal linux-3.0-rc5/arch/cris/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/cris/Kconfig
294 --- linux-3.0-rc5/arch/cris/Kconfig 2011-07-01 11:13:37.000000000 +0200
295 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/cris/Kconfig 2011-06-10 22:11:24.000000000 +0200
296 @@ -678,6 +678,8 @@ source "drivers/staging/Kconfig"
298 source "arch/cris/Kconfig.debug"
300 +source "kernel/vserver/Kconfig"
302 source "security/Kconfig"
304 source "crypto/Kconfig"
305 diff -NurpP --minimal linux-3.0-rc5/arch/frv/kernel/kernel_thread.S linux-3.0-rc5-vs2.3.1-pre3/arch/frv/kernel/kernel_thread.S
306 --- linux-3.0-rc5/arch/frv/kernel/kernel_thread.S 2008-12-25 00:26:37.000000000 +0100
307 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/frv/kernel/kernel_thread.S 2011-06-10 22:11:24.000000000 +0200
308 @@ -37,7 +37,7 @@ kernel_thread:
310 # start by forking the current process, but with shared VM
311 setlos.p #__NR_clone,gr7 ; syscall number
312 - ori gr10,#CLONE_VM,gr8 ; first syscall arg [clone_flags]
313 + ori gr10,#CLONE_KT,gr8 ; first syscall arg [clone_flags]
314 sethi.p #0xe4e4,gr9 ; second syscall arg [newsp]
316 setlos.p #0,gr10 ; third syscall arg [parent_tidptr]
317 diff -NurpP --minimal linux-3.0-rc5/arch/h8300/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/h8300/Kconfig
318 --- linux-3.0-rc5/arch/h8300/Kconfig 2011-07-01 11:13:37.000000000 +0200
319 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/h8300/Kconfig 2011-06-10 22:11:24.000000000 +0200
320 @@ -213,6 +213,8 @@ source "fs/Kconfig"
322 source "arch/h8300/Kconfig.debug"
324 +source "kernel/vserver/Kconfig"
326 source "security/Kconfig"
328 source "crypto/Kconfig"
329 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/Kconfig
330 --- linux-3.0-rc5/arch/ia64/Kconfig 2011-07-01 11:13:37.000000000 +0200
331 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/Kconfig 2011-06-10 22:11:24.000000000 +0200
332 @@ -671,6 +671,8 @@ source "fs/Kconfig"
334 source "arch/ia64/Kconfig.debug"
336 +source "kernel/vserver/Kconfig"
338 source "security/Kconfig"
340 source "crypto/Kconfig"
341 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/include/asm/tlb.h linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/include/asm/tlb.h
342 --- linux-3.0-rc5/arch/ia64/include/asm/tlb.h 2011-07-01 11:13:37.000000000 +0200
343 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/include/asm/tlb.h 2011-06-10 22:11:24.000000000 +0200
345 #include <linux/mm.h>
346 #include <linux/pagemap.h>
347 #include <linux/swap.h>
348 +#include <linux/vs_memory.h>
350 #include <asm/pgalloc.h>
351 #include <asm/processor.h>
352 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/kernel/entry.S linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/entry.S
353 --- linux-3.0-rc5/arch/ia64/kernel/entry.S 2011-07-01 11:13:38.000000000 +0200
354 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/entry.S 2011-06-10 22:11:24.000000000 +0200
355 @@ -1714,7 +1714,7 @@ sys_call_table:
357 data8 sys_mq_getsetattr
359 - data8 sys_ni_syscall // reserved for vserver
361 data8 sys_waitid // 1270
363 data8 sys_request_key
364 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/kernel/perfmon.c linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/perfmon.c
365 --- linux-3.0-rc5/arch/ia64/kernel/perfmon.c 2011-03-15 18:06:39.000000000 +0100
366 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/perfmon.c 2011-06-10 22:11:24.000000000 +0200
368 #include <linux/completion.h>
369 #include <linux/tracehook.h>
370 #include <linux/slab.h>
371 +#include <linux/vs_memory.h>
373 #include <asm/errno.h>
374 #include <asm/intrinsics.h>
375 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/kernel/process.c linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/process.c
376 --- linux-3.0-rc5/arch/ia64/kernel/process.c 2011-03-15 18:06:39.000000000 +0100
377 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/process.c 2011-06-10 22:11:24.000000000 +0200
378 @@ -109,8 +109,8 @@ show_regs (struct pt_regs *regs)
379 unsigned long ip = regs->cr_iip + ia64_psr(regs)->ri;
382 - printk("\nPid: %d, CPU %d, comm: %20s\n", task_pid_nr(current),
383 - smp_processor_id(), current->comm);
384 + printk("\nPid: %d[#%u], CPU %d, comm: %20s\n", task_pid_nr(current),
385 + current->xid, smp_processor_id(), current->comm);
386 printk("psr : %016lx ifs : %016lx ip : [<%016lx>] %s (%s)\n",
387 regs->cr_ipsr, regs->cr_ifs, ip, print_tainted(),
388 init_utsname()->release);
389 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/kernel/ptrace.c linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/ptrace.c
390 --- linux-3.0-rc5/arch/ia64/kernel/ptrace.c 2011-01-05 21:48:59.000000000 +0100
391 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/ptrace.c 2011-06-10 22:11:24.000000000 +0200
393 #include <linux/regset.h>
394 #include <linux/elf.h>
395 #include <linux/tracehook.h>
396 +#include <linux/vs_base.h>
398 #include <asm/pgtable.h>
399 #include <asm/processor.h>
400 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/kernel/traps.c linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/traps.c
401 --- linux-3.0-rc5/arch/ia64/kernel/traps.c 2010-07-07 18:31:01.000000000 +0200
402 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/kernel/traps.c 2011-06-10 22:11:24.000000000 +0200
403 @@ -59,8 +59,9 @@ die (const char *str, struct pt_regs *re
406 if (++die.lock_owner_depth < 3) {
407 - printk("%s[%d]: %s %ld [%d]\n",
408 - current->comm, task_pid_nr(current), str, err, ++die_counter);
409 + printk("%s[%d[#%u]]: %s %ld [%d]\n",
410 + current->comm, task_pid_nr(current), current->xid,
411 + str, err, ++die_counter);
412 if (notify_die(DIE_OOPS, str, regs, err, 255, SIGSEGV)
415 @@ -323,8 +324,9 @@ handle_fpu_swa (int fp_fault, struct pt_
416 if ((last.count & 15) < 5 && (ia64_fetchadd(1, &last.count, acq) & 15) < 5) {
417 last.time = current_jiffies + 5 * HZ;
419 - "%s(%d): floating-point assist fault at ip %016lx, isr %016lx\n",
420 - current->comm, task_pid_nr(current), regs->cr_iip + ia64_psr(regs)->ri, isr);
421 + "%s(%d[#%u]): floating-point assist fault at ip %016lx, isr %016lx\n",
422 + current->comm, task_pid_nr(current), current->xid,
423 + regs->cr_iip + ia64_psr(regs)->ri, isr);
427 diff -NurpP --minimal linux-3.0-rc5/arch/ia64/mm/fault.c linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/mm/fault.c
428 --- linux-3.0-rc5/arch/ia64/mm/fault.c 2011-07-01 11:13:38.000000000 +0200
429 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/ia64/mm/fault.c 2011-06-10 22:28:23.000000000 +0200
431 #include <linux/kprobes.h>
432 #include <linux/kdebug.h>
433 #include <linux/prefetch.h>
434 +#include <linux/vs_memory.h>
436 #include <asm/pgtable.h>
437 #include <asm/processor.h>
438 diff -NurpP --minimal linux-3.0-rc5/arch/m32r/kernel/traps.c linux-3.0-rc5-vs2.3.1-pre3/arch/m32r/kernel/traps.c
439 --- linux-3.0-rc5/arch/m32r/kernel/traps.c 2009-12-03 20:01:57.000000000 +0100
440 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/m32r/kernel/traps.c 2011-06-10 22:11:24.000000000 +0200
441 @@ -196,8 +196,9 @@ static void show_registers(struct pt_reg
443 printk("SPI: %08lx\n", sp);
445 - printk("Process %s (pid: %d, process nr: %d, stackpage=%08lx)",
446 - current->comm, task_pid_nr(current), 0xffff & i, 4096+(unsigned long)current);
447 + printk("Process %s (pid: %d[#%u], process nr: %d, stackpage=%08lx)",
448 + current->comm, task_pid_nr(current), current->xid,
449 + 0xffff & i, 4096+(unsigned long)current);
452 * When in-kernel, we also print out the stack and code at the
453 diff -NurpP --minimal linux-3.0-rc5/arch/m68k/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/m68k/Kconfig
454 --- linux-3.0-rc5/arch/m68k/Kconfig 2011-07-01 11:13:38.000000000 +0200
455 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/m68k/Kconfig 2011-06-10 22:11:24.000000000 +0200
456 @@ -241,6 +241,8 @@ source "fs/Kconfig"
458 source "arch/m68k/Kconfig.debug"
460 +source "kernel/vserver/Kconfig"
462 source "security/Kconfig"
464 source "crypto/Kconfig"
465 diff -NurpP --minimal linux-3.0-rc5/arch/mips/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/mips/Kconfig
466 --- linux-3.0-rc5/arch/mips/Kconfig 2011-07-01 11:13:38.000000000 +0200
467 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/mips/Kconfig 2011-06-10 22:11:24.000000000 +0200
468 @@ -2485,6 +2485,8 @@ source "fs/Kconfig"
470 source "arch/mips/Kconfig.debug"
472 +source "kernel/vserver/Kconfig"
474 source "security/Kconfig"
476 source "crypto/Kconfig"
477 diff -NurpP --minimal linux-3.0-rc5/arch/mips/kernel/ptrace.c linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/ptrace.c
478 --- linux-3.0-rc5/arch/mips/kernel/ptrace.c 2011-07-01 11:13:39.000000000 +0200
479 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/ptrace.c 2011-06-10 22:11:24.000000000 +0200
481 #include <linux/security.h>
482 #include <linux/audit.h>
483 #include <linux/seccomp.h>
484 +#include <linux/vs_base.h>
486 #include <asm/byteorder.h>
488 @@ -263,6 +264,9 @@ long arch_ptrace(struct task_struct *chi
489 void __user *datavp = (void __user *) data;
490 unsigned long __user *datalp = (void __user *) data;
492 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
496 /* when I and D space are separate, these will need to be fixed. */
497 case PTRACE_PEEKTEXT: /* read word at location addr. */
498 diff -NurpP --minimal linux-3.0-rc5/arch/mips/kernel/scall32-o32.S linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall32-o32.S
499 --- linux-3.0-rc5/arch/mips/kernel/scall32-o32.S 2011-07-01 11:13:39.000000000 +0200
500 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall32-o32.S 2011-06-10 22:11:24.000000000 +0200
501 @@ -523,7 +523,7 @@ einval: li v0, -ENOSYS
502 sys sys_mq_timedreceive 5
503 sys sys_mq_notify 2 /* 4275 */
504 sys sys_mq_getsetattr 3
505 - sys sys_ni_syscall 0 /* sys_vserver */
508 sys sys_ni_syscall 0 /* available, was setaltroot */
509 sys sys_add_key 5 /* 4280 */
510 diff -NurpP --minimal linux-3.0-rc5/arch/mips/kernel/scall64-64.S linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall64-64.S
511 --- linux-3.0-rc5/arch/mips/kernel/scall64-64.S 2011-07-01 11:13:39.000000000 +0200
512 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall64-64.S 2011-06-10 22:11:24.000000000 +0200
513 @@ -362,7 +362,7 @@ sys_call_table:
514 PTR sys_mq_timedreceive
516 PTR sys_mq_getsetattr /* 5235 */
517 - PTR sys_ni_syscall /* sys_vserver */
520 PTR sys_ni_syscall /* available, was setaltroot */
522 diff -NurpP --minimal linux-3.0-rc5/arch/mips/kernel/scall64-n32.S linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall64-n32.S
523 --- linux-3.0-rc5/arch/mips/kernel/scall64-n32.S 2011-07-01 11:13:39.000000000 +0200
524 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall64-n32.S 2011-06-10 22:11:24.000000000 +0200
525 @@ -361,7 +361,7 @@ EXPORT(sysn32_call_table)
526 PTR compat_sys_mq_timedreceive
527 PTR compat_sys_mq_notify
528 PTR compat_sys_mq_getsetattr
529 - PTR sys_ni_syscall /* 6240, sys_vserver */
530 + PTR sys32_vserver /* 6240 */
531 PTR compat_sys_waitid
532 PTR sys_ni_syscall /* available, was setaltroot */
534 diff -NurpP --minimal linux-3.0-rc5/arch/mips/kernel/scall64-o32.S linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall64-o32.S
535 --- linux-3.0-rc5/arch/mips/kernel/scall64-o32.S 2011-07-01 11:13:39.000000000 +0200
536 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/scall64-o32.S 2011-06-10 22:11:24.000000000 +0200
537 @@ -480,7 +480,7 @@ sys_call_table:
538 PTR compat_sys_mq_timedreceive
539 PTR compat_sys_mq_notify /* 4275 */
540 PTR compat_sys_mq_getsetattr
541 - PTR sys_ni_syscall /* sys_vserver */
544 PTR sys_ni_syscall /* available, was setaltroot */
545 PTR sys_add_key /* 4280 */
546 diff -NurpP --minimal linux-3.0-rc5/arch/mips/kernel/traps.c linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/traps.c
547 --- linux-3.0-rc5/arch/mips/kernel/traps.c 2011-05-22 16:17:00.000000000 +0200
548 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/mips/kernel/traps.c 2011-06-10 22:11:24.000000000 +0200
549 @@ -343,9 +343,10 @@ void show_registers(struct pt_regs *regs
553 - printk("Process %s (pid: %d, threadinfo=%p, task=%p, tls=%0*lx)\n",
554 - current->comm, current->pid, current_thread_info(), current,
555 - field, current_thread_info()->tp_value);
556 + printk("Process %s (pid: %d:#%u, threadinfo=%p, task=%p, tls=%0*lx)\n",
557 + current->comm, task_pid_nr(current), current->xid,
558 + current_thread_info(), current,
559 + field, current_thread_info()->tp_value);
560 if (cpu_has_userlocal) {
563 diff -NurpP --minimal linux-3.0-rc5/arch/parisc/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/Kconfig
564 --- linux-3.0-rc5/arch/parisc/Kconfig 2011-07-01 11:13:42.000000000 +0200
565 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/Kconfig 2011-06-10 22:11:24.000000000 +0200
566 @@ -279,6 +279,8 @@ source "fs/Kconfig"
568 source "arch/parisc/Kconfig.debug"
570 +source "kernel/vserver/Kconfig"
572 source "security/Kconfig"
574 source "crypto/Kconfig"
575 diff -NurpP --minimal linux-3.0-rc5/arch/parisc/kernel/syscall_table.S linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/kernel/syscall_table.S
576 --- linux-3.0-rc5/arch/parisc/kernel/syscall_table.S 2011-07-01 11:13:43.000000000 +0200
577 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/kernel/syscall_table.S 2011-06-10 22:11:24.000000000 +0200
579 ENTRY_COMP(mbind) /* 260 */
580 ENTRY_COMP(get_mempolicy)
581 ENTRY_COMP(set_mempolicy)
582 - ENTRY_SAME(ni_syscall) /* 263: reserved for vserver */
583 + ENTRY_DIFF(vserver)
585 ENTRY_SAME(request_key) /* 265 */
587 diff -NurpP --minimal linux-3.0-rc5/arch/parisc/kernel/traps.c linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/kernel/traps.c
588 --- linux-3.0-rc5/arch/parisc/kernel/traps.c 2009-09-10 15:25:40.000000000 +0200
589 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/kernel/traps.c 2011-06-10 22:11:24.000000000 +0200
590 @@ -236,8 +236,9 @@ void die_if_kernel(char *str, struct pt_
594 - printk(KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
595 - current->comm, task_pid_nr(current), str, err, regs->iaoq[0]);
596 + printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld) at " RFMT "\n",
597 + current->comm, task_pid_nr(current), current->xid,
598 + str, err, regs->iaoq[0]);
599 #ifdef PRINT_USER_FAULTS
600 /* XXX for debugging only */
602 @@ -270,8 +271,8 @@ void die_if_kernel(char *str, struct pt_
603 pdc_console_restart();
606 - printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
607 - current->comm, task_pid_nr(current), str, err);
608 + printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld)\n",
609 + current->comm, task_pid_nr(current), current->xid, str, err);
611 /* Wot's wrong wif bein' racy? */
612 if (current->thread.flags & PARISC_KERNEL_DEATH) {
613 diff -NurpP --minimal linux-3.0-rc5/arch/parisc/mm/fault.c linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/mm/fault.c
614 --- linux-3.0-rc5/arch/parisc/mm/fault.c 2010-08-02 16:52:06.000000000 +0200
615 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/parisc/mm/fault.c 2011-06-10 22:11:24.000000000 +0200
616 @@ -237,8 +237,9 @@ bad_area:
618 #ifdef PRINT_USER_FAULTS
619 printk(KERN_DEBUG "\n");
620 - printk(KERN_DEBUG "do_page_fault() pid=%d command='%s' type=%lu address=0x%08lx\n",
621 - task_pid_nr(tsk), tsk->comm, code, address);
622 + printk(KERN_DEBUG "do_page_fault() pid=%d:#%u "
623 + "command='%s' type=%lu address=0x%08lx\n",
624 + task_pid_nr(tsk), tsk->xid, tsk->comm, code, address);
626 printk(KERN_DEBUG "vm_start = 0x%08lx, vm_end = 0x%08lx\n",
627 vma->vm_start, vma->vm_end);
628 diff -NurpP --minimal linux-3.0-rc5/arch/powerpc/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/Kconfig
629 --- linux-3.0-rc5/arch/powerpc/Kconfig 2011-07-01 11:13:43.000000000 +0200
630 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/Kconfig 2011-06-10 22:11:24.000000000 +0200
631 @@ -978,6 +978,8 @@ source "lib/Kconfig"
633 source "arch/powerpc/Kconfig.debug"
635 +source "kernel/vserver/Kconfig"
637 source "security/Kconfig"
640 diff -NurpP --minimal linux-3.0-rc5/arch/powerpc/include/asm/unistd.h linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/include/asm/unistd.h
641 --- linux-3.0-rc5/arch/powerpc/include/asm/unistd.h 2011-07-01 11:13:44.000000000 +0200
642 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/include/asm/unistd.h 2011-06-10 22:11:24.000000000 +0200
645 #define __NR_rtas 255
646 #define __NR_sys_debug_setcontext 256
647 -/* Number 257 is reserved for vserver */
648 +#define __NR_vserver 257
649 #define __NR_migrate_pages 258
650 #define __NR_mbind 259
651 #define __NR_get_mempolicy 260
652 diff -NurpP --minimal linux-3.0-rc5/arch/powerpc/kernel/process.c linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/kernel/process.c
653 --- linux-3.0-rc5/arch/powerpc/kernel/process.c 2011-07-01 11:13:44.000000000 +0200
654 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/kernel/process.c 2011-06-10 22:11:24.000000000 +0200
655 @@ -656,8 +656,9 @@ void show_regs(struct pt_regs * regs)
657 printk("DAR: "REG", DSISR: %08lx\n", regs->dar, regs->dsisr);
659 - printk("TASK = %p[%d] '%s' THREAD: %p",
660 - current, task_pid_nr(current), current->comm, task_thread_info(current));
661 + printk("TASK = %p[%d,#%u] '%s' THREAD: %p",
662 + current, task_pid_nr(current), current->xid,
663 + current->comm, task_thread_info(current));
666 printk(" CPU: %d", raw_smp_processor_id());
667 diff -NurpP --minimal linux-3.0-rc5/arch/powerpc/kernel/traps.c linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/kernel/traps.c
668 --- linux-3.0-rc5/arch/powerpc/kernel/traps.c 2011-07-01 11:13:44.000000000 +0200
669 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/kernel/traps.c 2011-06-10 22:11:24.000000000 +0200
670 @@ -1075,8 +1075,9 @@ void nonrecoverable_exception(struct pt_
672 void trace_syscall(struct pt_regs *regs)
674 - printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
675 - current, task_pid_nr(current), regs->nip, regs->link, regs->gpr[0],
676 + printk("Task: %p(%d[#%u]), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
677 + current, task_pid_nr(current), current->xid,
678 + regs->nip, regs->link, regs->gpr[0],
679 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted());
682 diff -NurpP --minimal linux-3.0-rc5/arch/powerpc/kernel/vdso.c linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/kernel/vdso.c
683 --- linux-3.0-rc5/arch/powerpc/kernel/vdso.c 2011-05-22 16:17:02.000000000 +0200
684 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/powerpc/kernel/vdso.c 2011-06-10 22:11:24.000000000 +0200
686 #include <linux/security.h>
687 #include <linux/bootmem.h>
688 #include <linux/memblock.h>
689 +#include <linux/vs_memory.h>
691 #include <asm/pgtable.h>
692 #include <asm/system.h>
693 diff -NurpP --minimal linux-3.0-rc5/arch/s390/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/s390/Kconfig
694 --- linux-3.0-rc5/arch/s390/Kconfig 2011-07-01 11:13:45.000000000 +0200
695 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/s390/Kconfig 2011-07-01 11:35:34.000000000 +0200
696 @@ -628,6 +628,8 @@ source "fs/Kconfig"
698 source "arch/s390/Kconfig.debug"
700 +source "kernel/vserver/Kconfig"
702 source "security/Kconfig"
704 source "crypto/Kconfig"
705 diff -NurpP --minimal linux-3.0-rc5/arch/s390/include/asm/tlb.h linux-3.0-rc5-vs2.3.1-pre3/arch/s390/include/asm/tlb.h
706 --- linux-3.0-rc5/arch/s390/include/asm/tlb.h 2011-07-01 11:13:45.000000000 +0200
707 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/s390/include/asm/tlb.h 2011-06-15 02:40:14.000000000 +0200
709 #include <linux/mm.h>
710 #include <linux/pagemap.h>
711 #include <linux/swap.h>
712 +#include <linux/vs_memory.h>
714 #include <asm/processor.h>
715 #include <asm/pgalloc.h>
716 #include <asm/tlbflush.h>
717 diff -NurpP --minimal linux-3.0-rc5/arch/s390/include/asm/unistd.h linux-3.0-rc5-vs2.3.1-pre3/arch/s390/include/asm/unistd.h
718 --- linux-3.0-rc5/arch/s390/include/asm/unistd.h 2011-07-01 11:13:45.000000000 +0200
719 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/s390/include/asm/unistd.h 2011-06-10 22:11:24.000000000 +0200
721 #define __NR_clock_gettime (__NR_timer_create+6)
722 #define __NR_clock_getres (__NR_timer_create+7)
723 #define __NR_clock_nanosleep (__NR_timer_create+8)
724 -/* Number 263 is reserved for vserver */
725 +#define __NR_vserver 263
726 #define __NR_statfs64 265
727 #define __NR_fstatfs64 266
728 #define __NR_remap_file_pages 267
729 diff -NurpP --minimal linux-3.0-rc5/arch/s390/kernel/ptrace.c linux-3.0-rc5-vs2.3.1-pre3/arch/s390/kernel/ptrace.c
730 --- linux-3.0-rc5/arch/s390/kernel/ptrace.c 2011-03-15 18:06:45.000000000 +0100
731 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/s390/kernel/ptrace.c 2011-06-10 22:11:24.000000000 +0200
733 #include <linux/regset.h>
734 #include <linux/tracehook.h>
735 #include <linux/seccomp.h>
736 +#include <linux/vs_base.h>
737 #include <trace/syscall.h>
738 #include <asm/compat.h>
739 #include <asm/segment.h>
740 diff -NurpP --minimal linux-3.0-rc5/arch/s390/kernel/syscalls.S linux-3.0-rc5-vs2.3.1-pre3/arch/s390/kernel/syscalls.S
741 --- linux-3.0-rc5/arch/s390/kernel/syscalls.S 2011-07-01 11:13:45.000000000 +0200
742 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/s390/kernel/syscalls.S 2011-06-10 22:11:24.000000000 +0200
743 @@ -271,7 +271,7 @@ SYSCALL(sys_clock_settime,sys_clock_sett
744 SYSCALL(sys_clock_gettime,sys_clock_gettime,sys32_clock_gettime_wrapper) /* 260 */
745 SYSCALL(sys_clock_getres,sys_clock_getres,sys32_clock_getres_wrapper)
746 SYSCALL(sys_clock_nanosleep,sys_clock_nanosleep,sys32_clock_nanosleep_wrapper)
747 -NI_SYSCALL /* reserved for vserver */
748 +SYSCALL(sys_vserver,sys_vserver,sys32_vserver)
749 SYSCALL(sys_s390_fadvise64_64,sys_ni_syscall,sys32_fadvise64_64_wrapper)
750 SYSCALL(sys_statfs64,sys_statfs64,compat_sys_statfs64_wrapper)
751 SYSCALL(sys_fstatfs64,sys_fstatfs64,compat_sys_fstatfs64_wrapper)
752 diff -NurpP --minimal linux-3.0-rc5/arch/sh/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/sh/Kconfig
753 --- linux-3.0-rc5/arch/sh/Kconfig 2011-07-01 11:13:45.000000000 +0200
754 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sh/Kconfig 2011-06-10 22:11:24.000000000 +0200
755 @@ -888,6 +888,8 @@ source "fs/Kconfig"
757 source "arch/sh/Kconfig.debug"
759 +source "kernel/vserver/Kconfig"
761 source "security/Kconfig"
763 source "crypto/Kconfig"
764 diff -NurpP --minimal linux-3.0-rc5/arch/sh/kernel/irq.c linux-3.0-rc5-vs2.3.1-pre3/arch/sh/kernel/irq.c
765 --- linux-3.0-rc5/arch/sh/kernel/irq.c 2011-05-22 16:17:07.000000000 +0200
766 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sh/kernel/irq.c 2011-06-10 22:11:24.000000000 +0200
768 #include <linux/seq_file.h>
769 #include <linux/ftrace.h>
770 #include <linux/delay.h>
771 +// #include <linux/vs_context.h>
772 #include <linux/ratelimit.h>
773 #include <asm/processor.h>
774 #include <asm/machvec.h>
775 diff -NurpP --minimal linux-3.0-rc5/arch/sh/kernel/vsyscall/vsyscall.c linux-3.0-rc5-vs2.3.1-pre3/arch/sh/kernel/vsyscall/vsyscall.c
776 --- linux-3.0-rc5/arch/sh/kernel/vsyscall/vsyscall.c 2011-05-22 16:17:07.000000000 +0200
777 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sh/kernel/vsyscall/vsyscall.c 2011-06-10 22:11:24.000000000 +0200
779 #include <linux/elf.h>
780 #include <linux/sched.h>
781 #include <linux/err.h>
782 +#include <linux/vs_memory.h>
785 * Should the kernel map a VDSO page into processes and pass its
786 diff -NurpP --minimal linux-3.0-rc5/arch/sparc/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/Kconfig
787 --- linux-3.0-rc5/arch/sparc/Kconfig 2011-07-01 11:13:46.000000000 +0200
788 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/Kconfig 2011-06-15 02:40:14.000000000 +0200
789 @@ -601,6 +601,8 @@ source "fs/Kconfig"
791 source "arch/sparc/Kconfig.debug"
793 +source "kernel/vserver/Kconfig"
795 source "security/Kconfig"
797 source "crypto/Kconfig"
798 diff -NurpP --minimal linux-3.0-rc5/arch/sparc/include/asm/tlb_64.h linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/include/asm/tlb_64.h
799 --- linux-3.0-rc5/arch/sparc/include/asm/tlb_64.h 2011-07-01 11:13:46.000000000 +0200
800 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/include/asm/tlb_64.h 2011-06-10 22:11:24.000000000 +0200
803 #include <linux/swap.h>
804 #include <linux/pagemap.h>
805 +#include <linux/vs_memory.h>
806 #include <asm/pgalloc.h>
807 #include <asm/tlbflush.h>
808 #include <asm/mmu_context.h>
809 diff -NurpP --minimal linux-3.0-rc5/arch/sparc/include/asm/unistd.h linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/include/asm/unistd.h
810 --- linux-3.0-rc5/arch/sparc/include/asm/unistd.h 2011-07-01 11:13:46.000000000 +0200
811 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/include/asm/unistd.h 2011-06-10 22:11:24.000000000 +0200
813 #define __NR_timer_getoverrun 264
814 #define __NR_timer_delete 265
815 #define __NR_timer_create 266
816 -/* #define __NR_vserver 267 Reserved for VSERVER */
817 +#define __NR_vserver 267
818 #define __NR_io_setup 268
819 #define __NR_io_destroy 269
820 #define __NR_io_submit 270
821 diff -NurpP --minimal linux-3.0-rc5/arch/sparc/kernel/systbls_32.S linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/kernel/systbls_32.S
822 --- linux-3.0-rc5/arch/sparc/kernel/systbls_32.S 2011-07-01 11:13:46.000000000 +0200
823 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/kernel/systbls_32.S 2011-06-10 22:11:24.000000000 +0200
824 @@ -70,7 +70,7 @@ sys_call_table:
825 /*250*/ .long sys_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nfsservctl
826 /*255*/ .long sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
827 /*260*/ .long sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
828 -/*265*/ .long sys_timer_delete, sys_timer_create, sys_nis_syscall, sys_io_setup, sys_io_destroy
829 +/*265*/ .long sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
830 /*270*/ .long sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
831 /*275*/ .long sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
832 /*280*/ .long sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
833 diff -NurpP --minimal linux-3.0-rc5/arch/sparc/kernel/systbls_64.S linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/kernel/systbls_64.S
834 --- linux-3.0-rc5/arch/sparc/kernel/systbls_64.S 2011-07-01 11:13:46.000000000 +0200
835 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/sparc/kernel/systbls_64.S 2011-06-10 22:11:24.000000000 +0200
836 @@ -71,7 +71,7 @@ sys_call_table32:
837 /*250*/ .word sys_mremap, compat_sys_sysctl, sys32_getsid, sys_fdatasync, sys32_nfsservctl
838 .word sys32_sync_file_range, compat_sys_clock_settime, compat_sys_clock_gettime, compat_sys_clock_getres, sys32_clock_nanosleep
839 /*260*/ .word compat_sys_sched_getaffinity, compat_sys_sched_setaffinity, sys32_timer_settime, compat_sys_timer_gettime, sys_timer_getoverrun
840 - .word sys_timer_delete, compat_sys_timer_create, sys_ni_syscall, compat_sys_io_setup, sys_io_destroy
841 + .word sys_timer_delete, compat_sys_timer_create, sys32_vserver, compat_sys_io_setup, sys_io_destroy
842 /*270*/ .word sys32_io_submit, sys_io_cancel, compat_sys_io_getevents, sys32_mq_open, sys_mq_unlink
843 .word compat_sys_mq_timedsend, compat_sys_mq_timedreceive, compat_sys_mq_notify, compat_sys_mq_getsetattr, compat_sys_waitid
844 /*280*/ .word sys32_tee, sys_add_key, sys_request_key, sys_keyctl, compat_sys_openat
845 @@ -148,7 +148,7 @@ sys_call_table:
846 /*250*/ .word sys_64_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nfsservctl
847 .word sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
848 /*260*/ .word sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
849 - .word sys_timer_delete, sys_timer_create, sys_ni_syscall, sys_io_setup, sys_io_destroy
850 + .word sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
851 /*270*/ .word sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
852 .word sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
853 /*280*/ .word sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
854 diff -NurpP --minimal linux-3.0-rc5/arch/um/Kconfig.rest linux-3.0-rc5-vs2.3.1-pre3/arch/um/Kconfig.rest
855 --- linux-3.0-rc5/arch/um/Kconfig.rest 2009-06-11 17:12:19.000000000 +0200
856 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/um/Kconfig.rest 2011-06-10 22:11:24.000000000 +0200
857 @@ -18,6 +18,8 @@ source "drivers/connector/Kconfig"
861 +source "kernel/vserver/Kconfig"
863 source "security/Kconfig"
865 source "crypto/Kconfig"
866 diff -NurpP --minimal linux-3.0-rc5/arch/um/include/asm/tlb.h linux-3.0-rc5-vs2.3.1-pre3/arch/um/include/asm/tlb.h
867 --- linux-3.0-rc5/arch/um/include/asm/tlb.h 2011-07-01 11:13:46.000000000 +0200
868 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/um/include/asm/tlb.h 2011-06-10 22:11:24.000000000 +0200
871 #include <linux/pagemap.h>
872 #include <linux/swap.h>
873 +#include <linux/vs_memory.h>
874 #include <asm/percpu.h>
875 #include <asm/pgalloc.h>
876 #include <asm/tlbflush.h>
877 diff -NurpP --minimal linux-3.0-rc5/arch/um/include/shared/kern_constants.h linux-3.0-rc5-vs2.3.1-pre3/arch/um/include/shared/kern_constants.h
878 --- linux-3.0-rc5/arch/um/include/shared/kern_constants.h 1970-01-01 01:00:00.000000000 +0100
879 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/um/include/shared/kern_constants.h 2011-06-10 22:11:24.000000000 +0200
881 +#include "../../../../include/generated/asm-offsets.h"
882 diff -NurpP --minimal linux-3.0-rc5/arch/um/include/shared/user_constants.h linux-3.0-rc5-vs2.3.1-pre3/arch/um/include/shared/user_constants.h
883 --- linux-3.0-rc5/arch/um/include/shared/user_constants.h 1970-01-01 01:00:00.000000000 +0100
884 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/um/include/shared/user_constants.h 2011-06-10 22:11:24.000000000 +0200
889 + * This file was generated by arch/um/Makefile
893 +#define HOST_SC_CR2 176 /* offsetof(struct sigcontext, cr2) # */
894 +#define HOST_SC_ERR 152 /* offsetof(struct sigcontext, err) # */
895 +#define HOST_SC_TRAPNO 160 /* offsetof(struct sigcontext, trapno) # */
896 +#define HOST_FP_SIZE 64 /* sizeof(struct _fpstate) / sizeof(unsigned long) # */
897 +#define HOST_RBX 5 /* RBX # */
898 +#define HOST_RCX 11 /* RCX # */
899 +#define HOST_RDI 14 /* RDI # */
900 +#define HOST_RSI 13 /* RSI # */
901 +#define HOST_RDX 12 /* RDX # */
902 +#define HOST_RBP 4 /* RBP # */
903 +#define HOST_RAX 10 /* RAX # */
904 +#define HOST_R8 9 /* R8 # */
905 +#define HOST_R9 8 /* R9 # */
906 +#define HOST_R10 7 /* R10 # */
907 +#define HOST_R11 6 /* R11 # */
908 +#define HOST_R12 3 /* R12 # */
909 +#define HOST_R13 2 /* R13 # */
910 +#define HOST_R14 1 /* R14 # */
911 +#define HOST_R15 0 /* R15 # */
912 +#define HOST_ORIG_RAX 15 /* ORIG_RAX # */
913 +#define HOST_CS 17 /* CS # */
914 +#define HOST_SS 20 /* SS # */
915 +#define HOST_EFLAGS 18 /* EFLAGS # */
916 +#define HOST_IP 16 /* RIP # */
917 +#define HOST_SP 19 /* RSP # */
918 +#define UM_FRAME_SIZE 216 /* sizeof(struct user_regs_struct) # */
919 +#define UM_POLLIN 1 /* POLLIN # */
920 +#define UM_POLLPRI 2 /* POLLPRI # */
921 +#define UM_POLLOUT 4 /* POLLOUT # */
922 +#define UM_PROT_READ 1 /* PROT_READ # */
923 +#define UM_PROT_WRITE 2 /* PROT_WRITE # */
924 +#define UM_PROT_EXEC 4 /* PROT_EXEC # */
926 diff -NurpP --minimal linux-3.0-rc5/arch/x86/Kconfig linux-3.0-rc5-vs2.3.1-pre3/arch/x86/Kconfig
927 --- linux-3.0-rc5/arch/x86/Kconfig 2011-07-01 11:13:47.000000000 +0200
928 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/x86/Kconfig 2011-06-10 22:11:24.000000000 +0200
929 @@ -2159,6 +2159,8 @@ source "fs/Kconfig"
931 source "arch/x86/Kconfig.debug"
933 +source "kernel/vserver/Kconfig"
935 source "security/Kconfig"
937 source "crypto/Kconfig"
938 diff -NurpP --minimal linux-3.0-rc5/arch/x86/ia32/ia32entry.S linux-3.0-rc5-vs2.3.1-pre3/arch/x86/ia32/ia32entry.S
939 --- linux-3.0-rc5/arch/x86/ia32/ia32entry.S 2011-07-01 11:13:47.000000000 +0200
940 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/x86/ia32/ia32entry.S 2011-06-10 22:11:24.000000000 +0200
941 @@ -776,7 +776,7 @@ ia32_sys_call_table:
942 .quad sys_tgkill /* 270 */
943 .quad compat_sys_utimes
944 .quad sys32_fadvise64_64
945 - .quad quiet_ni_syscall /* sys_vserver */
946 + .quad sys32_vserver
948 .quad compat_sys_get_mempolicy /* 275 */
949 .quad sys_set_mempolicy
950 diff -NurpP --minimal linux-3.0-rc5/arch/x86/include/asm/unistd_64.h linux-3.0-rc5-vs2.3.1-pre3/arch/x86/include/asm/unistd_64.h
951 --- linux-3.0-rc5/arch/x86/include/asm/unistd_64.h 2011-07-01 11:13:47.000000000 +0200
952 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/x86/include/asm/unistd_64.h 2011-06-10 22:11:24.000000000 +0200
953 @@ -535,7 +535,7 @@ __SYSCALL(__NR_tgkill, sys_tgkill)
954 #define __NR_utimes 235
955 __SYSCALL(__NR_utimes, sys_utimes)
956 #define __NR_vserver 236
957 -__SYSCALL(__NR_vserver, sys_ni_syscall)
958 +__SYSCALL(__NR_vserver, sys_vserver)
959 #define __NR_mbind 237
960 __SYSCALL(__NR_mbind, sys_mbind)
961 #define __NR_set_mempolicy 238
962 diff -NurpP --minimal linux-3.0-rc5/arch/x86/kernel/syscall_table_32.S linux-3.0-rc5-vs2.3.1-pre3/arch/x86/kernel/syscall_table_32.S
963 --- linux-3.0-rc5/arch/x86/kernel/syscall_table_32.S 2011-07-01 11:13:48.000000000 +0200
964 +++ linux-3.0-rc5-vs2.3.1-pre3/arch/x86/kernel/syscall_table_32.S 2011-06-10 22:11:24.000000000 +0200
965 @@ -272,7 +272,7 @@ ENTRY(sys_call_table)
966 .long sys_tgkill /* 270 */
968 .long sys_fadvise64_64
969 - .long sys_ni_syscall /* sys_vserver */
972 .long sys_get_mempolicy
973 .long sys_set_mempolicy
974 diff -NurpP --minimal linux-3.0-rc5/block/genhd.c linux-3.0-rc5-vs2.3.1-pre3/block/genhd.c
975 --- linux-3.0-rc5/block/genhd.c 2011-07-01 11:13:48.000000000 +0200
976 +++ linux-3.0-rc5-vs2.3.1-pre3/block/genhd.c 2011-07-01 11:35:34.000000000 +0200
977 @@ -1154,17 +1154,17 @@ static int diskstats_show(struct seq_fil
978 cpu = part_stat_lock();
979 part_round_stats(cpu, hd);
981 - seq_printf(seqf, "%4d %7d %s %lu %lu %llu "
982 - "%u %lu %lu %llu %u %u %u %u\n",
983 + seq_printf(seqf, "%4d %7d %s %lu %lu %lu "
984 + "%u %lu %lu %lu %u %u %u %u\n",
985 MAJOR(part_devt(hd)), MINOR(part_devt(hd)),
986 disk_name(gp, hd->partno, buf),
987 part_stat_read(hd, ios[READ]),
988 part_stat_read(hd, merges[READ]),
989 - (unsigned long long)part_stat_read(hd, sectors[READ]),
990 + part_stat_read(hd, sectors[READ]),
991 jiffies_to_msecs(part_stat_read(hd, ticks[READ])),
992 part_stat_read(hd, ios[WRITE]),
993 part_stat_read(hd, merges[WRITE]),
994 - (unsigned long long)part_stat_read(hd, sectors[WRITE]),
995 + part_stat_read(hd, sectors[WRITE]),
996 jiffies_to_msecs(part_stat_read(hd, ticks[WRITE])),
998 jiffies_to_msecs(part_stat_read(hd, io_ticks)),
999 diff -NurpP --minimal linux-3.0-rc5/drivers/block/Kconfig linux-3.0-rc5-vs2.3.1-pre3/drivers/block/Kconfig
1000 --- linux-3.0-rc5/drivers/block/Kconfig 2011-07-01 11:13:50.000000000 +0200
1001 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/block/Kconfig 2011-06-10 22:11:24.000000000 +0200
1002 @@ -273,6 +273,13 @@ config BLK_DEV_CRYPTOLOOP
1004 source "drivers/block/drbd/Kconfig"
1006 +config BLK_DEV_VROOT
1007 + tristate "Virtual Root device support"
1008 + depends on QUOTACTL
1010 + Saying Y here will allow you to use quota/fs ioctls on a shared
1011 + partition within a virtual server without compromising security.
1014 tristate "Network block device support"
1016 diff -NurpP --minimal linux-3.0-rc5/drivers/block/Makefile linux-3.0-rc5-vs2.3.1-pre3/drivers/block/Makefile
1017 --- linux-3.0-rc5/drivers/block/Makefile 2011-07-01 11:13:50.000000000 +0200
1018 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/block/Makefile 2011-06-10 22:11:24.000000000 +0200
1019 @@ -34,6 +34,7 @@ obj-$(CONFIG_VIODASD) += viodasd.o
1020 obj-$(CONFIG_BLK_DEV_SX8) += sx8.o
1021 obj-$(CONFIG_BLK_DEV_UB) += ub.o
1022 obj-$(CONFIG_BLK_DEV_HD) += hd.o
1023 +obj-$(CONFIG_BLK_DEV_VROOT) += vroot.o
1025 obj-$(CONFIG_XEN_BLKDEV_FRONTEND) += xen-blkfront.o
1026 obj-$(CONFIG_XEN_BLKDEV_BACKEND) += xen-blkback/
1027 diff -NurpP --minimal linux-3.0-rc5/drivers/block/loop.c linux-3.0-rc5-vs2.3.1-pre3/drivers/block/loop.c
1028 --- linux-3.0-rc5/drivers/block/loop.c 2011-07-01 11:13:50.000000000 +0200
1029 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/block/loop.c 2011-06-10 22:11:24.000000000 +0200
1031 #include <linux/kthread.h>
1032 #include <linux/splice.h>
1033 #include <linux/sysfs.h>
1034 +#include <linux/vs_context.h>
1036 #include <asm/uaccess.h>
1038 @@ -891,6 +892,7 @@ static int loop_set_fd(struct loop_devic
1039 lo->lo_blocksize = lo_blocksize;
1040 lo->lo_device = bdev;
1041 lo->lo_flags = lo_flags;
1042 + lo->lo_xid = vx_current_xid();
1043 lo->lo_backing_file = file;
1044 lo->transfer = transfer_none;
1046 @@ -1019,6 +1021,7 @@ static int loop_clr_fd(struct loop_devic
1047 lo->lo_encrypt_key_size = 0;
1049 lo->lo_thread = NULL;
1051 memset(lo->lo_encrypt_key, 0, LO_KEY_SIZE);
1052 memset(lo->lo_crypt_name, 0, LO_NAME_SIZE);
1053 memset(lo->lo_file_name, 0, LO_NAME_SIZE);
1054 @@ -1057,7 +1060,7 @@ loop_set_status(struct loop_device *lo,
1056 if (lo->lo_encrypt_key_size &&
1057 lo->lo_key_owner != uid &&
1058 - !capable(CAP_SYS_ADMIN))
1059 + !vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP))
1061 if (lo->lo_state != Lo_bound)
1063 @@ -1141,7 +1144,8 @@ loop_get_status(struct loop_device *lo,
1064 memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE);
1065 info->lo_encrypt_type =
1066 lo->lo_encryption ? lo->lo_encryption->number : 0;
1067 - if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) {
1068 + if (lo->lo_encrypt_key_size &&
1069 + vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP)) {
1070 info->lo_encrypt_key_size = lo->lo_encrypt_key_size;
1071 memcpy(info->lo_encrypt_key, lo->lo_encrypt_key,
1072 lo->lo_encrypt_key_size);
1073 @@ -1487,6 +1491,9 @@ static int lo_open(struct block_device *
1075 struct loop_device *lo = bdev->bd_disk->private_data;
1077 + if (!vx_check(lo->lo_xid, VS_IDENT|VS_HOSTID|VS_ADMIN_P))
1080 mutex_lock(&lo->lo_ctl_mutex);
1082 mutex_unlock(&lo->lo_ctl_mutex);
1083 diff -NurpP --minimal linux-3.0-rc5/drivers/block/vroot.c linux-3.0-rc5-vs2.3.1-pre3/drivers/block/vroot.c
1084 --- linux-3.0-rc5/drivers/block/vroot.c 1970-01-01 01:00:00.000000000 +0100
1085 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/block/vroot.c 2011-06-10 22:11:24.000000000 +0200
1088 + * linux/drivers/block/vroot.c
1090 + * written by Herbert Pötzl, 9/11/2002
1091 + * ported to 2.6.10 by Herbert Pötzl, 30/12/2004
1093 + * based on the loop.c code by Theodore Ts'o.
1095 + * Copyright (C) 2002-2007 by Herbert Pötzl.
1096 + * Redistribution of this file is permitted under the
1097 + * GNU General Public License.
1101 +#include <linux/module.h>
1102 +#include <linux/moduleparam.h>
1103 +#include <linux/file.h>
1104 +#include <linux/major.h>
1105 +#include <linux/blkdev.h>
1106 +#include <linux/slab.h>
1108 +#include <linux/vroot.h>
1109 +#include <linux/vs_context.h>
1112 +static int max_vroot = 8;
1114 +static struct vroot_device *vroot_dev;
1115 +static struct gendisk **disks;
1118 +static int vroot_set_dev(
1119 + struct vroot_device *vr,
1120 + struct block_device *bdev,
1123 + struct block_device *real_bdev;
1124 + struct file *file;
1125 + struct inode *inode;
1129 + if (vr->vr_state != Vr_unbound)
1138 + inode = file->f_dentry->d_inode;
1141 + if (S_ISBLK(inode->i_mode)) {
1142 + real_bdev = inode->i_bdev;
1143 + vr->vr_device = real_bdev;
1144 + __iget(real_bdev->bd_inode);
1148 + vxdprintk(VXD_CBIT(misc, 0),
1149 + "vroot[%d]_set_dev: dev=" VXF_DEV,
1150 + vr->vr_number, VXD_DEV(real_bdev));
1152 + vr->vr_state = Vr_bound;
1161 +static int vroot_clr_dev(
1162 + struct vroot_device *vr,
1163 + struct block_device *bdev)
1165 + struct block_device *real_bdev;
1167 + if (vr->vr_state != Vr_bound)
1169 + if (vr->vr_refcnt > 1) /* we needed one fd for the ioctl */
1172 + real_bdev = vr->vr_device;
1174 + vxdprintk(VXD_CBIT(misc, 0),
1175 + "vroot[%d]_clr_dev: dev=" VXF_DEV,
1176 + vr->vr_number, VXD_DEV(real_bdev));
1179 + vr->vr_state = Vr_unbound;
1180 + vr->vr_device = NULL;
1185 +static int vr_ioctl(struct block_device *bdev, fmode_t mode,
1186 + unsigned int cmd, unsigned long arg)
1188 + struct vroot_device *vr = bdev->bd_disk->private_data;
1191 + down(&vr->vr_ctl_mutex);
1193 + case VROOT_SET_DEV:
1194 + err = vroot_set_dev(vr, bdev, arg);
1196 + case VROOT_CLR_DEV:
1197 + err = vroot_clr_dev(vr, bdev);
1203 + up(&vr->vr_ctl_mutex);
1207 +static int vr_open(struct block_device *bdev, fmode_t mode)
1209 + struct vroot_device *vr = bdev->bd_disk->private_data;
1211 + down(&vr->vr_ctl_mutex);
1213 + up(&vr->vr_ctl_mutex);
1217 +static int vr_release(struct gendisk *disk, fmode_t mode)
1219 + struct vroot_device *vr = disk->private_data;
1221 + down(&vr->vr_ctl_mutex);
1223 + up(&vr->vr_ctl_mutex);
1227 +static struct block_device_operations vr_fops = {
1228 + .owner = THIS_MODULE,
1230 + .release = vr_release,
1231 + .ioctl = vr_ioctl,
1234 +static int vroot_make_request(struct request_queue *q, struct bio *bio)
1236 + printk("vroot_make_request %p, %p\n", q, bio);
1237 + bio_io_error(bio);
1241 +struct block_device *__vroot_get_real_bdev(struct block_device *bdev)
1243 + struct inode *inode = bdev->bd_inode;
1244 + struct vroot_device *vr;
1245 + struct block_device *real_bdev;
1246 + int minor = iminor(inode);
1248 + vr = &vroot_dev[minor];
1249 + real_bdev = vr->vr_device;
1251 + vxdprintk(VXD_CBIT(misc, 0),
1252 + "vroot[%d]_get_real_bdev: dev=" VXF_DEV,
1253 + vr->vr_number, VXD_DEV(real_bdev));
1255 + if (vr->vr_state != Vr_bound)
1256 + return ERR_PTR(-ENXIO);
1258 + __iget(real_bdev->bd_inode);
1265 + * And now the modules code and kernel interface.
1268 +module_param(max_vroot, int, 0);
1270 +MODULE_PARM_DESC(max_vroot, "Maximum number of vroot devices (1-256)");
1271 +MODULE_LICENSE("GPL");
1272 +MODULE_ALIAS_BLOCKDEV_MAJOR(VROOT_MAJOR);
1274 +MODULE_AUTHOR ("Herbert Pötzl");
1275 +MODULE_DESCRIPTION ("Virtual Root Device Mapper");
1278 +int __init vroot_init(void)
1282 + if (max_vroot < 1 || max_vroot > 256) {
1283 + max_vroot = MAX_VROOT_DEFAULT;
1284 + printk(KERN_WARNING "vroot: invalid max_vroot "
1285 + "(must be between 1 and 256), "
1286 + "using default (%d)\n", max_vroot);
1289 + if (register_blkdev(VROOT_MAJOR, "vroot"))
1293 + vroot_dev = kmalloc(max_vroot * sizeof(struct vroot_device), GFP_KERNEL);
1296 + memset(vroot_dev, 0, max_vroot * sizeof(struct vroot_device));
1298 + disks = kmalloc(max_vroot * sizeof(struct gendisk *), GFP_KERNEL);
1302 + for (i = 0; i < max_vroot; i++) {
1303 + disks[i] = alloc_disk(1);
1306 + disks[i]->queue = blk_alloc_queue(GFP_KERNEL);
1307 + if (!disks[i]->queue)
1309 + blk_queue_make_request(disks[i]->queue, vroot_make_request);
1312 + for (i = 0; i < max_vroot; i++) {
1313 + struct vroot_device *vr = &vroot_dev[i];
1314 + struct gendisk *disk = disks[i];
1316 + memset(vr, 0, sizeof(*vr));
1317 + sema_init(&vr->vr_ctl_mutex, 1);
1318 + vr->vr_number = i;
1319 + disk->major = VROOT_MAJOR;
1320 + disk->first_minor = i;
1321 + disk->fops = &vr_fops;
1322 + sprintf(disk->disk_name, "vroot%d", i);
1323 + disk->private_data = vr;
1326 + err = register_vroot_grb(&__vroot_get_real_bdev);
1330 + for (i = 0; i < max_vroot; i++)
1331 + add_disk(disks[i]);
1332 + printk(KERN_INFO "vroot: loaded (max %d devices)\n", max_vroot);
1337 + put_disk(disks[i]);
1342 + unregister_blkdev(VROOT_MAJOR, "vroot");
1343 + printk(KERN_ERR "vroot: ran out of memory\n");
1347 +void vroot_exit(void)
1351 + if (unregister_vroot_grb(&__vroot_get_real_bdev))
1352 + printk(KERN_WARNING "vroot: cannot unregister grb\n");
1354 + for (i = 0; i < max_vroot; i++) {
1355 + del_gendisk(disks[i]);
1356 + put_disk(disks[i]);
1358 + unregister_blkdev(VROOT_MAJOR, "vroot");
1364 +module_init(vroot_init);
1365 +module_exit(vroot_exit);
1369 +static int __init max_vroot_setup(char *str)
1371 + max_vroot = simple_strtol(str, NULL, 0);
1375 +__setup("max_vroot=", max_vroot_setup);
1379 diff -NurpP --minimal linux-3.0-rc5/drivers/gpu/drm/radeon/r100_reg_safe.h linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r100_reg_safe.h
1380 --- linux-3.0-rc5/drivers/gpu/drm/radeon/r100_reg_safe.h 1970-01-01 01:00:00.000000000 +0100
1381 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r100_reg_safe.h 2011-06-10 22:11:24.000000000 +0200
1383 +static const unsigned r100_reg_safe_bm[102] = {
1384 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1385 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1386 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1387 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1388 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1389 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1390 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1391 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1392 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1393 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1394 + 0x17FF1FFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFF30FFBF,
1395 + 0xFFFFFFF8, 0xC3E6FFFF, 0xFFFFF6DF, 0xFFFFFFFF,
1396 + 0xFFFFFFCF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1397 + 0xFFFFFF9F, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1398 + 0x38E7FE1F, 0xFFC3FF8E, 0x7FF8FFFF, 0xFFFF803C,
1399 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1400 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFEFFFF, 0xFFFFFFFF,
1401 + 0x00000000, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF,
1402 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1403 + 0xFFFFFFFF, 0xFFFCFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1404 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1405 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1406 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1407 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1408 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1409 + 0xFFFFFFFF, 0xFFFFFFEF,
1411 diff -NurpP --minimal linux-3.0-rc5/drivers/gpu/drm/radeon/r200_reg_safe.h linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r200_reg_safe.h
1412 --- linux-3.0-rc5/drivers/gpu/drm/radeon/r200_reg_safe.h 1970-01-01 01:00:00.000000000 +0100
1413 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r200_reg_safe.h 2011-06-10 22:11:24.000000000 +0200
1415 +static const unsigned r200_reg_safe_bm[102] = {
1416 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1417 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1418 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1419 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1420 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1421 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1422 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1423 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1424 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1425 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1426 + 0x17FF1FFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFF30FFBF,
1427 + 0xFFFFFFF8, 0xC3E6FFFF, 0xFFFFF6DF, 0xFFFFFFFF,
1428 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1429 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1430 + 0xFFE7FE1F, 0xF003FFFF, 0x7EFFFFFF, 0xFFFF803C,
1431 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1432 + 0xFFFFFFFF, 0xFFFFEFCE, 0xFFFEFFFF, 0xFFFFFFFE,
1433 + 0x020E0FF0, 0xFFCC83FD, 0xFFFFFFFF, 0xFFFFFFFF,
1434 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1435 + 0xFFFBFFFF, 0xEFFCFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1436 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1437 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1438 + 0xDFDFDFDF, 0x3FFDDFDF, 0xFFFFFFFF, 0xFFFFFF7F,
1439 + 0xFFFFFFFF, 0x00FFFFFF, 0x00000000, 0x00000000,
1440 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1441 + 0xFFFFFE3F, 0xFFFFFFEF,
1443 diff -NurpP --minimal linux-3.0-rc5/drivers/gpu/drm/radeon/r300_reg_safe.h linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r300_reg_safe.h
1444 --- linux-3.0-rc5/drivers/gpu/drm/radeon/r300_reg_safe.h 1970-01-01 01:00:00.000000000 +0100
1445 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r300_reg_safe.h 2011-06-10 22:11:24.000000000 +0200
1447 +static const unsigned r300_reg_safe_bm[159] = {
1448 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1449 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1450 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1451 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1452 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1453 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1454 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1455 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1456 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1457 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1458 + 0x17FF1FFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFF30FFBF,
1459 + 0xFFFFFFF8, 0xC3E6FFFF, 0xFFFFF6DF, 0xFFFFFFFF,
1460 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1461 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1462 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFF03F,
1463 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1464 + 0xFFFFFFFF, 0xFFFFEFCE, 0xF00EBFFF, 0x007C0000,
1465 + 0xF0000078, 0xFF000009, 0xFFFFFFFF, 0xFFFFFFFF,
1466 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1467 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1468 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1469 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1470 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1471 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1472 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1473 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1474 + 0xFFFFF7FF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1475 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1476 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1477 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1478 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1479 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1480 + 0xFFFFFC78, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
1481 + 0x38FF8F50, 0xFFF88082, 0xF000000C, 0xFAE009FF,
1482 + 0x0000FFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000,
1483 + 0x00000000, 0x0000C100, 0x00000000, 0x00000000,
1484 + 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1485 + 0x00000000, 0xFFFF0000, 0xFFFFFFFF, 0xFF80FFFF,
1486 + 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1487 + 0x0003FC01, 0xFFFFFCF8, 0xFF800B19,
1489 diff -NurpP --minimal linux-3.0-rc5/drivers/gpu/drm/radeon/r420_reg_safe.h linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r420_reg_safe.h
1490 --- linux-3.0-rc5/drivers/gpu/drm/radeon/r420_reg_safe.h 1970-01-01 01:00:00.000000000 +0100
1491 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/r420_reg_safe.h 2011-06-10 22:11:24.000000000 +0200
1493 +static const unsigned r420_reg_safe_bm[159] = {
1494 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1495 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1496 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1497 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1498 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1499 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1500 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1501 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1502 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1503 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1504 + 0x17FF1FFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFF30FFBF,
1505 + 0xFFFFFFF8, 0xC3E6FFFF, 0xFFFFF6DF, 0xFFFFFFFF,
1506 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1507 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1508 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFF03F,
1509 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1510 + 0xFFFFFFFF, 0xFFFFEFCE, 0xF00EBFFF, 0x007C0000,
1511 + 0xF0000078, 0xFF000009, 0xFFFFFFFF, 0xFFFFFFFF,
1512 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1513 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1514 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1515 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1516 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1517 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1518 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1519 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1520 + 0xFFFFF7FF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1521 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1522 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1523 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1524 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1525 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1526 + 0xFFFFFC78, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
1527 + 0x38FF8F50, 0xFFF88082, 0xF000000C, 0xFAE009FF,
1528 + 0x0000FFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000,
1529 + 0x00000000, 0x00000100, 0x00000000, 0x00000000,
1530 + 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1531 + 0x00000000, 0x00000000, 0x00000000, 0xFF800000,
1532 + 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1533 + 0x0003FC01, 0xFFFFFCF8, 0xFF800B19,
1535 diff -NurpP --minimal linux-3.0-rc5/drivers/gpu/drm/radeon/rn50_reg_safe.h linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/rn50_reg_safe.h
1536 --- linux-3.0-rc5/drivers/gpu/drm/radeon/rn50_reg_safe.h 1970-01-01 01:00:00.000000000 +0100
1537 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/rn50_reg_safe.h 2011-06-10 22:11:24.000000000 +0200
1539 +static const unsigned rn50_reg_safe_bm[102] = {
1540 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1541 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1542 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1543 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1544 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1545 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1546 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1547 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1548 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1549 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1550 + 0x17FF1FFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFF30FFBF,
1551 + 0xFFFFFFF8, 0xC3E6FFFF, 0xFFFFF6DF, 0xFFFFFFFF,
1552 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1553 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1554 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1555 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1556 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1557 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1558 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1559 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1560 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1561 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1562 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1563 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1564 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1565 + 0xFFFFFFFF, 0xFFFFFFFF,
1567 diff -NurpP --minimal linux-3.0-rc5/drivers/gpu/drm/radeon/rs600_reg_safe.h linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/rs600_reg_safe.h
1568 --- linux-3.0-rc5/drivers/gpu/drm/radeon/rs600_reg_safe.h 1970-01-01 01:00:00.000000000 +0100
1569 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/rs600_reg_safe.h 2011-06-10 22:11:24.000000000 +0200
1571 +static const unsigned rs600_reg_safe_bm[219] = {
1572 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1573 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1574 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1575 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1576 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1577 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1578 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1579 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1580 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1581 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1582 + 0x17FF1FFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFF30FFBF,
1583 + 0xFFFFFFF8, 0xC3E6FFFF, 0xFFFFF6DF, 0xFFFFFFFF,
1584 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1585 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1586 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFF03F,
1587 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1588 + 0xFFFFFFFF, 0xFFFFEFCE, 0xF00EBFFF, 0x007C0000,
1589 + 0xF0000078, 0xFF000009, 0xFFFFFFFF, 0xFFFFFFFF,
1590 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1591 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1592 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1593 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1594 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1595 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1596 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1597 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1598 + 0xFFFFF7FF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1599 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1600 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1601 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1602 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1603 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1604 + 0xFFFFFC78, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
1605 + 0x38FF8F50, 0xFFF88082, 0xF000000C, 0xFAE009FF,
1606 + 0x0000FFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000,
1607 + 0x00000000, 0x00000100, 0x00000000, 0x00000000,
1608 + 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1609 + 0x00000000, 0x00000000, 0x00000000, 0xFF800000,
1610 + 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1611 + 0x0003FC01, 0xFFFFFCF8, 0xFF800B19, 0xFFFFFFFF,
1612 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1613 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1614 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1615 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1616 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1617 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1618 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1619 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1620 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1621 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1622 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1623 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1624 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1625 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1626 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1628 diff -NurpP --minimal linux-3.0-rc5/drivers/gpu/drm/radeon/rv515_reg_safe.h linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/rv515_reg_safe.h
1629 --- linux-3.0-rc5/drivers/gpu/drm/radeon/rv515_reg_safe.h 1970-01-01 01:00:00.000000000 +0100
1630 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/gpu/drm/radeon/rv515_reg_safe.h 2011-06-10 22:11:24.000000000 +0200
1632 +static const unsigned rv515_reg_safe_bm[219] = {
1633 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1634 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1635 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1636 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1637 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1638 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1639 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1640 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1641 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1642 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1643 + 0x17FF1FFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFF30FFBF,
1644 + 0xFFFFFFF8, 0xC3E6FFFF, 0xFFFFF6DF, 0xFFFFFFFF,
1645 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1646 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1647 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFF03F,
1648 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1649 + 0xFFFFFFFF, 0xFFFFEFCE, 0xF00EBFFF, 0x007C0000,
1650 + 0xF0000038, 0xFF000009, 0xFFFFFFFF, 0xFFFFFFFF,
1651 + 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF,
1652 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1653 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1654 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1655 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1656 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1657 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1658 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1659 + 0xFFFFF7FF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1660 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1661 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1662 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1663 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1664 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1665 + 0x1FFFF878, 0xFFFFE000, 0xFFFFFE1E, 0xFFFFFFFF,
1666 + 0x388F8F50, 0xFFF88082, 0xFF0000FC, 0xFAE009FF,
1667 + 0x0000FFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000,
1668 + 0xFFFF8CFC, 0xFFFFC1FF, 0xFFFFFFFF, 0xFFFFFFFF,
1669 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1670 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFF80FFFF,
1671 + 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1672 + 0x0003FC01, 0x3FFFFCF8, 0xFF800B19, 0xFFDFFFFF,
1673 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1674 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1675 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1676 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1677 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1678 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1679 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1680 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1681 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1682 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1683 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1684 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1685 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1686 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1687 + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
1689 diff -NurpP --minimal linux-3.0-rc5/drivers/infiniband/core/addr.c linux-3.0-rc5-vs2.3.1-pre3/drivers/infiniband/core/addr.c
1690 --- linux-3.0-rc5/drivers/infiniband/core/addr.c 2011-07-01 11:13:52.000000000 +0200
1691 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/infiniband/core/addr.c 2011-06-16 14:16:51.000000000 +0200
1692 @@ -252,7 +252,7 @@ static int addr6_resolve(struct sockaddr
1694 if (ipv6_addr_any(&fl6.saddr)) {
1695 ret = ipv6_dev_get_saddr(&init_net, ip6_dst_idev(dst)->dev,
1696 - &fl6.daddr, 0, &fl6.saddr);
1697 + &fl6.daddr, 0, &fl6.saddr, NULL);
1701 diff -NurpP --minimal linux-3.0-rc5/drivers/infiniband/hw/ipath/ipath_user_pages.c linux-3.0-rc5-vs2.3.1-pre3/drivers/infiniband/hw/ipath/ipath_user_pages.c
1702 --- linux-3.0-rc5/drivers/infiniband/hw/ipath/ipath_user_pages.c 2011-05-22 16:17:16.000000000 +0200
1703 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/infiniband/hw/ipath/ipath_user_pages.c 2011-06-10 22:11:24.000000000 +0200
1705 #include <linux/device.h>
1706 #include <linux/slab.h>
1707 #include <linux/sched.h>
1708 +#include <linux/vs_memory.h>
1710 #include "ipath_kernel.h"
1712 diff -NurpP --minimal linux-3.0-rc5/drivers/md/dm-ioctl.c linux-3.0-rc5-vs2.3.1-pre3/drivers/md/dm-ioctl.c
1713 --- linux-3.0-rc5/drivers/md/dm-ioctl.c 2011-05-22 16:17:18.000000000 +0200
1714 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/md/dm-ioctl.c 2011-06-10 22:11:24.000000000 +0200
1716 #include <linux/dm-ioctl.h>
1717 #include <linux/hdreg.h>
1718 #include <linux/compat.h>
1719 +#include <linux/vs_context.h>
1721 #include <asm/uaccess.h>
1723 @@ -106,7 +107,8 @@ static struct hash_cell *__get_name_cell
1724 unsigned int h = hash_str(str);
1726 list_for_each_entry (hc, _name_buckets + h, name_list)
1727 - if (!strcmp(hc->name, str)) {
1728 + if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
1729 + !strcmp(hc->name, str)) {
1733 @@ -120,7 +122,8 @@ static struct hash_cell *__get_uuid_cell
1734 unsigned int h = hash_str(str);
1736 list_for_each_entry (hc, _uuid_buckets + h, uuid_list)
1737 - if (!strcmp(hc->uuid, str)) {
1738 + if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
1739 + !strcmp(hc->uuid, str)) {
1743 @@ -427,6 +430,9 @@ typedef int (*ioctl_fn)(struct dm_ioctl
1745 static int remove_all(struct dm_ioctl *param, size_t param_size)
1747 + if (!vx_check(0, VS_ADMIN))
1750 dm_hash_remove_all(1);
1751 param->data_size = 0;
1753 @@ -474,6 +480,8 @@ static int list_devices(struct dm_ioctl
1755 for (i = 0; i < NUM_BUCKETS; i++) {
1756 list_for_each_entry (hc, _name_buckets + i, name_list) {
1757 + if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
1759 needed += sizeof(struct dm_name_list);
1760 needed += strlen(hc->name) + 1;
1761 needed += ALIGN_MASK;
1762 @@ -497,6 +505,8 @@ static int list_devices(struct dm_ioctl
1764 for (i = 0; i < NUM_BUCKETS; i++) {
1765 list_for_each_entry (hc, _name_buckets + i, name_list) {
1766 + if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
1769 old_nl->next = (uint32_t) ((void *) nl -
1771 @@ -731,10 +741,11 @@ static struct hash_cell *__find_device_h
1775 - mdptr = dm_get_mdptr(md);
1776 + if (vx_check(dm_get_xid(md), VS_WATCH_P | VS_IDENT))
1777 + mdptr = dm_get_mdptr(md);
1785 @@ -1577,8 +1588,8 @@ static int ctl_ioctl(uint command, struc
1787 size_t input_param_size;
1789 - /* only root can play with this */
1790 - if (!capable(CAP_SYS_ADMIN))
1791 + /* only root and certain contexts can play with this */
1792 + if (!vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_MAPPER))
1795 if (_IOC_TYPE(command) != DM_IOCTL)
1796 diff -NurpP --minimal linux-3.0-rc5/drivers/md/dm.c linux-3.0-rc5-vs2.3.1-pre3/drivers/md/dm.c
1797 --- linux-3.0-rc5/drivers/md/dm.c 2011-05-22 16:17:18.000000000 +0200
1798 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/md/dm.c 2011-06-10 22:11:24.000000000 +0200
1800 #include <linux/idr.h>
1801 #include <linux/hdreg.h>
1802 #include <linux/delay.h>
1803 +#include <linux/vs_base.h>
1805 #include <trace/events/block.h>
1807 @@ -119,6 +120,7 @@ struct mapped_device {
1810 atomic_t open_count;
1813 unsigned long flags;
1815 @@ -326,6 +328,7 @@ int dm_deleting_md(struct mapped_device
1816 static int dm_blk_open(struct block_device *bdev, fmode_t mode)
1818 struct mapped_device *md;
1821 spin_lock(&_minor_lock);
1823 @@ -334,18 +337,19 @@ static int dm_blk_open(struct block_devi
1826 if (test_bit(DMF_FREEING, &md->flags) ||
1827 - dm_deleting_md(md)) {
1829 + dm_deleting_md(md))
1833 + if (!vx_check(md->xid, VS_IDENT|VS_HOSTID))
1838 atomic_inc(&md->open_count);
1842 spin_unlock(&_minor_lock);
1844 - return md ? 0 : -ENXIO;
1848 static int dm_blk_close(struct gendisk *disk, fmode_t mode)
1849 @@ -566,6 +570,14 @@ int dm_set_geometry(struct mapped_device
1854 + * Get the xid associated with a dm device
1856 +xid_t dm_get_xid(struct mapped_device *md)
1861 /*-----------------------------------------------------------------
1863 * A more elegant soln is in the works that uses the queue
1864 @@ -1841,6 +1853,7 @@ static struct mapped_device *alloc_dev(i
1865 INIT_LIST_HEAD(&md->uevent_list);
1866 spin_lock_init(&md->uevent_lock);
1868 + md->xid = vx_current_xid();
1869 md->queue = blk_alloc_queue(GFP_KERNEL);
1872 diff -NurpP --minimal linux-3.0-rc5/drivers/md/dm.h linux-3.0-rc5-vs2.3.1-pre3/drivers/md/dm.h
1873 --- linux-3.0-rc5/drivers/md/dm.h 2011-05-22 16:17:18.000000000 +0200
1874 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/md/dm.h 2011-06-10 22:11:24.000000000 +0200
1875 @@ -41,6 +41,8 @@ struct dm_dev_internal {
1877 struct dm_md_mempools;
1879 +xid_t dm_get_xid(struct mapped_device *md);
1881 /*-----------------------------------------------------------------
1882 * Internal table functions.
1883 *---------------------------------------------------------------*/
1884 diff -NurpP --minimal linux-3.0-rc5/drivers/net/tun.c linux-3.0-rc5-vs2.3.1-pre3/drivers/net/tun.c
1885 --- linux-3.0-rc5/drivers/net/tun.c 2011-07-01 11:14:01.000000000 +0200
1886 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/net/tun.c 2011-06-22 12:39:14.000000000 +0200
1888 #include <linux/nsproxy.h>
1889 #include <linux/virtio_net.h>
1890 #include <linux/rcupdate.h>
1891 +#include <linux/vs_network.h>
1892 #include <net/net_namespace.h>
1893 #include <net/netns/generic.h>
1894 #include <net/rtnetlink.h>
1895 @@ -121,6 +122,7 @@ struct tun_struct {
1901 struct net_device *dev;
1903 @@ -904,6 +906,7 @@ static void tun_setup(struct net_device
1907 + tun->nid = current->nid;
1909 dev->ethtool_ops = &tun_ethtool_ops;
1910 dev->destructor = tun_free_netdev;
1911 @@ -1054,7 +1057,7 @@ static int tun_set_iff(struct net *net,
1913 if (((tun->owner != -1 && cred->euid != tun->owner) ||
1914 (tun->group != -1 && !in_egroup_p(tun->group))) &&
1915 - !capable(CAP_NET_ADMIN))
1916 + !cap_raised(current_cap(), CAP_NET_ADMIN))
1918 err = security_tun_dev_attach(tun->socket.sk);
1920 @@ -1068,7 +1071,7 @@ static int tun_set_iff(struct net *net,
1922 unsigned long flags = 0;
1924 - if (!capable(CAP_NET_ADMIN))
1925 + if (!nx_capable(CAP_NET_ADMIN, NXC_TUN_CREATE))
1927 err = security_tun_dev_create();
1929 @@ -1136,6 +1139,9 @@ static int tun_set_iff(struct net *net,
1931 sk->sk_destruct = tun_sock_destruct;
1933 + if (!nx_check(tun->nid, VS_IDENT | VS_HOSTID | VS_ADMIN_P))
1936 err = tun_attach(tun, file);
1939 @@ -1317,6 +1323,16 @@ static long __tun_chr_ioctl(struct file
1940 tun_debug(KERN_INFO, tun, "group set to %d\n", tun->group);
1944 + if (!capable(CAP_CONTEXT))
1947 + /* Set nid owner of the device */
1948 + tun->nid = (nid_t) arg;
1950 + tun_debug(KERN_INFO, tun, "nid owner set to %u\n", tun->nid);
1954 /* Only allow setting the type when the interface is down */
1955 if (tun->dev->flags & IFF_UP) {
1956 diff -NurpP --minimal linux-3.0-rc5/drivers/tty/sysrq.c linux-3.0-rc5-vs2.3.1-pre3/drivers/tty/sysrq.c
1957 --- linux-3.0-rc5/drivers/tty/sysrq.c 2011-05-22 16:17:44.000000000 +0200
1958 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/tty/sysrq.c 2011-06-10 22:11:24.000000000 +0200
1960 #include <linux/oom.h>
1961 #include <linux/slab.h>
1962 #include <linux/input.h>
1963 +#include <linux/vserver/debug.h>
1965 #include <asm/ptrace.h>
1966 #include <asm/irq_regs.h>
1967 @@ -395,6 +396,21 @@ static struct sysrq_key_op sysrq_unrt_op
1968 .enable_mask = SYSRQ_ENABLE_RTNICE,
1972 +#ifdef CONFIG_VSERVER_DEBUG
1973 +static void sysrq_handle_vxinfo(int key)
1975 + dump_vx_info_inactive((key == 'x') ? 0 : 1);
1978 +static struct sysrq_key_op sysrq_showvxinfo_op = {
1979 + .handler = sysrq_handle_vxinfo,
1980 + .help_msg = "conteXt",
1981 + .action_msg = "Show Context Info",
1982 + .enable_mask = SYSRQ_ENABLE_DUMP,
1986 /* Key Operations table and lock */
1987 static DEFINE_SPINLOCK(sysrq_key_table_lock);
1989 @@ -449,7 +465,11 @@ static struct sysrq_key_op *sysrq_key_ta
1991 &sysrq_showstate_blocked_op, /* w */
1992 /* x: May be registered on ppc/powerpc for xmon */
1993 +#ifdef CONFIG_VSERVER_DEBUG
1994 + &sysrq_showvxinfo_op, /* x */
1998 /* y: May be registered on sparc64 for global register dump */
2000 &sysrq_ftrace_dump_op, /* z */
2001 @@ -464,6 +484,8 @@ static int sysrq_key_table_key2index(int
2003 else if ((key >= 'a') && (key <= 'z'))
2004 retval = key + 10 - 'a';
2005 + else if ((key >= 'A') && (key <= 'Z'))
2006 + retval = key + 10 - 'A';
2010 diff -NurpP --minimal linux-3.0-rc5/drivers/tty/tty_io.c linux-3.0-rc5-vs2.3.1-pre3/drivers/tty/tty_io.c
2011 --- linux-3.0-rc5/drivers/tty/tty_io.c 2011-07-01 11:14:14.000000000 +0200
2012 +++ linux-3.0-rc5-vs2.3.1-pre3/drivers/tty/tty_io.c 2011-06-10 22:11:24.000000000 +0200
2015 #include <linux/kmod.h>
2016 #include <linux/nsproxy.h>
2017 +#include <linux/vs_pid.h>
2019 #undef TTY_DEBUG_HANGUP
2021 @@ -2057,7 +2058,8 @@ static int tiocsti(struct tty_struct *tt
2023 struct tty_ldisc *ld;
2025 - if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2026 + if (((current->signal->tty != tty) &&
2027 + !vx_capable(CAP_SYS_ADMIN, VXC_TIOCSTI)))
2029 if (get_user(ch, p))
2031 @@ -2345,6 +2347,7 @@ static int tiocspgrp(struct tty_struct *
2033 if (get_user(pgrp_nr, p))
2035 + pgrp_nr = vx_rmap_pid(pgrp_nr);
2039 diff -NurpP --minimal linux-3.0-rc5/fs/attr.c linux-3.0-rc5-vs2.3.1-pre3/fs/attr.c
2040 --- linux-3.0-rc5/fs/attr.c 2011-07-01 11:14:16.000000000 +0200
2041 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/attr.c 2011-06-10 22:11:24.000000000 +0200
2043 #include <linux/fsnotify.h>
2044 #include <linux/fcntl.h>
2045 #include <linux/security.h>
2046 +#include <linux/proc_fs.h>
2047 +#include <linux/devpts_fs.h>
2048 +#include <linux/vs_tag.h>
2051 * inode_change_ok - check if attribute changes to an inode are allowed
2052 @@ -73,6 +76,10 @@ int inode_change_ok(const struct inode *
2056 + /* check for inode tag permission */
2057 + if (dx_permission(inode, MAY_WRITE))
2062 EXPORT_SYMBOL(inode_change_ok);
2063 @@ -143,6 +150,8 @@ void setattr_copy(struct inode *inode, c
2064 inode->i_uid = attr->ia_uid;
2065 if (ia_valid & ATTR_GID)
2066 inode->i_gid = attr->ia_gid;
2067 + if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode))
2068 + inode->i_tag = attr->ia_tag;
2069 if (ia_valid & ATTR_ATIME)
2070 inode->i_atime = timespec_trunc(attr->ia_atime,
2071 inode->i_sb->s_time_gran);
2072 @@ -170,7 +179,8 @@ int notify_change(struct dentry * dentry
2073 struct timespec now;
2074 unsigned int ia_valid = attr->ia_valid;
2076 - if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_TIMES_SET)) {
2077 + if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID |
2078 + ATTR_TAG | ATTR_TIMES_SET)) {
2079 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
2082 diff -NurpP --minimal linux-3.0-rc5/fs/binfmt_aout.c linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_aout.c
2083 --- linux-3.0-rc5/fs/binfmt_aout.c 2010-10-21 13:07:47.000000000 +0200
2084 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_aout.c 2011-06-10 22:11:24.000000000 +0200
2086 #include <linux/init.h>
2087 #include <linux/coredump.h>
2088 #include <linux/slab.h>
2089 +#include <linux/vs_memory.h>
2091 #include <asm/system.h>
2092 #include <asm/uaccess.h>
2093 diff -NurpP --minimal linux-3.0-rc5/fs/binfmt_elf.c linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_elf.c
2094 --- linux-3.0-rc5/fs/binfmt_elf.c 2011-05-22 16:17:48.000000000 +0200
2095 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_elf.c 2011-06-10 22:11:24.000000000 +0200
2097 #include <linux/elf.h>
2098 #include <linux/utsname.h>
2099 #include <linux/coredump.h>
2100 +#include <linux/vs_memory.h>
2101 #include <asm/uaccess.h>
2102 #include <asm/param.h>
2103 #include <asm/page.h>
2104 diff -NurpP --minimal linux-3.0-rc5/fs/binfmt_flat.c linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_flat.c
2105 --- linux-3.0-rc5/fs/binfmt_flat.c 2011-07-01 11:14:16.000000000 +0200
2106 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_flat.c 2011-06-10 22:11:24.000000000 +0200
2108 #include <linux/init.h>
2109 #include <linux/flat.h>
2110 #include <linux/syscalls.h>
2111 +#include <linux/vs_memory.h>
2113 #include <asm/byteorder.h>
2114 #include <asm/system.h>
2115 diff -NurpP --minimal linux-3.0-rc5/fs/binfmt_som.c linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_som.c
2116 --- linux-3.0-rc5/fs/binfmt_som.c 2010-02-25 11:52:04.000000000 +0100
2117 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/binfmt_som.c 2011-06-10 22:11:24.000000000 +0200
2119 #include <linux/shm.h>
2120 #include <linux/personality.h>
2121 #include <linux/init.h>
2122 +#include <linux/vs_memory.h>
2124 #include <asm/uaccess.h>
2125 #include <asm/pgtable.h>
2126 diff -NurpP --minimal linux-3.0-rc5/fs/block_dev.c linux-3.0-rc5-vs2.3.1-pre3/fs/block_dev.c
2127 --- linux-3.0-rc5/fs/block_dev.c 2011-07-01 11:14:16.000000000 +0200
2128 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/block_dev.c 2011-07-01 11:35:34.000000000 +0200
2130 #include <linux/namei.h>
2131 #include <linux/log2.h>
2132 #include <linux/kmemleak.h>
2133 +#include <linux/vs_device.h>
2134 #include <asm/uaccess.h>
2135 #include "internal.h"
2137 @@ -553,6 +554,7 @@ struct block_device *bdget(dev_t dev)
2138 bdev->bd_invalidated = 0;
2139 inode->i_mode = S_IFBLK;
2140 inode->i_rdev = dev;
2141 + inode->i_mdev = dev;
2142 inode->i_bdev = bdev;
2143 inode->i_data.a_ops = &def_blk_aops;
2144 mapping_set_gfp_mask(&inode->i_data, GFP_USER);
2145 @@ -599,6 +601,11 @@ EXPORT_SYMBOL(bdput);
2146 static struct block_device *bd_acquire(struct inode *inode)
2148 struct block_device *bdev;
2151 + if (!vs_map_blkdev(inode->i_rdev, &mdev, DATTR_OPEN))
2153 + inode->i_mdev = mdev;
2155 spin_lock(&bdev_lock);
2156 bdev = inode->i_bdev;
2157 @@ -609,7 +616,7 @@ static struct block_device *bd_acquire(s
2159 spin_unlock(&bdev_lock);
2161 - bdev = bdget(inode->i_rdev);
2162 + bdev = bdget(mdev);
2164 spin_lock(&bdev_lock);
2165 if (!inode->i_bdev) {
2166 diff -NurpP --minimal linux-3.0-rc5/fs/btrfs/ctree.h linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/ctree.h
2167 --- linux-3.0-rc5/fs/btrfs/ctree.h 2011-07-01 11:14:16.000000000 +0200
2168 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/ctree.h 2011-07-01 11:35:34.000000000 +0200
2169 @@ -600,11 +600,14 @@ struct btrfs_inode_item {
2170 /* modification sequence number for NFS */
2175 * a little future expansion, for more than this we can
2176 * just grow the inode item and version it
2178 - __le64 reserved[4];
2179 + __le16 reserved16;
2180 + __le32 reserved32;
2181 + __le64 reserved[3];
2182 struct btrfs_timespec atime;
2183 struct btrfs_timespec ctime;
2184 struct btrfs_timespec mtime;
2185 @@ -1354,6 +1357,8 @@ struct btrfs_ioctl_defrag_range_args {
2186 #define BTRFS_MOUNT_AUTO_DEFRAG (1 << 16)
2187 #define BTRFS_MOUNT_INODE_MAP_CACHE (1 << 17)
2189 +#define BTRFS_MOUNT_TAGGED (1 << 24)
2191 #define btrfs_clear_opt(o, opt) ((o) &= ~BTRFS_MOUNT_##opt)
2192 #define btrfs_set_opt(o, opt) ((o) |= BTRFS_MOUNT_##opt)
2193 #define btrfs_test_opt(root, opt) ((root)->fs_info->mount_opt & \
2194 @@ -1563,6 +1568,7 @@ BTRFS_SETGET_FUNCS(inode_block_group, st
2195 BTRFS_SETGET_FUNCS(inode_nlink, struct btrfs_inode_item, nlink, 32);
2196 BTRFS_SETGET_FUNCS(inode_uid, struct btrfs_inode_item, uid, 32);
2197 BTRFS_SETGET_FUNCS(inode_gid, struct btrfs_inode_item, gid, 32);
2198 +BTRFS_SETGET_FUNCS(inode_tag, struct btrfs_inode_item, tag, 16);
2199 BTRFS_SETGET_FUNCS(inode_mode, struct btrfs_inode_item, mode, 32);
2200 BTRFS_SETGET_FUNCS(inode_rdev, struct btrfs_inode_item, rdev, 64);
2201 BTRFS_SETGET_FUNCS(inode_flags, struct btrfs_inode_item, flags, 64);
2202 @@ -1616,6 +1622,10 @@ BTRFS_SETGET_FUNCS(extent_flags, struct
2204 BTRFS_SETGET_FUNCS(extent_refs_v0, struct btrfs_extent_item_v0, refs, 32);
2206 +#define BTRFS_INODE_IXUNLINK (1 << 24)
2207 +#define BTRFS_INODE_BARRIER (1 << 25)
2208 +#define BTRFS_INODE_COW (1 << 26)
2211 BTRFS_SETGET_FUNCS(tree_block_level, struct btrfs_tree_block_info, level, 8);
2213 @@ -2590,6 +2600,7 @@ extern const struct dentry_operations bt
2214 long btrfs_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
2215 void btrfs_update_iflags(struct inode *inode);
2216 void btrfs_inherit_iflags(struct inode *inode, struct inode *dir);
2217 +int btrfs_sync_flags(struct inode *inode, int, int);
2218 int btrfs_defrag_file(struct inode *inode, struct file *file,
2219 struct btrfs_ioctl_defrag_range_args *range,
2220 u64 newer_than, unsigned long max_pages);
2221 diff -NurpP --minimal linux-3.0-rc5/fs/btrfs/disk-io.c linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/disk-io.c
2222 --- linux-3.0-rc5/fs/btrfs/disk-io.c 2011-07-01 11:14:16.000000000 +0200
2223 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/disk-io.c 2011-06-22 12:39:15.000000000 +0200
2224 @@ -1765,6 +1765,9 @@ struct btrfs_root *open_ctree(struct sup
2228 + if (btrfs_test_opt(tree_root, TAGGED))
2229 + sb->s_flags |= MS_TAGGED;
2231 features = btrfs_super_incompat_flags(disk_super) &
2232 ~BTRFS_FEATURE_INCOMPAT_SUPP;
2234 diff -NurpP --minimal linux-3.0-rc5/fs/btrfs/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/inode.c
2235 --- linux-3.0-rc5/fs/btrfs/inode.c 2011-07-01 11:14:17.000000000 +0200
2236 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/inode.c 2011-07-01 11:35:34.000000000 +0200
2238 #include <linux/falloc.h>
2239 #include <linux/slab.h>
2240 #include <linux/ratelimit.h>
2241 +#include <linux/vs_tag.h>
2244 #include "disk-io.h"
2245 @@ -2508,6 +2509,8 @@ static void btrfs_read_locked_inode(stru
2246 struct btrfs_key location;
2252 bool filled = false;
2254 @@ -2540,8 +2543,13 @@ static void btrfs_read_locked_inode(stru
2256 inode->i_mode = btrfs_inode_mode(leaf, inode_item);
2257 inode->i_nlink = btrfs_inode_nlink(leaf, inode_item);
2258 - inode->i_uid = btrfs_inode_uid(leaf, inode_item);
2259 - inode->i_gid = btrfs_inode_gid(leaf, inode_item);
2261 + uid = btrfs_inode_uid(leaf, inode_item);
2262 + gid = btrfs_inode_gid(leaf, inode_item);
2263 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
2264 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
2265 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
2266 + btrfs_inode_tag(leaf, inode_item));
2267 btrfs_i_size_write(inode, btrfs_inode_size(leaf, inode_item));
2269 tspec = btrfs_inode_atime(inode_item);
2270 @@ -2624,6 +2632,9 @@ static void fill_inode_item(struct btrfs
2271 struct btrfs_inode_item *item,
2272 struct inode *inode)
2274 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
2275 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
2277 if (!leaf->map_token)
2278 map_private_extent_buffer(leaf, (unsigned long)item,
2279 sizeof(struct btrfs_inode_item),
2280 @@ -2631,8 +2642,11 @@ static void fill_inode_item(struct btrfs
2281 &leaf->map_start, &leaf->map_len,
2284 - btrfs_set_inode_uid(leaf, item, inode->i_uid);
2285 - btrfs_set_inode_gid(leaf, item, inode->i_gid);
2286 + btrfs_set_inode_uid(leaf, item, uid);
2287 + btrfs_set_inode_gid(leaf, item, gid);
2288 +#ifdef CONFIG_TAGGING_INTERN
2289 + btrfs_set_inode_tag(leaf, item, inode->i_tag);
2291 btrfs_set_inode_size(leaf, item, BTRFS_I(inode)->disk_i_size);
2292 btrfs_set_inode_mode(leaf, item, inode->i_mode);
2293 btrfs_set_inode_nlink(leaf, item, inode->i_nlink);
2294 @@ -7357,6 +7371,7 @@ static const struct inode_operations btr
2295 .listxattr = btrfs_listxattr,
2296 .removexattr = btrfs_removexattr,
2297 .permission = btrfs_permission,
2298 + .sync_flags = btrfs_sync_flags,
2300 static const struct inode_operations btrfs_dir_ro_inode_operations = {
2301 .lookup = btrfs_lookup,
2302 @@ -7429,6 +7444,7 @@ static const struct inode_operations btr
2303 .removexattr = btrfs_removexattr,
2304 .permission = btrfs_permission,
2305 .fiemap = btrfs_fiemap,
2306 + .sync_flags = btrfs_sync_flags,
2308 static const struct inode_operations btrfs_special_inode_operations = {
2309 .getattr = btrfs_getattr,
2310 diff -NurpP --minimal linux-3.0-rc5/fs/btrfs/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/ioctl.c
2311 --- linux-3.0-rc5/fs/btrfs/ioctl.c 2011-07-01 11:14:17.000000000 +0200
2312 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/ioctl.c 2011-06-22 12:39:15.000000000 +0200
2313 @@ -70,10 +70,13 @@ static unsigned int btrfs_flags_to_ioctl
2315 unsigned int iflags = 0;
2317 - if (flags & BTRFS_INODE_SYNC)
2318 - iflags |= FS_SYNC_FL;
2319 if (flags & BTRFS_INODE_IMMUTABLE)
2320 iflags |= FS_IMMUTABLE_FL;
2321 + if (flags & BTRFS_INODE_IXUNLINK)
2322 + iflags |= FS_IXUNLINK_FL;
2324 + if (flags & BTRFS_INODE_SYNC)
2325 + iflags |= FS_SYNC_FL;
2326 if (flags & BTRFS_INODE_APPEND)
2327 iflags |= FS_APPEND_FL;
2328 if (flags & BTRFS_INODE_NODUMP)
2329 @@ -90,28 +93,78 @@ static unsigned int btrfs_flags_to_ioctl
2330 else if (flags & BTRFS_INODE_NOCOMPRESS)
2331 iflags |= FS_NOCOMP_FL;
2333 + if (flags & BTRFS_INODE_BARRIER)
2334 + iflags |= FS_BARRIER_FL;
2335 + if (flags & BTRFS_INODE_COW)
2336 + iflags |= FS_COW_FL;
2341 - * Update inode->i_flags based on the btrfs internal flags.
2342 + * Update inode->i_(v)flags based on the btrfs internal flags.
2344 void btrfs_update_iflags(struct inode *inode)
2346 struct btrfs_inode *ip = BTRFS_I(inode);
2348 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
2349 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
2350 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
2352 - if (ip->flags & BTRFS_INODE_SYNC)
2353 - inode->i_flags |= S_SYNC;
2354 if (ip->flags & BTRFS_INODE_IMMUTABLE)
2355 inode->i_flags |= S_IMMUTABLE;
2356 + if (ip->flags & BTRFS_INODE_IXUNLINK)
2357 + inode->i_flags |= S_IXUNLINK;
2359 + if (ip->flags & BTRFS_INODE_SYNC)
2360 + inode->i_flags |= S_SYNC;
2361 if (ip->flags & BTRFS_INODE_APPEND)
2362 inode->i_flags |= S_APPEND;
2363 if (ip->flags & BTRFS_INODE_NOATIME)
2364 inode->i_flags |= S_NOATIME;
2365 if (ip->flags & BTRFS_INODE_DIRSYNC)
2366 inode->i_flags |= S_DIRSYNC;
2368 + inode->i_vflags &= ~(V_BARRIER | V_COW);
2370 + if (ip->flags & BTRFS_INODE_BARRIER)
2371 + inode->i_vflags |= V_BARRIER;
2372 + if (ip->flags & BTRFS_INODE_COW)
2373 + inode->i_vflags |= V_COW;
2377 + * Update btrfs internal flags from inode->i_(v)flags.
2379 +void btrfs_update_flags(struct inode *inode)
2381 + struct btrfs_inode *ip = BTRFS_I(inode);
2383 + unsigned int flags = inode->i_flags;
2384 + unsigned int vflags = inode->i_vflags;
2386 + ip->flags &= ~(BTRFS_INODE_SYNC | BTRFS_INODE_APPEND |
2387 + BTRFS_INODE_IMMUTABLE | BTRFS_INODE_IXUNLINK |
2388 + BTRFS_INODE_NOATIME | BTRFS_INODE_DIRSYNC |
2389 + BTRFS_INODE_BARRIER | BTRFS_INODE_COW);
2391 + if (flags & S_IMMUTABLE)
2392 + ip->flags |= BTRFS_INODE_IMMUTABLE;
2393 + if (flags & S_IXUNLINK)
2394 + ip->flags |= BTRFS_INODE_IXUNLINK;
2396 + if (flags & S_SYNC)
2397 + ip->flags |= BTRFS_INODE_SYNC;
2398 + if (flags & S_APPEND)
2399 + ip->flags |= BTRFS_INODE_APPEND;
2400 + if (flags & S_NOATIME)
2401 + ip->flags |= BTRFS_INODE_NOATIME;
2402 + if (flags & S_DIRSYNC)
2403 + ip->flags |= BTRFS_INODE_DIRSYNC;
2405 + if (vflags & V_BARRIER)
2406 + ip->flags |= BTRFS_INODE_BARRIER;
2407 + if (vflags & V_COW)
2408 + ip->flags |= BTRFS_INODE_COW;
2412 @@ -129,7 +182,7 @@ void btrfs_inherit_iflags(struct inode *
2413 flags = BTRFS_I(dir)->flags;
2415 if (S_ISREG(inode->i_mode))
2416 - flags &= ~BTRFS_INODE_DIRSYNC;
2417 + flags &= ~(BTRFS_INODE_DIRSYNC | BTRFS_INODE_BARRIER);
2418 else if (!S_ISDIR(inode->i_mode))
2419 flags &= (BTRFS_INODE_NODUMP | BTRFS_INODE_NOATIME);
2421 @@ -137,6 +190,30 @@ void btrfs_inherit_iflags(struct inode *
2422 btrfs_update_iflags(inode);
2425 +int btrfs_sync_flags(struct inode *inode, int flags, int vflags)
2427 + struct btrfs_inode *ip = BTRFS_I(inode);
2428 + struct btrfs_root *root = ip->root;
2429 + struct btrfs_trans_handle *trans;
2432 + trans = btrfs_join_transaction(root);
2435 + inode->i_flags = flags;
2436 + inode->i_vflags = vflags;
2437 + btrfs_update_flags(inode);
2439 + ret = btrfs_update_inode(trans, root, inode);
2442 + btrfs_update_iflags(inode);
2443 + inode->i_ctime = CURRENT_TIME;
2444 + btrfs_end_transaction(trans, root);
2449 static int btrfs_ioctl_getflags(struct file *file, void __user *arg)
2451 struct btrfs_inode *ip = BTRFS_I(file->f_path.dentry->d_inode);
2452 @@ -188,7 +265,8 @@ static int btrfs_ioctl_setflags(struct f
2454 flags = btrfs_mask_flags(inode->i_mode, flags);
2455 oldflags = btrfs_flags_to_ioctl(ip->flags);
2456 - if ((flags ^ oldflags) & (FS_APPEND_FL | FS_IMMUTABLE_FL)) {
2457 + if ((flags ^ oldflags) & (FS_APPEND_FL |
2458 + FS_IMMUTABLE_FL | FS_IXUNLINK_FL)) {
2459 if (!capable(CAP_LINUX_IMMUTABLE)) {
2462 @@ -199,14 +277,19 @@ static int btrfs_ioctl_setflags(struct f
2466 - if (flags & FS_SYNC_FL)
2467 - ip->flags |= BTRFS_INODE_SYNC;
2469 - ip->flags &= ~BTRFS_INODE_SYNC;
2470 if (flags & FS_IMMUTABLE_FL)
2471 ip->flags |= BTRFS_INODE_IMMUTABLE;
2473 ip->flags &= ~BTRFS_INODE_IMMUTABLE;
2474 + if (flags & FS_IXUNLINK_FL)
2475 + ip->flags |= BTRFS_INODE_IXUNLINK;
2477 + ip->flags &= ~BTRFS_INODE_IXUNLINK;
2479 + if (flags & FS_SYNC_FL)
2480 + ip->flags |= BTRFS_INODE_SYNC;
2482 + ip->flags &= ~BTRFS_INODE_SYNC;
2483 if (flags & FS_APPEND_FL)
2484 ip->flags |= BTRFS_INODE_APPEND;
2486 diff -NurpP --minimal linux-3.0-rc5/fs/btrfs/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/super.c
2487 --- linux-3.0-rc5/fs/btrfs/super.c 2011-07-01 11:14:17.000000000 +0200
2488 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/btrfs/super.c 2011-06-15 02:40:14.000000000 +0200
2489 @@ -162,7 +162,7 @@ enum {
2490 Opt_notreelog, Opt_ratio, Opt_flushoncommit, Opt_discard,
2491 Opt_space_cache, Opt_clear_cache, Opt_user_subvol_rm_allowed,
2492 Opt_enospc_debug, Opt_subvolrootid, Opt_defrag,
2493 - Opt_inode_cache, Opt_err,
2494 + Opt_inode_cache, Opt_tag, Opt_notag, Opt_tagid, Opt_err,
2497 static match_table_t tokens = {
2498 @@ -195,6 +195,9 @@ static match_table_t tokens = {
2499 {Opt_subvolrootid, "subvolrootid=%d"},
2500 {Opt_defrag, "autodefrag"},
2501 {Opt_inode_cache, "inode_cache"},
2503 + {Opt_notag, "notag"},
2504 + {Opt_tagid, "tagid=%u"},
2508 @@ -381,6 +384,22 @@ int btrfs_parse_options(struct btrfs_roo
2509 printk(KERN_INFO "btrfs: enabling auto defrag");
2510 btrfs_set_opt(info->mount_opt, AUTO_DEFRAG);
2512 +#ifndef CONFIG_TAGGING_NONE
2514 + printk(KERN_INFO "btrfs: use tagging\n");
2515 + btrfs_set_opt(info->mount_opt, TAGGED);
2518 + printk(KERN_INFO "btrfs: disabled tagging\n");
2519 + btrfs_clear_opt(info->mount_opt, TAGGED);
2522 +#ifdef CONFIG_PROPAGATE
2525 + btrfs_set_opt(info->mount_opt, TAGGED);
2529 printk(KERN_INFO "btrfs: unrecognized mount option "
2531 @@ -901,6 +920,12 @@ static int btrfs_remount(struct super_bl
2535 + if (btrfs_test_opt(root, TAGGED) && !(sb->s_flags & MS_TAGGED)) {
2536 + printk("btrfs: %s: tagging not permitted on remount.\n",
2541 if ((*flags & MS_RDONLY) == (sb->s_flags & MS_RDONLY))
2544 diff -NurpP --minimal linux-3.0-rc5/fs/char_dev.c linux-3.0-rc5-vs2.3.1-pre3/fs/char_dev.c
2545 --- linux-3.0-rc5/fs/char_dev.c 2011-03-15 18:07:31.000000000 +0100
2546 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/char_dev.c 2011-06-10 22:11:24.000000000 +0200
2548 #include <linux/mutex.h>
2549 #include <linux/backing-dev.h>
2550 #include <linux/tty.h>
2551 +#include <linux/vs_context.h>
2552 +#include <linux/vs_device.h>
2554 #include "internal.h"
2556 @@ -371,14 +373,21 @@ static int chrdev_open(struct inode *ino
2558 struct cdev *new = NULL;
2562 + if (!vs_map_chrdev(inode->i_rdev, &mdev, DATTR_OPEN))
2564 + inode->i_mdev = mdev;
2566 spin_lock(&cdev_lock);
2569 struct kobject *kobj;
2572 spin_unlock(&cdev_lock);
2573 - kobj = kobj_lookup(cdev_map, inode->i_rdev, &idx);
2575 + kobj = kobj_lookup(cdev_map, mdev, &idx);
2578 new = container_of(kobj, struct cdev, kobj);
2579 diff -NurpP --minimal linux-3.0-rc5/fs/dcache.c linux-3.0-rc5-vs2.3.1-pre3/fs/dcache.c
2580 --- linux-3.0-rc5/fs/dcache.c 2011-07-01 11:14:17.000000000 +0200
2581 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/dcache.c 2011-06-10 22:35:26.000000000 +0200
2583 #include <linux/bit_spinlock.h>
2584 #include <linux/rculist_bl.h>
2585 #include <linux/prefetch.h>
2586 +#include <linux/vs_limit.h>
2587 #include "internal.h"
2590 @@ -479,6 +480,8 @@ int d_invalidate(struct dentry * dentry)
2591 spin_lock(&dentry->d_lock);
2594 + vx_dentry_dec(dentry);
2597 * Somebody else still using it?
2599 @@ -506,6 +509,7 @@ EXPORT_SYMBOL(d_invalidate);
2600 static inline void __dget_dlock(struct dentry *dentry)
2603 + vx_dentry_inc(dentry);
2606 static inline void __dget(struct dentry *dentry)
2607 @@ -1266,6 +1270,9 @@ struct dentry *d_alloc(struct dentry * p
2608 struct dentry *dentry;
2611 + if (!vx_dentry_avail(1))
2614 dentry = kmem_cache_alloc(dentry_cache, GFP_KERNEL);
2617 @@ -1288,6 +1295,7 @@ struct dentry *d_alloc(struct dentry * p
2619 dentry->d_count = 1;
2620 dentry->d_flags = 0;
2621 + vx_dentry_inc(dentry);
2622 spin_lock_init(&dentry->d_lock);
2623 seqcount_init(&dentry->d_seq);
2624 dentry->d_inode = NULL;
2625 @@ -1947,6 +1955,7 @@ struct dentry *__d_lookup(struct dentry
2629 + vx_dentry_inc(dentry);
2631 spin_unlock(&dentry->d_lock);
2633 diff -NurpP --minimal linux-3.0-rc5/fs/devpts/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/devpts/inode.c
2634 --- linux-3.0-rc5/fs/devpts/inode.c 2011-05-22 16:17:50.000000000 +0200
2635 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/devpts/inode.c 2011-06-10 22:11:24.000000000 +0200
2637 #include <linux/parser.h>
2638 #include <linux/fsnotify.h>
2639 #include <linux/seq_file.h>
2640 +#include <linux/vs_base.h>
2642 #define DEVPTS_DEFAULT_MODE 0600
2645 #define DEVPTS_DEFAULT_PTMX_MODE 0000
2646 #define PTMX_MINOR 2
2648 +static int devpts_permission(struct inode *inode, int mask, unsigned int flags)
2650 + int ret = -EACCES;
2652 + /* devpts is xid tagged */
2653 + if (vx_check((xid_t)inode->i_tag, VS_WATCH_P | VS_IDENT))
2654 + ret = generic_permission(inode, mask, flags, NULL);
2658 +static struct inode_operations devpts_file_inode_operations = {
2659 + .permission = devpts_permission,
2662 extern int pty_limit; /* Config limit on Unix98 ptys */
2663 static DEFINE_MUTEX(allocated_ptys_lock);
2665 @@ -263,6 +278,34 @@ static int devpts_show_options(struct se
2669 +static int devpts_filter(struct dentry *de)
2673 + /* devpts is xid tagged */
2674 + if (de && de->d_inode)
2675 + xid = (xid_t)de->d_inode->i_tag;
2676 +#ifdef CONFIG_VSERVER_WARN_DEVPTS
2678 + vxwprintk_task(1, "devpts " VS_Q("%.*s") " without inode.",
2679 + de->d_name.len, de->d_name.name);
2681 + return vx_check(xid, VS_WATCH_P | VS_IDENT);
2684 +static int devpts_readdir(struct file * filp, void * dirent, filldir_t filldir)
2686 + return dcache_readdir_filter(filp, dirent, filldir, devpts_filter);
2689 +static struct file_operations devpts_dir_operations = {
2690 + .open = dcache_dir_open,
2691 + .release = dcache_dir_close,
2692 + .llseek = dcache_dir_lseek,
2693 + .read = generic_read_dir,
2694 + .readdir = devpts_readdir,
2697 static const struct super_operations devpts_sops = {
2698 .statfs = simple_statfs,
2699 .remount_fs = devpts_remount,
2700 @@ -302,12 +345,15 @@ devpts_fill_super(struct super_block *s,
2701 inode = new_inode(s);
2706 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
2707 inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO | S_IWUSR;
2708 inode->i_op = &simple_dir_inode_operations;
2709 - inode->i_fop = &simple_dir_operations;
2710 + inode->i_fop = &devpts_dir_operations;
2712 + /* devpts is xid tagged */
2713 + inode->i_tag = (tag_t)vx_current_xid();
2715 s->s_root = d_alloc_root(inode);
2717 @@ -494,6 +540,9 @@ int devpts_pty_new(struct inode *ptmx_in
2718 inode->i_gid = opts->setgid ? opts->gid : current_fsgid();
2719 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
2720 init_special_inode(inode, S_IFCHR|opts->mode, device);
2721 + /* devpts is xid tagged */
2722 + inode->i_tag = (tag_t)vx_current_xid();
2723 + inode->i_op = &devpts_file_inode_operations;
2724 inode->i_private = tty;
2725 tty->driver_data = inode;
2727 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/balloc.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/balloc.c
2728 --- linux-3.0-rc5/fs/ext2/balloc.c 2011-05-22 16:17:51.000000000 +0200
2729 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/balloc.c 2011-06-10 22:11:24.000000000 +0200
2730 @@ -701,7 +701,6 @@ ext2_try_to_allocate(struct super_block
2732 end = EXT2_BLOCKS_PER_GROUP(sb);
2735 BUG_ON(start > EXT2_BLOCKS_PER_GROUP(sb));
2738 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/ext2.h linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/ext2.h
2739 --- linux-3.0-rc5/fs/ext2/ext2.h 2011-05-22 16:17:51.000000000 +0200
2740 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/ext2.h 2011-06-10 22:11:24.000000000 +0200
2741 @@ -126,6 +126,7 @@ extern void ext2_set_inode_flags(struct
2742 extern void ext2_get_inode_flags(struct ext2_inode_info *);
2743 extern int ext2_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
2744 u64 start, u64 len);
2745 +extern int ext2_sync_flags(struct inode *, int, int);
2748 extern long ext2_ioctl(struct file *, unsigned int, unsigned long);
2749 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/file.c
2750 --- linux-3.0-rc5/fs/ext2/file.c 2010-08-02 16:52:48.000000000 +0200
2751 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/file.c 2011-06-10 22:11:24.000000000 +0200
2752 @@ -104,4 +104,5 @@ const struct inode_operations ext2_file_
2753 .setattr = ext2_setattr,
2754 .check_acl = ext2_check_acl,
2755 .fiemap = ext2_fiemap,
2756 + .sync_flags = ext2_sync_flags,
2758 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/ialloc.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/ialloc.c
2759 --- linux-3.0-rc5/fs/ext2/ialloc.c 2011-05-22 16:17:51.000000000 +0200
2760 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/ialloc.c 2011-06-10 22:11:24.000000000 +0200
2762 #include <linux/backing-dev.h>
2763 #include <linux/buffer_head.h>
2764 #include <linux/random.h>
2765 +#include <linux/vs_tag.h>
2769 @@ -549,6 +550,7 @@ got:
2770 inode->i_mode = mode;
2771 inode->i_uid = current_fsuid();
2772 inode->i_gid = dir->i_gid;
2773 + inode->i_tag = dx_current_fstag(sb);
2775 inode_init_owner(inode, dir, mode);
2777 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/inode.c
2778 --- linux-3.0-rc5/fs/ext2/inode.c 2011-05-22 16:17:51.000000000 +0200
2779 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/inode.c 2011-06-10 22:11:24.000000000 +0200
2781 #include <linux/mpage.h>
2782 #include <linux/fiemap.h>
2783 #include <linux/namei.h>
2784 +#include <linux/vs_tag.h>
2788 @@ -1167,7 +1168,7 @@ static void ext2_truncate_blocks(struct
2790 if (ext2_inode_is_fast_symlink(inode))
2792 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
2793 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
2795 __ext2_truncate_blocks(inode, offset);
2797 @@ -1256,36 +1257,61 @@ void ext2_set_inode_flags(struct inode *
2799 unsigned int flags = EXT2_I(inode)->i_flags;
2801 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
2802 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
2803 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
2806 + if (flags & EXT2_IMMUTABLE_FL)
2807 + inode->i_flags |= S_IMMUTABLE;
2808 + if (flags & EXT2_IXUNLINK_FL)
2809 + inode->i_flags |= S_IXUNLINK;
2811 if (flags & EXT2_SYNC_FL)
2812 inode->i_flags |= S_SYNC;
2813 if (flags & EXT2_APPEND_FL)
2814 inode->i_flags |= S_APPEND;
2815 - if (flags & EXT2_IMMUTABLE_FL)
2816 - inode->i_flags |= S_IMMUTABLE;
2817 if (flags & EXT2_NOATIME_FL)
2818 inode->i_flags |= S_NOATIME;
2819 if (flags & EXT2_DIRSYNC_FL)
2820 inode->i_flags |= S_DIRSYNC;
2822 + inode->i_vflags &= ~(V_BARRIER | V_COW);
2824 + if (flags & EXT2_BARRIER_FL)
2825 + inode->i_vflags |= V_BARRIER;
2826 + if (flags & EXT2_COW_FL)
2827 + inode->i_vflags |= V_COW;
2830 /* Propagate flags from i_flags to EXT2_I(inode)->i_flags */
2831 void ext2_get_inode_flags(struct ext2_inode_info *ei)
2833 unsigned int flags = ei->vfs_inode.i_flags;
2834 + unsigned int vflags = ei->vfs_inode.i_vflags;
2836 + ei->i_flags &= ~(EXT2_SYNC_FL | EXT2_APPEND_FL |
2837 + EXT2_IMMUTABLE_FL | EXT2_IXUNLINK_FL |
2838 + EXT2_NOATIME_FL | EXT2_DIRSYNC_FL |
2839 + EXT2_BARRIER_FL | EXT2_COW_FL);
2841 + if (flags & S_IMMUTABLE)
2842 + ei->i_flags |= EXT2_IMMUTABLE_FL;
2843 + if (flags & S_IXUNLINK)
2844 + ei->i_flags |= EXT2_IXUNLINK_FL;
2846 - ei->i_flags &= ~(EXT2_SYNC_FL|EXT2_APPEND_FL|
2847 - EXT2_IMMUTABLE_FL|EXT2_NOATIME_FL|EXT2_DIRSYNC_FL);
2849 ei->i_flags |= EXT2_SYNC_FL;
2850 if (flags & S_APPEND)
2851 ei->i_flags |= EXT2_APPEND_FL;
2852 - if (flags & S_IMMUTABLE)
2853 - ei->i_flags |= EXT2_IMMUTABLE_FL;
2854 if (flags & S_NOATIME)
2855 ei->i_flags |= EXT2_NOATIME_FL;
2856 if (flags & S_DIRSYNC)
2857 ei->i_flags |= EXT2_DIRSYNC_FL;
2859 + if (vflags & V_BARRIER)
2860 + ei->i_flags |= EXT2_BARRIER_FL;
2861 + if (vflags & V_COW)
2862 + ei->i_flags |= EXT2_COW_FL;
2865 struct inode *ext2_iget (struct super_block *sb, unsigned long ino)
2866 @@ -1295,6 +1321,8 @@ struct inode *ext2_iget (struct super_bl
2867 struct ext2_inode *raw_inode;
2868 struct inode *inode;
2874 inode = iget_locked(sb, ino);
2875 @@ -1313,12 +1341,17 @@ struct inode *ext2_iget (struct super_bl
2878 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
2879 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
2880 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
2881 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
2882 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
2883 if (!(test_opt (inode->i_sb, NO_UID32))) {
2884 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
2885 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
2886 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
2887 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
2889 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
2890 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
2891 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
2892 + le16_to_cpu(raw_inode->i_raw_tag));
2894 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
2895 inode->i_size = le32_to_cpu(raw_inode->i_size);
2896 inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
2897 @@ -1416,8 +1449,8 @@ static int __ext2_write_inode(struct ino
2898 struct ext2_inode_info *ei = EXT2_I(inode);
2899 struct super_block *sb = inode->i_sb;
2900 ino_t ino = inode->i_ino;
2901 - uid_t uid = inode->i_uid;
2902 - gid_t gid = inode->i_gid;
2903 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
2904 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
2905 struct buffer_head * bh;
2906 struct ext2_inode * raw_inode = ext2_get_inode(sb, ino, &bh);
2908 @@ -1453,6 +1486,9 @@ static int __ext2_write_inode(struct ino
2909 raw_inode->i_uid_high = 0;
2910 raw_inode->i_gid_high = 0;
2912 +#ifdef CONFIG_TAGGING_INTERN
2913 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
2915 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
2916 raw_inode->i_size = cpu_to_le32(inode->i_size);
2917 raw_inode->i_atime = cpu_to_le32(inode->i_atime.tv_sec);
2918 @@ -1533,7 +1569,8 @@ int ext2_setattr(struct dentry *dentry,
2919 if (is_quota_modification(inode, iattr))
2920 dquot_initialize(inode);
2921 if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) ||
2922 - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) {
2923 + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) ||
2924 + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) {
2925 error = dquot_transfer(inode, iattr);
2928 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/ioctl.c
2929 --- linux-3.0-rc5/fs/ext2/ioctl.c 2011-05-22 16:17:51.000000000 +0200
2930 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/ioctl.c 2011-06-10 22:11:24.000000000 +0200
2932 #include <asm/uaccess.h>
2935 +int ext2_sync_flags(struct inode *inode, int flags, int vflags)
2937 + inode->i_flags = flags;
2938 + inode->i_vflags = vflags;
2939 + ext2_get_inode_flags(EXT2_I(inode));
2940 + inode->i_ctime = CURRENT_TIME_SEC;
2941 + mark_inode_dirty(inode);
2945 long ext2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
2947 struct inode *inode = filp->f_dentry->d_inode;
2948 @@ -51,6 +61,11 @@ long ext2_ioctl(struct file *filp, unsig
2950 flags = ext2_mask_flags(inode->i_mode, flags);
2952 + if (IS_BARRIER(inode)) {
2953 + vxwprintk_task(1, "messing with the barrier.");
2957 mutex_lock(&inode->i_mutex);
2958 /* Is it quota file? Do not allow user to mess with it */
2959 if (IS_NOQUOTA(inode)) {
2960 @@ -66,7 +81,9 @@ long ext2_ioctl(struct file *filp, unsig
2962 * This test looks nicer. Thanks to Pauline Middelink
2964 - if ((flags ^ oldflags) & (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL)) {
2965 + if ((oldflags & EXT2_IMMUTABLE_FL) ||
2966 + ((flags ^ oldflags) & (EXT2_APPEND_FL |
2967 + EXT2_IMMUTABLE_FL | EXT2_IXUNLINK_FL))) {
2968 if (!capable(CAP_LINUX_IMMUTABLE)) {
2969 mutex_unlock(&inode->i_mutex);
2971 @@ -74,7 +91,7 @@ long ext2_ioctl(struct file *filp, unsig
2975 - flags = flags & EXT2_FL_USER_MODIFIABLE;
2976 + flags &= EXT2_FL_USER_MODIFIABLE;
2977 flags |= oldflags & ~EXT2_FL_USER_MODIFIABLE;
2978 ei->i_flags = flags;
2979 mutex_unlock(&inode->i_mutex);
2980 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/namei.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/namei.c
2981 --- linux-3.0-rc5/fs/ext2/namei.c 2011-05-22 16:17:51.000000000 +0200
2982 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/namei.c 2011-06-10 22:11:24.000000000 +0200
2985 #include <linux/pagemap.h>
2986 #include <linux/quotaops.h>
2987 +#include <linux/vs_tag.h>
2991 @@ -75,6 +76,7 @@ static struct dentry *ext2_lookup(struct
2992 return ERR_PTR(-EIO);
2994 return ERR_CAST(inode);
2995 + dx_propagate_tag(nd, inode);
2999 @@ -413,6 +415,7 @@ const struct inode_operations ext2_dir_i
3001 .setattr = ext2_setattr,
3002 .check_acl = ext2_check_acl,
3003 + .sync_flags = ext2_sync_flags,
3006 const struct inode_operations ext2_special_inode_operations = {
3007 diff -NurpP --minimal linux-3.0-rc5/fs/ext2/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/super.c
3008 --- linux-3.0-rc5/fs/ext2/super.c 2011-07-01 11:14:18.000000000 +0200
3009 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext2/super.c 2011-06-10 22:11:24.000000000 +0200
3010 @@ -394,7 +394,8 @@ enum {
3011 Opt_err_ro, Opt_nouid32, Opt_nocheck, Opt_debug,
3012 Opt_oldalloc, Opt_orlov, Opt_nobh, Opt_user_xattr, Opt_nouser_xattr,
3013 Opt_acl, Opt_noacl, Opt_xip, Opt_ignore, Opt_err, Opt_quota,
3014 - Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation
3015 + Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation,
3016 + Opt_tag, Opt_notag, Opt_tagid
3019 static const match_table_t tokens = {
3020 @@ -422,6 +423,9 @@ static const match_table_t tokens = {
3022 {Opt_noacl, "noacl"},
3025 + {Opt_notag, "notag"},
3026 + {Opt_tagid, "tagid=%u"},
3027 {Opt_grpquota, "grpquota"},
3028 {Opt_ignore, "noquota"},
3029 {Opt_quota, "quota"},
3030 @@ -492,6 +496,20 @@ static int parse_options(char *options,
3032 set_opt (sbi->s_mount_opt, NO_UID32);
3034 +#ifndef CONFIG_TAGGING_NONE
3036 + set_opt (sbi->s_mount_opt, TAGGED);
3039 + clear_opt (sbi->s_mount_opt, TAGGED);
3042 +#ifdef CONFIG_PROPAGATE
3045 + set_opt (sbi->s_mount_opt, TAGGED);
3049 clear_opt (sbi->s_mount_opt, CHECK);
3051 @@ -850,6 +868,8 @@ static int ext2_fill_super(struct super_
3052 if (!parse_options((char *) data, sb))
3055 + if (EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_TAGGED)
3056 + sb->s_flags |= MS_TAGGED;
3057 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3058 ((EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ?
3060 @@ -1224,6 +1244,14 @@ static int ext2_remount (struct super_bl
3064 + if ((sbi->s_mount_opt & EXT2_MOUNT_TAGGED) &&
3065 + !(sb->s_flags & MS_TAGGED)) {
3066 + printk("EXT2-fs: %s: tagging not permitted on remount.\n",
3069 + goto restore_opts;
3072 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3073 ((sbi->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
3075 diff -NurpP --minimal linux-3.0-rc5/fs/ext3/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/file.c
3076 --- linux-3.0-rc5/fs/ext3/file.c 2010-07-07 18:31:51.000000000 +0200
3077 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/file.c 2011-06-10 22:11:24.000000000 +0200
3078 @@ -81,5 +81,6 @@ const struct inode_operations ext3_file_
3080 .check_acl = ext3_check_acl,
3081 .fiemap = ext3_fiemap,
3082 + .sync_flags = ext3_sync_flags,
3085 diff -NurpP --minimal linux-3.0-rc5/fs/ext3/ialloc.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/ialloc.c
3086 --- linux-3.0-rc5/fs/ext3/ialloc.c 2011-05-22 16:17:52.000000000 +0200
3087 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/ialloc.c 2011-06-10 22:11:24.000000000 +0200
3089 #include <linux/buffer_head.h>
3090 #include <linux/random.h>
3091 #include <linux/bitops.h>
3092 +#include <linux/vs_tag.h>
3094 #include <asm/byteorder.h>
3096 @@ -532,6 +533,7 @@ got:
3097 inode->i_mode = mode;
3098 inode->i_uid = current_fsuid();
3099 inode->i_gid = dir->i_gid;
3100 + inode->i_tag = dx_current_fstag(sb);
3102 inode_init_owner(inode, dir, mode);
3104 diff -NurpP --minimal linux-3.0-rc5/fs/ext3/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/inode.c
3105 --- linux-3.0-rc5/fs/ext3/inode.c 2011-07-01 11:14:18.000000000 +0200
3106 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/inode.c 2011-06-10 22:11:24.000000000 +0200
3108 #include <linux/bio.h>
3109 #include <linux/fiemap.h>
3110 #include <linux/namei.h>
3111 +#include <linux/vs_tag.h>
3115 @@ -2391,7 +2392,7 @@ static void ext3_free_branches(handle_t
3117 int ext3_can_truncate(struct inode *inode)
3119 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
3120 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
3122 if (S_ISREG(inode->i_mode))
3124 @@ -2775,36 +2776,60 @@ void ext3_set_inode_flags(struct inode *
3126 unsigned int flags = EXT3_I(inode)->i_flags;
3128 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
3129 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
3130 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
3132 + if (flags & EXT3_IMMUTABLE_FL)
3133 + inode->i_flags |= S_IMMUTABLE;
3134 + if (flags & EXT3_IXUNLINK_FL)
3135 + inode->i_flags |= S_IXUNLINK;
3137 if (flags & EXT3_SYNC_FL)
3138 inode->i_flags |= S_SYNC;
3139 if (flags & EXT3_APPEND_FL)
3140 inode->i_flags |= S_APPEND;
3141 - if (flags & EXT3_IMMUTABLE_FL)
3142 - inode->i_flags |= S_IMMUTABLE;
3143 if (flags & EXT3_NOATIME_FL)
3144 inode->i_flags |= S_NOATIME;
3145 if (flags & EXT3_DIRSYNC_FL)
3146 inode->i_flags |= S_DIRSYNC;
3148 + inode->i_vflags &= ~(V_BARRIER | V_COW);
3150 + if (flags & EXT3_BARRIER_FL)
3151 + inode->i_vflags |= V_BARRIER;
3152 + if (flags & EXT3_COW_FL)
3153 + inode->i_vflags |= V_COW;
3156 /* Propagate flags from i_flags to EXT3_I(inode)->i_flags */
3157 void ext3_get_inode_flags(struct ext3_inode_info *ei)
3159 unsigned int flags = ei->vfs_inode.i_flags;
3160 + unsigned int vflags = ei->vfs_inode.i_vflags;
3162 + ei->i_flags &= ~(EXT3_SYNC_FL | EXT3_APPEND_FL |
3163 + EXT3_IMMUTABLE_FL | EXT3_IXUNLINK_FL |
3164 + EXT3_NOATIME_FL | EXT3_DIRSYNC_FL |
3165 + EXT3_BARRIER_FL | EXT3_COW_FL);
3167 + if (flags & S_IMMUTABLE)
3168 + ei->i_flags |= EXT3_IMMUTABLE_FL;
3169 + if (flags & S_IXUNLINK)
3170 + ei->i_flags |= EXT3_IXUNLINK_FL;
3172 - ei->i_flags &= ~(EXT3_SYNC_FL|EXT3_APPEND_FL|
3173 - EXT3_IMMUTABLE_FL|EXT3_NOATIME_FL|EXT3_DIRSYNC_FL);
3175 ei->i_flags |= EXT3_SYNC_FL;
3176 if (flags & S_APPEND)
3177 ei->i_flags |= EXT3_APPEND_FL;
3178 - if (flags & S_IMMUTABLE)
3179 - ei->i_flags |= EXT3_IMMUTABLE_FL;
3180 if (flags & S_NOATIME)
3181 ei->i_flags |= EXT3_NOATIME_FL;
3182 if (flags & S_DIRSYNC)
3183 ei->i_flags |= EXT3_DIRSYNC_FL;
3185 + if (vflags & V_BARRIER)
3186 + ei->i_flags |= EXT3_BARRIER_FL;
3187 + if (vflags & V_COW)
3188 + ei->i_flags |= EXT3_COW_FL;
3191 struct inode *ext3_iget(struct super_block *sb, unsigned long ino)
3192 @@ -2818,6 +2843,8 @@ struct inode *ext3_iget(struct super_blo
3193 transaction_t *transaction;
3199 inode = iget_locked(sb, ino);
3201 @@ -2834,12 +2861,17 @@ struct inode *ext3_iget(struct super_blo
3203 raw_inode = ext3_raw_inode(&iloc);
3204 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
3205 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3206 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3207 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3208 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3209 if(!(test_opt (inode->i_sb, NO_UID32))) {
3210 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3211 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3212 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3213 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3215 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
3216 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
3217 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
3218 + le16_to_cpu(raw_inode->i_raw_tag));
3220 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
3221 inode->i_size = le32_to_cpu(raw_inode->i_size);
3222 inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
3223 @@ -2994,6 +3026,8 @@ static int ext3_do_update_inode(handle_t
3224 struct ext3_inode *raw_inode = ext3_raw_inode(iloc);
3225 struct ext3_inode_info *ei = EXT3_I(inode);
3226 struct buffer_head *bh = iloc->bh;
3227 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
3228 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
3229 int err = 0, rc, block;
3232 @@ -3008,29 +3042,32 @@ again:
3233 ext3_get_inode_flags(ei);
3234 raw_inode->i_mode = cpu_to_le16(inode->i_mode);
3235 if(!(test_opt(inode->i_sb, NO_UID32))) {
3236 - raw_inode->i_uid_low = cpu_to_le16(low_16_bits(inode->i_uid));
3237 - raw_inode->i_gid_low = cpu_to_le16(low_16_bits(inode->i_gid));
3238 + raw_inode->i_uid_low = cpu_to_le16(low_16_bits(uid));
3239 + raw_inode->i_gid_low = cpu_to_le16(low_16_bits(gid));
3241 * Fix up interoperability with old kernels. Otherwise, old inodes get
3242 * re-used with the upper 16 bits of the uid/gid intact
3245 raw_inode->i_uid_high =
3246 - cpu_to_le16(high_16_bits(inode->i_uid));
3247 + cpu_to_le16(high_16_bits(uid));
3248 raw_inode->i_gid_high =
3249 - cpu_to_le16(high_16_bits(inode->i_gid));
3250 + cpu_to_le16(high_16_bits(gid));
3252 raw_inode->i_uid_high = 0;
3253 raw_inode->i_gid_high = 0;
3256 raw_inode->i_uid_low =
3257 - cpu_to_le16(fs_high2lowuid(inode->i_uid));
3258 + cpu_to_le16(fs_high2lowuid(uid));
3259 raw_inode->i_gid_low =
3260 - cpu_to_le16(fs_high2lowgid(inode->i_gid));
3261 + cpu_to_le16(fs_high2lowgid(gid));
3262 raw_inode->i_uid_high = 0;
3263 raw_inode->i_gid_high = 0;
3265 +#ifdef CONFIG_TAGGING_INTERN
3266 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
3268 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
3269 raw_inode->i_size = cpu_to_le32(ei->i_disksize);
3270 raw_inode->i_atime = cpu_to_le32(inode->i_atime.tv_sec);
3271 @@ -3190,7 +3227,8 @@ int ext3_setattr(struct dentry *dentry,
3272 if (is_quota_modification(inode, attr))
3273 dquot_initialize(inode);
3274 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
3275 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
3276 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
3277 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
3280 /* (user+group)*(old+new) structure, inode write (sb,
3281 @@ -3212,6 +3250,8 @@ int ext3_setattr(struct dentry *dentry,
3282 inode->i_uid = attr->ia_uid;
3283 if (attr->ia_valid & ATTR_GID)
3284 inode->i_gid = attr->ia_gid;
3285 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
3286 + inode->i_tag = attr->ia_tag;
3287 error = ext3_mark_inode_dirty(handle, inode);
3288 ext3_journal_stop(handle);
3290 diff -NurpP --minimal linux-3.0-rc5/fs/ext3/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/ioctl.c
3291 --- linux-3.0-rc5/fs/ext3/ioctl.c 2011-05-22 16:17:52.000000000 +0200
3292 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/ioctl.c 2011-06-10 22:11:24.000000000 +0200
3296 #include <linux/fs.h>
3297 +#include <linux/mount.h>
3298 #include <linux/jbd.h>
3299 #include <linux/capability.h>
3300 #include <linux/ext3_fs.h>
3302 #include <linux/compat.h>
3303 #include <asm/uaccess.h>
3306 +int ext3_sync_flags(struct inode *inode, int flags, int vflags)
3308 + handle_t *handle = NULL;
3309 + struct ext3_iloc iloc;
3312 + handle = ext3_journal_start(inode, 1);
3313 + if (IS_ERR(handle))
3314 + return PTR_ERR(handle);
3316 + if (IS_SYNC(inode))
3317 + handle->h_sync = 1;
3318 + err = ext3_reserve_inode_write(handle, inode, &iloc);
3322 + inode->i_flags = flags;
3323 + inode->i_vflags = vflags;
3324 + ext3_get_inode_flags(EXT3_I(inode));
3325 + inode->i_ctime = CURRENT_TIME_SEC;
3327 + err = ext3_mark_iloc_dirty(handle, inode, &iloc);
3329 + ext3_journal_stop(handle);
3333 long ext3_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
3335 struct inode *inode = filp->f_dentry->d_inode;
3336 @@ -50,6 +79,11 @@ long ext3_ioctl(struct file *filp, unsig
3338 flags = ext3_mask_flags(inode->i_mode, flags);
3340 + if (IS_BARRIER(inode)) {
3341 + vxwprintk_task(1, "messing with the barrier.");
3345 mutex_lock(&inode->i_mutex);
3347 /* Is it quota file? Do not allow user to mess with it */
3348 @@ -68,7 +102,9 @@ long ext3_ioctl(struct file *filp, unsig
3350 * This test looks nicer. Thanks to Pauline Middelink
3352 - if ((flags ^ oldflags) & (EXT3_APPEND_FL | EXT3_IMMUTABLE_FL)) {
3353 + if ((oldflags & EXT3_IMMUTABLE_FL) ||
3354 + ((flags ^ oldflags) & (EXT3_APPEND_FL |
3355 + EXT3_IMMUTABLE_FL | EXT3_IXUNLINK_FL))) {
3356 if (!capable(CAP_LINUX_IMMUTABLE))
3359 @@ -93,7 +129,7 @@ long ext3_ioctl(struct file *filp, unsig
3363 - flags = flags & EXT3_FL_USER_MODIFIABLE;
3364 + flags &= EXT3_FL_USER_MODIFIABLE;
3365 flags |= oldflags & ~EXT3_FL_USER_MODIFIABLE;
3366 ei->i_flags = flags;
3368 diff -NurpP --minimal linux-3.0-rc5/fs/ext3/namei.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/namei.c
3369 --- linux-3.0-rc5/fs/ext3/namei.c 2011-07-01 11:14:18.000000000 +0200
3370 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/namei.c 2011-06-10 22:11:24.000000000 +0200
3372 #include <linux/quotaops.h>
3373 #include <linux/buffer_head.h>
3374 #include <linux/bio.h>
3375 +#include <linux/vs_tag.h>
3379 @@ -923,6 +924,7 @@ restart:
3381 ll_rw_block(READ_META, 1, &bh);
3383 + dx_propagate_tag(nd, inode);
3385 if ((bh = bh_use[ra_ptr++]) == NULL)
3387 @@ -2534,6 +2536,7 @@ const struct inode_operations ext3_dir_i
3388 .removexattr = generic_removexattr,
3390 .check_acl = ext3_check_acl,
3391 + .sync_flags = ext3_sync_flags,
3394 const struct inode_operations ext3_special_inode_operations = {
3395 diff -NurpP --minimal linux-3.0-rc5/fs/ext3/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/super.c
3396 --- linux-3.0-rc5/fs/ext3/super.c 2011-07-01 11:14:18.000000000 +0200
3397 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext3/super.c 2011-06-10 22:11:24.000000000 +0200
3398 @@ -821,7 +821,8 @@ enum {
3399 Opt_usrjquota, Opt_grpjquota, Opt_offusrjquota, Opt_offgrpjquota,
3400 Opt_jqfmt_vfsold, Opt_jqfmt_vfsv0, Opt_jqfmt_vfsv1, Opt_quota,
3401 Opt_noquota, Opt_ignore, Opt_barrier, Opt_nobarrier, Opt_err,
3402 - Opt_resize, Opt_usrquota, Opt_grpquota
3403 + Opt_resize, Opt_usrquota, Opt_grpquota,
3404 + Opt_tag, Opt_notag, Opt_tagid
3407 static const match_table_t tokens = {
3408 @@ -878,6 +879,9 @@ static const match_table_t tokens = {
3409 {Opt_barrier, "barrier"},
3410 {Opt_nobarrier, "nobarrier"},
3411 {Opt_resize, "resize"},
3413 + {Opt_notag, "notag"},
3414 + {Opt_tagid, "tagid=%u"},
3418 @@ -1030,6 +1034,20 @@ static int parse_options (char *options,
3420 set_opt (sbi->s_mount_opt, NO_UID32);
3422 +#ifndef CONFIG_TAGGING_NONE
3424 + set_opt (sbi->s_mount_opt, TAGGED);
3427 + clear_opt (sbi->s_mount_opt, TAGGED);
3430 +#ifdef CONFIG_PROPAGATE
3433 + set_opt (sbi->s_mount_opt, TAGGED);
3437 clear_opt (sbi->s_mount_opt, CHECK);
3439 @@ -1724,6 +1742,9 @@ static int ext3_fill_super (struct super
3443 + if (EXT3_SB(sb)->s_mount_opt & EXT3_MOUNT_TAGGED)
3444 + sb->s_flags |= MS_TAGGED;
3446 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3447 (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
3449 @@ -2604,6 +2625,14 @@ static int ext3_remount (struct super_bl
3450 if (test_opt(sb, ABORT))
3451 ext3_abort(sb, __func__, "Abort forced by user");
3453 + if ((sbi->s_mount_opt & EXT3_MOUNT_TAGGED) &&
3454 + !(sb->s_flags & MS_TAGGED)) {
3455 + printk("EXT3-fs: %s: tagging not permitted on remount.\n",
3458 + goto restore_opts;
3461 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3462 (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
3464 diff -NurpP --minimal linux-3.0-rc5/fs/ext4/ext4.h linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/ext4.h
3465 --- linux-3.0-rc5/fs/ext4/ext4.h 2011-07-01 11:14:18.000000000 +0200
3466 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/ext4.h 2011-06-10 22:11:24.000000000 +0200
3467 @@ -350,8 +350,12 @@ struct flex_groups {
3468 #define EXT4_EXTENTS_FL 0x00080000 /* Inode uses extents */
3469 #define EXT4_EA_INODE_FL 0x00200000 /* Inode used for large EA */
3470 #define EXT4_EOFBLOCKS_FL 0x00400000 /* Blocks allocated beyond EOF */
3471 +#define EXT4_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
3472 #define EXT4_RESERVED_FL 0x80000000 /* reserved for ext4 lib */
3474 +#define EXT4_BARRIER_FL 0x04000000 /* Barrier for chroot() */
3475 +#define EXT4_COW_FL 0x20000000 /* Copy on Write marker */
3477 #define EXT4_FL_USER_VISIBLE 0x004BDFFF /* User visible flags */
3478 #define EXT4_FL_USER_MODIFIABLE 0x004B80FF /* User modifiable flags */
3480 @@ -608,7 +612,8 @@ struct ext4_inode {
3481 __le16 l_i_file_acl_high;
3482 __le16 l_i_uid_high; /* these 2 fields */
3483 __le16 l_i_gid_high; /* were reserved2[0] */
3484 - __u32 l_i_reserved2;
3485 + __le16 l_i_tag; /* Context Tag */
3486 + __u16 l_i_reserved2;
3489 __le16 h_i_reserved1; /* Obsoleted fragment number/size which are removed in ext4 */
3490 @@ -726,6 +731,7 @@ do { \
3491 #define i_gid_low i_gid
3492 #define i_uid_high osd2.linux2.l_i_uid_high
3493 #define i_gid_high osd2.linux2.l_i_gid_high
3494 +#define i_raw_tag osd2.linux2.l_i_tag
3495 #define i_reserved2 osd2.linux2.l_i_reserved2
3497 #elif defined(__GNU__)
3498 @@ -902,6 +908,7 @@ struct ext4_inode_info {
3499 #define EXT4_MOUNT_POSIX_ACL 0x08000 /* POSIX Access Control Lists */
3500 #define EXT4_MOUNT_NO_AUTO_DA_ALLOC 0x10000 /* No auto delalloc mapping */
3501 #define EXT4_MOUNT_BARRIER 0x20000 /* Use block barriers */
3502 +#define EXT4_MOUNT_TAGGED 0x40000 /* Enable Context Tags */
3503 #define EXT4_MOUNT_QUOTA 0x80000 /* Some quota option set */
3504 #define EXT4_MOUNT_USRQUOTA 0x100000 /* "old" user quota */
3505 #define EXT4_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */
3506 @@ -2172,6 +2179,7 @@ extern int ext4_map_blocks(handle_t *han
3507 struct ext4_map_blocks *map, int flags);
3508 extern int ext4_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
3509 __u64 start, __u64 len);
3510 +extern int ext4_sync_flags(struct inode *, int, int);
3512 extern int ext4_move_extents(struct file *o_filp, struct file *d_filp,
3513 __u64 start_orig, __u64 start_donor,
3514 diff -NurpP --minimal linux-3.0-rc5/fs/ext4/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/file.c
3515 --- linux-3.0-rc5/fs/ext4/file.c 2011-07-01 11:14:18.000000000 +0200
3516 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/file.c 2011-06-10 22:11:24.000000000 +0200
3517 @@ -282,5 +282,6 @@ const struct inode_operations ext4_file_
3519 .check_acl = ext4_check_acl,
3520 .fiemap = ext4_fiemap,
3521 + .sync_flags = ext4_sync_flags,
3524 diff -NurpP --minimal linux-3.0-rc5/fs/ext4/ialloc.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/ialloc.c
3525 --- linux-3.0-rc5/fs/ext4/ialloc.c 2011-05-22 16:17:52.000000000 +0200
3526 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/ialloc.c 2011-06-10 22:11:24.000000000 +0200
3528 #include <linux/random.h>
3529 #include <linux/bitops.h>
3530 #include <linux/blkdev.h>
3531 +#include <linux/vs_tag.h>
3532 #include <asm/byteorder.h>
3535 @@ -992,6 +993,7 @@ got:
3536 inode->i_mode = mode;
3537 inode->i_uid = current_fsuid();
3538 inode->i_gid = dir->i_gid;
3539 + inode->i_tag = dx_current_fstag(sb);
3541 inode_init_owner(inode, dir, mode);
3543 diff -NurpP --minimal linux-3.0-rc5/fs/ext4/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/inode.c
3544 --- linux-3.0-rc5/fs/ext4/inode.c 2011-07-01 11:14:18.000000000 +0200
3545 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/inode.c 2011-07-01 11:35:34.000000000 +0200
3547 #include <linux/printk.h>
3548 #include <linux/slab.h>
3549 #include <linux/ratelimit.h>
3550 +#include <linux/vs_tag.h>
3552 #include "ext4_jbd2.h"
3554 @@ -4797,41 +4798,64 @@ void ext4_set_inode_flags(struct inode *
3556 unsigned int flags = EXT4_I(inode)->i_flags;
3558 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
3559 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
3560 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
3562 + if (flags & EXT4_IMMUTABLE_FL)
3563 + inode->i_flags |= S_IMMUTABLE;
3564 + if (flags & EXT4_IXUNLINK_FL)
3565 + inode->i_flags |= S_IXUNLINK;
3567 if (flags & EXT4_SYNC_FL)
3568 inode->i_flags |= S_SYNC;
3569 if (flags & EXT4_APPEND_FL)
3570 inode->i_flags |= S_APPEND;
3571 - if (flags & EXT4_IMMUTABLE_FL)
3572 - inode->i_flags |= S_IMMUTABLE;
3573 if (flags & EXT4_NOATIME_FL)
3574 inode->i_flags |= S_NOATIME;
3575 if (flags & EXT4_DIRSYNC_FL)
3576 inode->i_flags |= S_DIRSYNC;
3578 + inode->i_vflags &= ~(V_BARRIER | V_COW);
3580 + if (flags & EXT4_BARRIER_FL)
3581 + inode->i_vflags |= V_BARRIER;
3582 + if (flags & EXT4_COW_FL)
3583 + inode->i_vflags |= V_COW;
3586 /* Propagate flags from i_flags to EXT4_I(inode)->i_flags */
3587 void ext4_get_inode_flags(struct ext4_inode_info *ei)
3589 - unsigned int vfs_fl;
3590 + unsigned int vfs_fl, vfs_vf;
3591 unsigned long old_fl, new_fl;
3594 vfs_fl = ei->vfs_inode.i_flags;
3595 + vfs_vf = ei->vfs_inode.i_vflags;
3596 old_fl = ei->i_flags;
3597 new_fl = old_fl & ~(EXT4_SYNC_FL|EXT4_APPEND_FL|
3598 EXT4_IMMUTABLE_FL|EXT4_NOATIME_FL|
3600 + EXT4_DIRSYNC_FL|EXT4_BARRIER_FL|
3603 + if (vfs_fl & S_IMMUTABLE)
3604 + new_fl |= EXT4_IMMUTABLE_FL;
3605 + if (vfs_fl & S_IXUNLINK)
3606 + new_fl |= EXT4_IXUNLINK_FL;
3608 if (vfs_fl & S_SYNC)
3609 new_fl |= EXT4_SYNC_FL;
3610 if (vfs_fl & S_APPEND)
3611 new_fl |= EXT4_APPEND_FL;
3612 - if (vfs_fl & S_IMMUTABLE)
3613 - new_fl |= EXT4_IMMUTABLE_FL;
3614 if (vfs_fl & S_NOATIME)
3615 new_fl |= EXT4_NOATIME_FL;
3616 if (vfs_fl & S_DIRSYNC)
3617 new_fl |= EXT4_DIRSYNC_FL;
3619 + if (vfs_vf & V_BARRIER)
3620 + new_fl |= EXT4_BARRIER_FL;
3621 + if (vfs_vf & V_COW)
3622 + new_fl |= EXT4_COW_FL;
3623 } while (cmpxchg(&ei->i_flags, old_fl, new_fl) != old_fl);
3626 @@ -4867,6 +4891,8 @@ struct inode *ext4_iget(struct super_blo
3627 journal_t *journal = EXT4_SB(sb)->s_journal;
3633 inode = iget_locked(sb, ino);
3635 @@ -4882,12 +4908,16 @@ struct inode *ext4_iget(struct super_blo
3637 raw_inode = ext4_raw_inode(&iloc);
3638 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
3639 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3640 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3641 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3642 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3643 if (!(test_opt(inode->i_sb, NO_UID32))) {
3644 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3645 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3646 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3647 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3649 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
3650 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
3651 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
3652 + le16_to_cpu(raw_inode->i_raw_tag));
3653 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
3655 ext4_clear_state_flags(ei); /* Only relevant on 32-bit archs */
3656 @@ -5106,6 +5136,8 @@ static int ext4_do_update_inode(handle_t
3657 struct ext4_inode *raw_inode = ext4_raw_inode(iloc);
3658 struct ext4_inode_info *ei = EXT4_I(inode);
3659 struct buffer_head *bh = iloc->bh;
3660 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
3661 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
3662 int err = 0, rc, block;
3664 /* For fields not not tracking in the in-memory inode,
3665 @@ -5116,29 +5148,32 @@ static int ext4_do_update_inode(handle_t
3666 ext4_get_inode_flags(ei);
3667 raw_inode->i_mode = cpu_to_le16(inode->i_mode);
3668 if (!(test_opt(inode->i_sb, NO_UID32))) {
3669 - raw_inode->i_uid_low = cpu_to_le16(low_16_bits(inode->i_uid));
3670 - raw_inode->i_gid_low = cpu_to_le16(low_16_bits(inode->i_gid));
3671 + raw_inode->i_uid_low = cpu_to_le16(low_16_bits(uid));
3672 + raw_inode->i_gid_low = cpu_to_le16(low_16_bits(gid));
3674 * Fix up interoperability with old kernels. Otherwise, old inodes get
3675 * re-used with the upper 16 bits of the uid/gid intact
3678 raw_inode->i_uid_high =
3679 - cpu_to_le16(high_16_bits(inode->i_uid));
3680 + cpu_to_le16(high_16_bits(uid));
3681 raw_inode->i_gid_high =
3682 - cpu_to_le16(high_16_bits(inode->i_gid));
3683 + cpu_to_le16(high_16_bits(gid));
3685 raw_inode->i_uid_high = 0;
3686 raw_inode->i_gid_high = 0;
3689 raw_inode->i_uid_low =
3690 - cpu_to_le16(fs_high2lowuid(inode->i_uid));
3691 + cpu_to_le16(fs_high2lowuid(uid));
3692 raw_inode->i_gid_low =
3693 - cpu_to_le16(fs_high2lowgid(inode->i_gid));
3694 + cpu_to_le16(fs_high2lowgid(gid));
3695 raw_inode->i_uid_high = 0;
3696 raw_inode->i_gid_high = 0;
3698 +#ifdef CONFIG_TAGGING_INTERN
3699 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
3701 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
3703 EXT4_INODE_SET_XTIME(i_ctime, inode, raw_inode);
3704 @@ -5324,7 +5359,8 @@ int ext4_setattr(struct dentry *dentry,
3705 if (is_quota_modification(inode, attr))
3706 dquot_initialize(inode);
3707 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
3708 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
3709 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
3710 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
3713 /* (user+group)*(old+new) structure, inode write (sb,
3714 @@ -5346,6 +5382,8 @@ int ext4_setattr(struct dentry *dentry,
3715 inode->i_uid = attr->ia_uid;
3716 if (attr->ia_valid & ATTR_GID)
3717 inode->i_gid = attr->ia_gid;
3718 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
3719 + inode->i_tag = attr->ia_tag;
3720 error = ext4_mark_inode_dirty(handle, inode);
3721 ext4_journal_stop(handle);
3723 diff -NurpP --minimal linux-3.0-rc5/fs/ext4/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/ioctl.c
3724 --- linux-3.0-rc5/fs/ext4/ioctl.c 2011-05-22 16:17:52.000000000 +0200
3725 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/ioctl.c 2011-06-10 22:11:24.000000000 +0200
3727 #include <linux/compat.h>
3728 #include <linux/mount.h>
3729 #include <linux/file.h>
3730 +#include <linux/vs_tag.h>
3731 #include <asm/uaccess.h>
3732 #include "ext4_jbd2.h"
3736 +int ext4_sync_flags(struct inode *inode, int flags, int vflags)
3738 + handle_t *handle = NULL;
3739 + struct ext4_iloc iloc;
3742 + handle = ext4_journal_start(inode, 1);
3743 + if (IS_ERR(handle))
3744 + return PTR_ERR(handle);
3746 + if (IS_SYNC(inode))
3747 + ext4_handle_sync(handle);
3748 + err = ext4_reserve_inode_write(handle, inode, &iloc);
3752 + inode->i_flags = flags;
3753 + inode->i_vflags = vflags;
3754 + ext4_get_inode_flags(EXT4_I(inode));
3755 + inode->i_ctime = ext4_current_time(inode);
3757 + err = ext4_mark_iloc_dirty(handle, inode, &iloc);
3759 + ext4_journal_stop(handle);
3763 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
3765 struct inode *inode = filp->f_dentry->d_inode;
3766 @@ -50,6 +79,11 @@ long ext4_ioctl(struct file *filp, unsig
3768 flags = ext4_mask_flags(inode->i_mode, flags);
3770 + if (IS_BARRIER(inode)) {
3771 + vxwprintk_task(1, "messing with the barrier.");
3776 mutex_lock(&inode->i_mutex);
3777 /* Is it quota file? Do not allow user to mess with it */
3778 @@ -67,7 +101,9 @@ long ext4_ioctl(struct file *filp, unsig
3780 * This test looks nicer. Thanks to Pauline Middelink
3782 - if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) {
3783 + if ((oldflags & EXT4_IMMUTABLE_FL) ||
3784 + ((flags ^ oldflags) & (EXT4_APPEND_FL |
3785 + EXT4_IMMUTABLE_FL | EXT4_IXUNLINK_FL))) {
3786 if (!capable(CAP_LINUX_IMMUTABLE))
3789 diff -NurpP --minimal linux-3.0-rc5/fs/ext4/namei.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/namei.c
3790 --- linux-3.0-rc5/fs/ext4/namei.c 2011-07-01 11:14:18.000000000 +0200
3791 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/namei.c 2011-06-10 22:11:24.000000000 +0200
3793 #include <linux/quotaops.h>
3794 #include <linux/buffer_head.h>
3795 #include <linux/bio.h>
3796 +#include <linux/vs_tag.h>
3798 #include "ext4_jbd2.h"
3800 @@ -924,6 +925,7 @@ restart:
3802 ll_rw_block(READ_META, 1, &bh);
3804 + dx_propagate_tag(nd, inode);
3806 if ((bh = bh_use[ra_ptr++]) == NULL)
3808 @@ -2596,6 +2598,7 @@ const struct inode_operations ext4_dir_i
3810 .check_acl = ext4_check_acl,
3811 .fiemap = ext4_fiemap,
3812 + .sync_flags = ext4_sync_flags,
3815 const struct inode_operations ext4_special_inode_operations = {
3816 diff -NurpP --minimal linux-3.0-rc5/fs/ext4/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/super.c
3817 --- linux-3.0-rc5/fs/ext4/super.c 2011-07-01 11:14:18.000000000 +0200
3818 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ext4/super.c 2011-07-01 11:35:34.000000000 +0200
3819 @@ -1294,6 +1294,7 @@ enum {
3820 Opt_dioread_nolock, Opt_dioread_lock,
3821 Opt_discard, Opt_nodiscard,
3822 Opt_init_inode_table, Opt_noinit_inode_table,
3823 + Opt_tag, Opt_notag, Opt_tagid
3826 static const match_table_t tokens = {
3827 @@ -1369,6 +1370,9 @@ static const match_table_t tokens = {
3828 {Opt_init_inode_table, "init_itable=%u"},
3829 {Opt_init_inode_table, "init_itable"},
3830 {Opt_noinit_inode_table, "noinit_itable"},
3832 + {Opt_notag, "notag"},
3833 + {Opt_tagid, "tagid=%u"},
3837 @@ -1537,6 +1541,20 @@ static int parse_options(char *options,
3839 set_opt(sb, NO_UID32);
3841 +#ifndef CONFIG_TAGGING_NONE
3843 + set_opt(sb, TAGGED);
3846 + clear_opt(sb, TAGGED);
3849 +#ifdef CONFIG_PROPAGATE
3852 + set_opt(sb, TAGGED);
3858 @@ -3194,6 +3212,9 @@ static int ext4_fill_super(struct super_
3859 &journal_ioprio, NULL, 0))
3862 + if (EXT4_SB(sb)->s_mount_opt & EXT4_MOUNT_TAGGED)
3863 + sb->s_flags |= MS_TAGGED;
3865 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3866 (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
3868 @@ -4324,6 +4345,14 @@ static int ext4_remount(struct super_blo
3869 if (sbi->s_mount_flags & EXT4_MF_FS_ABORTED)
3870 ext4_abort(sb, "Abort forced by user");
3872 + if ((sbi->s_mount_opt & EXT4_MOUNT_TAGGED) &&
3873 + !(sb->s_flags & MS_TAGGED)) {
3874 + printk("EXT4-fs: %s: tagging not permitted on remount.\n",
3877 + goto restore_opts;
3880 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3881 (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
3883 diff -NurpP --minimal linux-3.0-rc5/fs/fcntl.c linux-3.0-rc5-vs2.3.1-pre3/fs/fcntl.c
3884 --- linux-3.0-rc5/fs/fcntl.c 2011-05-22 16:17:52.000000000 +0200
3885 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/fcntl.c 2011-06-10 22:11:24.000000000 +0200
3887 #include <linux/signal.h>
3888 #include <linux/rcupdate.h>
3889 #include <linux/pid_namespace.h>
3890 +#include <linux/vs_limit.h>
3892 #include <asm/poll.h>
3893 #include <asm/siginfo.h>
3894 @@ -103,6 +104,8 @@ SYSCALL_DEFINE3(dup3, unsigned int, oldf
3897 filp_close(tofree, files);
3899 + vx_openfd_inc(newfd); /* fd was unused */
3903 @@ -447,6 +450,8 @@ SYSCALL_DEFINE3(fcntl, unsigned int, fd,
3904 filp = fget_raw(fd);
3907 + if (!vx_files_avail(1))
3910 if (unlikely(filp->f_mode & FMODE_PATH)) {
3911 if (!check_fcntl_cmd(cmd)) {
3912 diff -NurpP --minimal linux-3.0-rc5/fs/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/file.c
3913 --- linux-3.0-rc5/fs/file.c 2011-05-22 16:17:52.000000000 +0200
3914 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/file.c 2011-06-10 22:11:24.000000000 +0200
3916 #include <linux/spinlock.h>
3917 #include <linux/rcupdate.h>
3918 #include <linux/workqueue.h>
3919 +#include <linux/vs_limit.h>
3921 struct fdtable_defer {
3923 @@ -359,6 +360,8 @@ struct files_struct *dup_fd(struct files
3924 struct file *f = *old_fds++;
3927 + /* TODO: sum it first for check and performance */
3928 + vx_openfd_inc(open_files - i);
3931 * The fd may be claimed in the fd bitmap but not yet
3932 @@ -466,6 +469,7 @@ repeat:
3934 FD_CLR(fd, fdt->close_on_exec);
3936 + vx_openfd_inc(fd);
3939 if (rcu_dereference_raw(fdt->fd[fd]) != NULL) {
3940 diff -NurpP --minimal linux-3.0-rc5/fs/file_table.c linux-3.0-rc5-vs2.3.1-pre3/fs/file_table.c
3941 --- linux-3.0-rc5/fs/file_table.c 2011-05-22 16:17:52.000000000 +0200
3942 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/file_table.c 2011-06-10 22:11:24.000000000 +0200
3944 #include <linux/percpu_counter.h>
3945 #include <linux/percpu.h>
3946 #include <linux/ima.h>
3947 +#include <linux/vs_limit.h>
3948 +#include <linux/vs_context.h>
3950 #include <asm/atomic.h>
3952 @@ -135,6 +137,8 @@ struct file *get_empty_filp(void)
3953 spin_lock_init(&f->f_lock);
3954 eventpoll_init_file(f);
3955 /* f->f_version: 0 */
3956 + f->f_xid = vx_current_xid();
3961 @@ -253,6 +257,8 @@ static void __fput(struct file *file)
3963 fops_put(file->f_op);
3964 put_pid(file->f_owner.pid);
3965 + vx_files_dec(file);
3967 file_sb_list_del(file);
3968 if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
3969 i_readcount_dec(inode);
3970 @@ -383,6 +389,8 @@ void put_filp(struct file *file)
3972 if (atomic_long_dec_and_test(&file->f_count)) {
3973 security_file_free(file);
3974 + vx_files_dec(file);
3976 file_sb_list_del(file);
3979 diff -NurpP --minimal linux-3.0-rc5/fs/fs_struct.c linux-3.0-rc5-vs2.3.1-pre3/fs/fs_struct.c
3980 --- linux-3.0-rc5/fs/fs_struct.c 2011-03-15 18:07:31.000000000 +0100
3981 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/fs_struct.c 2011-06-10 22:11:24.000000000 +0200
3983 #include <linux/path.h>
3984 #include <linux/slab.h>
3985 #include <linux/fs_struct.h>
3986 +#include <linux/vserver/global.h>
3987 #include "internal.h"
3989 static inline void path_get_longterm(struct path *path)
3990 @@ -96,6 +97,7 @@ void free_fs_struct(struct fs_struct *fs
3992 path_put_longterm(&fs->root);
3993 path_put_longterm(&fs->pwd);
3994 + atomic_dec(&vs_global_fs);
3995 kmem_cache_free(fs_cachep, fs);
3998 @@ -135,6 +137,7 @@ struct fs_struct *copy_fs_struct(struct
4000 path_get_longterm(&fs->pwd);
4001 spin_unlock(&old->lock);
4002 + atomic_inc(&vs_global_fs);
4006 diff -NurpP --minimal linux-3.0-rc5/fs/gfs2/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/gfs2/file.c
4007 --- linux-3.0-rc5/fs/gfs2/file.c 2011-07-01 11:14:18.000000000 +0200
4008 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/gfs2/file.c 2011-06-10 22:11:24.000000000 +0200
4009 @@ -134,6 +134,9 @@ static const u32 fsflags_to_gfs2[32] = {
4010 [7] = GFS2_DIF_NOATIME,
4011 [12] = GFS2_DIF_EXHASH,
4012 [14] = GFS2_DIF_INHERIT_JDATA,
4013 + [27] = GFS2_DIF_IXUNLINK,
4014 + [26] = GFS2_DIF_BARRIER,
4015 + [29] = GFS2_DIF_COW,
4018 static const u32 gfs2_to_fsflags[32] = {
4019 @@ -143,6 +146,9 @@ static const u32 gfs2_to_fsflags[32] = {
4020 [gfs2fl_NoAtime] = FS_NOATIME_FL,
4021 [gfs2fl_ExHash] = FS_INDEX_FL,
4022 [gfs2fl_InheritJdata] = FS_JOURNAL_DATA_FL,
4023 + [gfs2fl_IXUnlink] = FS_IXUNLINK_FL,
4024 + [gfs2fl_Barrier] = FS_BARRIER_FL,
4025 + [gfs2fl_Cow] = FS_COW_FL,
4028 static int gfs2_get_flags(struct file *filp, u32 __user *ptr)
4029 @@ -173,10 +179,16 @@ void gfs2_set_inode_flags(struct inode *
4031 struct gfs2_inode *ip = GFS2_I(inode);
4032 unsigned int flags = inode->i_flags;
4033 + unsigned int vflags = inode->i_vflags;
4035 + flags &= ~(S_IMMUTABLE | S_IXUNLINK |
4036 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
4038 - flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
4039 if (ip->i_diskflags & GFS2_DIF_IMMUTABLE)
4040 flags |= S_IMMUTABLE;
4041 + if (ip->i_diskflags & GFS2_DIF_IXUNLINK)
4042 + flags |= S_IXUNLINK;
4044 if (ip->i_diskflags & GFS2_DIF_APPENDONLY)
4046 if (ip->i_diskflags & GFS2_DIF_NOATIME)
4047 @@ -184,6 +196,43 @@ void gfs2_set_inode_flags(struct inode *
4048 if (ip->i_diskflags & GFS2_DIF_SYNC)
4050 inode->i_flags = flags;
4052 + vflags &= ~(V_BARRIER | V_COW);
4054 + if (ip->i_diskflags & GFS2_DIF_BARRIER)
4055 + vflags |= V_BARRIER;
4056 + if (ip->i_diskflags & GFS2_DIF_COW)
4058 + inode->i_vflags = vflags;
4061 +void gfs2_get_inode_flags(struct inode *inode)
4063 + struct gfs2_inode *ip = GFS2_I(inode);
4064 + unsigned int flags = inode->i_flags;
4065 + unsigned int vflags = inode->i_vflags;
4067 + ip->i_diskflags &= ~(GFS2_DIF_APPENDONLY |
4068 + GFS2_DIF_NOATIME | GFS2_DIF_SYNC |
4069 + GFS2_DIF_IMMUTABLE | GFS2_DIF_IXUNLINK |
4070 + GFS2_DIF_BARRIER | GFS2_DIF_COW);
4072 + if (flags & S_IMMUTABLE)
4073 + ip->i_diskflags |= GFS2_DIF_IMMUTABLE;
4074 + if (flags & S_IXUNLINK)
4075 + ip->i_diskflags |= GFS2_DIF_IXUNLINK;
4077 + if (flags & S_APPEND)
4078 + ip->i_diskflags |= GFS2_DIF_APPENDONLY;
4079 + if (flags & S_NOATIME)
4080 + ip->i_diskflags |= GFS2_DIF_NOATIME;
4081 + if (flags & S_SYNC)
4082 + ip->i_diskflags |= GFS2_DIF_SYNC;
4084 + if (vflags & V_BARRIER)
4085 + ip->i_diskflags |= GFS2_DIF_BARRIER;
4086 + if (vflags & V_COW)
4087 + ip->i_diskflags |= GFS2_DIF_COW;
4090 /* Flags that can be set by user space */
4091 @@ -295,6 +344,37 @@ static int gfs2_set_flags(struct file *f
4092 return do_gfs2_set_flags(filp, gfsflags, ~GFS2_DIF_JDATA);
4095 +int gfs2_sync_flags(struct inode *inode, int flags, int vflags)
4097 + struct gfs2_inode *ip = GFS2_I(inode);
4098 + struct gfs2_sbd *sdp = GFS2_SB(inode);
4099 + struct buffer_head *bh;
4100 + struct gfs2_holder gh;
4103 + error = gfs2_glock_nq_init(ip->i_gl, LM_ST_EXCLUSIVE, 0, &gh);
4106 + error = gfs2_trans_begin(sdp, RES_DINODE, 0);
4109 + error = gfs2_meta_inode_buffer(ip, &bh);
4111 + goto out_trans_end;
4112 + gfs2_trans_add_bh(ip->i_gl, bh, 1);
4113 + inode->i_flags = flags;
4114 + inode->i_vflags = vflags;
4115 + gfs2_get_inode_flags(inode);
4116 + gfs2_dinode_out(ip, bh->b_data);
4118 + gfs2_set_aops(inode);
4120 + gfs2_trans_end(sdp);
4122 + gfs2_glock_dq_uninit(&gh);
4126 static long gfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
4129 diff -NurpP --minimal linux-3.0-rc5/fs/gfs2/inode.h linux-3.0-rc5-vs2.3.1-pre3/fs/gfs2/inode.h
4130 --- linux-3.0-rc5/fs/gfs2/inode.h 2011-07-01 11:14:18.000000000 +0200
4131 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/gfs2/inode.h 2011-06-10 22:11:24.000000000 +0200
4132 @@ -120,6 +120,7 @@ extern const struct file_operations gfs2
4133 extern const struct file_operations gfs2_dir_fops_nolock;
4135 extern void gfs2_set_inode_flags(struct inode *inode);
4136 +extern int gfs2_sync_flags(struct inode *inode, int flags, int vflags);
4138 #ifdef CONFIG_GFS2_FS_LOCKING_DLM
4139 extern const struct file_operations gfs2_file_fops;
4140 diff -NurpP --minimal linux-3.0-rc5/fs/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/inode.c
4141 --- linux-3.0-rc5/fs/inode.c 2011-07-01 11:14:18.000000000 +0200
4142 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/inode.c 2011-07-01 11:35:34.000000000 +0200
4144 #include <linux/ima.h>
4145 #include <linux/cred.h>
4146 #include <linux/buffer_head.h> /* for inode_has_buffers */
4147 +#include <linux/vs_tag.h>
4148 #include "internal.h"
4151 @@ -146,6 +147,9 @@ int inode_init_always(struct super_block
4152 struct address_space *const mapping = &inode->i_data;
4156 + /* essential because of inode slab reuse */
4158 inode->i_blkbits = sb->s_blocksize_bits;
4160 atomic_set(&inode->i_count, 1);
4161 @@ -166,6 +170,7 @@ int inode_init_always(struct super_block
4162 inode->i_bdev = NULL;
4163 inode->i_cdev = NULL;
4165 + inode->i_mdev = 0;
4166 inode->dirtied_when = 0;
4168 if (security_inode_alloc(inode))
4169 @@ -404,6 +409,8 @@ void __insert_inode_hash(struct inode *i
4171 EXPORT_SYMBOL(__insert_inode_hash);
4173 +EXPORT_SYMBOL_GPL(__iget);
4176 * remove_inode_hash - remove an inode from the hash
4177 * @inode: inode to unhash
4178 @@ -1643,9 +1650,11 @@ void init_special_inode(struct inode *in
4179 if (S_ISCHR(mode)) {
4180 inode->i_fop = &def_chr_fops;
4181 inode->i_rdev = rdev;
4182 + inode->i_mdev = rdev;
4183 } else if (S_ISBLK(mode)) {
4184 inode->i_fop = &def_blk_fops;
4185 inode->i_rdev = rdev;
4186 + inode->i_mdev = rdev;
4187 } else if (S_ISFIFO(mode))
4188 inode->i_fop = &def_fifo_fops;
4189 else if (S_ISSOCK(mode))
4190 @@ -1674,6 +1683,7 @@ void inode_init_owner(struct inode *inod
4192 inode->i_gid = current_fsgid();
4193 inode->i_mode = mode;
4194 + inode->i_tag = dx_current_fstag(inode->i_sb);
4196 EXPORT_SYMBOL(inode_init_owner);
4198 diff -NurpP --minimal linux-3.0-rc5/fs/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/ioctl.c
4199 --- linux-3.0-rc5/fs/ioctl.c 2011-05-22 16:17:52.000000000 +0200
4200 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ioctl.c 2011-06-10 22:11:24.000000000 +0200
4202 #include <linux/writeback.h>
4203 #include <linux/buffer_head.h>
4204 #include <linux/falloc.h>
4205 +#include <linux/proc_fs.h>
4206 +#include <linux/vserver/inode.h>
4207 +#include <linux/vs_tag.h>
4209 #include <asm/ioctls.h>
4211 diff -NurpP --minimal linux-3.0-rc5/fs/ioprio.c linux-3.0-rc5-vs2.3.1-pre3/fs/ioprio.c
4212 --- linux-3.0-rc5/fs/ioprio.c 2011-01-05 21:50:24.000000000 +0100
4213 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ioprio.c 2011-06-10 22:11:24.000000000 +0200
4215 #include <linux/syscalls.h>
4216 #include <linux/security.h>
4217 #include <linux/pid_namespace.h>
4218 +#include <linux/vs_base.h>
4220 int set_task_ioprio(struct task_struct *task, int ioprio)
4222 @@ -119,6 +120,8 @@ SYSCALL_DEFINE3(ioprio_set, int, which,
4224 pgrp = find_vpid(who);
4225 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
4226 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
4228 ret = set_task_ioprio(p, ioprio);
4231 @@ -208,6 +211,8 @@ SYSCALL_DEFINE2(ioprio_get, int, which,
4233 pgrp = find_vpid(who);
4234 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
4235 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
4237 tmpio = get_task_ioprio(p);
4240 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/file.c
4241 --- linux-3.0-rc5/fs/jfs/file.c 2011-07-01 11:14:18.000000000 +0200
4242 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/file.c 2011-07-01 11:35:34.000000000 +0200
4243 @@ -102,7 +102,8 @@ int jfs_setattr(struct dentry *dentry, s
4244 if (is_quota_modification(inode, iattr))
4245 dquot_initialize(inode);
4246 if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) ||
4247 - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) {
4248 + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) ||
4249 + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) {
4250 rc = dquot_transfer(inode, iattr);
4253 @@ -133,6 +134,7 @@ const struct inode_operations jfs_file_i
4254 #ifdef CONFIG_JFS_POSIX_ACL
4255 .check_acl = jfs_check_acl,
4257 + .sync_flags = jfs_sync_flags,
4260 const struct file_operations jfs_file_operations = {
4261 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/ioctl.c
4262 --- linux-3.0-rc5/fs/jfs/ioctl.c 2011-05-22 16:17:52.000000000 +0200
4263 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/ioctl.c 2011-06-10 22:11:24.000000000 +0200
4265 #include <linux/mount.h>
4266 #include <linux/time.h>
4267 #include <linux/sched.h>
4268 +#include <linux/mount.h>
4269 #include <asm/current.h>
4270 #include <asm/uaccess.h>
4272 @@ -52,6 +53,16 @@ static long jfs_map_ext2(unsigned long f
4276 +int jfs_sync_flags(struct inode *inode, int flags, int vflags)
4278 + inode->i_flags = flags;
4279 + inode->i_vflags = vflags;
4280 + jfs_get_inode_flags(JFS_IP(inode));
4281 + inode->i_ctime = CURRENT_TIME_SEC;
4282 + mark_inode_dirty(inode);
4286 long jfs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
4288 struct inode *inode = filp->f_dentry->d_inode;
4289 @@ -85,6 +96,11 @@ long jfs_ioctl(struct file *filp, unsign
4290 if (!S_ISDIR(inode->i_mode))
4291 flags &= ~JFS_DIRSYNC_FL;
4293 + if (IS_BARRIER(inode)) {
4294 + vxwprintk_task(1, "messing with the barrier.");
4298 /* Is it quota file? Do not allow user to mess with it */
4299 if (IS_NOQUOTA(inode)) {
4301 @@ -102,8 +118,8 @@ long jfs_ioctl(struct file *filp, unsign
4302 * the relevant capability.
4304 if ((oldflags & JFS_IMMUTABLE_FL) ||
4305 - ((flags ^ oldflags) &
4306 - (JFS_APPEND_FL | JFS_IMMUTABLE_FL))) {
4307 + ((flags ^ oldflags) & (JFS_APPEND_FL |
4308 + JFS_IMMUTABLE_FL | JFS_IXUNLINK_FL))) {
4309 if (!capable(CAP_LINUX_IMMUTABLE)) {
4310 mutex_unlock(&inode->i_mutex);
4312 @@ -111,7 +127,7 @@ long jfs_ioctl(struct file *filp, unsign
4316 - flags = flags & JFS_FL_USER_MODIFIABLE;
4317 + flags &= JFS_FL_USER_MODIFIABLE;
4318 flags |= oldflags & ~JFS_FL_USER_MODIFIABLE;
4319 jfs_inode->mode2 = flags;
4321 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/jfs_dinode.h linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_dinode.h
4322 --- linux-3.0-rc5/fs/jfs/jfs_dinode.h 2008-12-25 00:26:37.000000000 +0100
4323 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_dinode.h 2011-06-10 22:11:24.000000000 +0200
4324 @@ -161,9 +161,13 @@ struct dinode {
4326 #define JFS_APPEND_FL 0x01000000 /* writes to file may only append */
4327 #define JFS_IMMUTABLE_FL 0x02000000 /* Immutable file */
4328 +#define JFS_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
4330 -#define JFS_FL_USER_VISIBLE 0x03F80000
4331 -#define JFS_FL_USER_MODIFIABLE 0x03F80000
4332 +#define JFS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
4333 +#define JFS_COW_FL 0x20000000 /* Copy on Write marker */
4335 +#define JFS_FL_USER_VISIBLE 0x07F80000
4336 +#define JFS_FL_USER_MODIFIABLE 0x07F80000
4337 #define JFS_FL_INHERIT 0x03C80000
4339 /* These are identical to EXT[23]_IOC_GETFLAGS/SETFLAGS */
4340 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/jfs_filsys.h linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_filsys.h
4341 --- linux-3.0-rc5/fs/jfs/jfs_filsys.h 2008-12-25 00:26:37.000000000 +0100
4342 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_filsys.h 2011-06-10 22:11:24.000000000 +0200
4344 #define JFS_NAME_MAX 255
4345 #define JFS_PATH_MAX BPSIZE
4347 +#define JFS_TAGGED 0x00800000 /* Context Tagging */
4350 * file system state (superblock state)
4351 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/jfs_imap.c linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_imap.c
4352 --- linux-3.0-rc5/fs/jfs/jfs_imap.c 2011-07-01 11:14:18.000000000 +0200
4353 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_imap.c 2011-07-01 11:35:34.000000000 +0200
4355 #include <linux/pagemap.h>
4356 #include <linux/quotaops.h>
4357 #include <linux/slab.h>
4358 +#include <linux/vs_tag.h>
4360 #include "jfs_incore.h"
4361 #include "jfs_inode.h"
4362 @@ -3058,6 +3059,8 @@ static int copy_from_dinode(struct dinod
4364 struct jfs_inode_info *jfs_ip = JFS_IP(ip);
4365 struct jfs_sb_info *sbi = JFS_SBI(ip->i_sb);
4369 jfs_ip->fileset = le32_to_cpu(dip->di_fileset);
4370 jfs_ip->mode2 = le32_to_cpu(dip->di_mode);
4371 @@ -3078,14 +3081,18 @@ static int copy_from_dinode(struct dinod
4373 ip->i_nlink = le32_to_cpu(dip->di_nlink);
4375 - jfs_ip->saved_uid = le32_to_cpu(dip->di_uid);
4376 + uid = le32_to_cpu(dip->di_uid);
4377 + gid = le32_to_cpu(dip->di_gid);
4378 + ip->i_tag = INOTAG_TAG(DX_TAG(ip), uid, gid, 0);
4380 + jfs_ip->saved_uid = INOTAG_UID(DX_TAG(ip), uid, gid);
4382 ip->i_uid = jfs_ip->saved_uid;
4384 ip->i_uid = sbi->uid;
4387 - jfs_ip->saved_gid = le32_to_cpu(dip->di_gid);
4388 + jfs_ip->saved_gid = INOTAG_GID(DX_TAG(ip), uid, gid);
4390 ip->i_gid = jfs_ip->saved_gid;
4392 @@ -3150,14 +3157,12 @@ static void copy_to_dinode(struct dinode
4393 dip->di_size = cpu_to_le64(ip->i_size);
4394 dip->di_nblocks = cpu_to_le64(PBLK2LBLK(ip->i_sb, ip->i_blocks));
4395 dip->di_nlink = cpu_to_le32(ip->i_nlink);
4396 - if (sbi->uid == -1)
4397 - dip->di_uid = cpu_to_le32(ip->i_uid);
4399 - dip->di_uid = cpu_to_le32(jfs_ip->saved_uid);
4400 - if (sbi->gid == -1)
4401 - dip->di_gid = cpu_to_le32(ip->i_gid);
4403 - dip->di_gid = cpu_to_le32(jfs_ip->saved_gid);
4405 + dip->di_uid = cpu_to_le32(TAGINO_UID(DX_TAG(ip),
4406 + (sbi->uid == -1) ? ip->i_uid : jfs_ip->saved_uid, ip->i_tag));
4407 + dip->di_gid = cpu_to_le32(TAGINO_GID(DX_TAG(ip),
4408 + (sbi->gid == -1) ? ip->i_gid : jfs_ip->saved_gid, ip->i_tag));
4410 jfs_get_inode_flags(jfs_ip);
4412 * mode2 is only needed for storing the higher order bits.
4413 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/jfs_inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_inode.c
4414 --- linux-3.0-rc5/fs/jfs/jfs_inode.c 2010-08-02 16:52:49.000000000 +0200
4415 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_inode.c 2011-06-10 22:11:24.000000000 +0200
4418 #include <linux/fs.h>
4419 #include <linux/quotaops.h>
4420 +#include <linux/vs_tag.h>
4421 #include "jfs_incore.h"
4422 #include "jfs_inode.h"
4423 #include "jfs_filsys.h"
4424 @@ -30,29 +31,46 @@ void jfs_set_inode_flags(struct inode *i
4426 unsigned int flags = JFS_IP(inode)->mode2;
4428 - inode->i_flags &= ~(S_IMMUTABLE | S_APPEND |
4429 - S_NOATIME | S_DIRSYNC | S_SYNC);
4430 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
4431 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
4433 if (flags & JFS_IMMUTABLE_FL)
4434 inode->i_flags |= S_IMMUTABLE;
4435 + if (flags & JFS_IXUNLINK_FL)
4436 + inode->i_flags |= S_IXUNLINK;
4438 + if (flags & JFS_SYNC_FL)
4439 + inode->i_flags |= S_SYNC;
4440 if (flags & JFS_APPEND_FL)
4441 inode->i_flags |= S_APPEND;
4442 if (flags & JFS_NOATIME_FL)
4443 inode->i_flags |= S_NOATIME;
4444 if (flags & JFS_DIRSYNC_FL)
4445 inode->i_flags |= S_DIRSYNC;
4446 - if (flags & JFS_SYNC_FL)
4447 - inode->i_flags |= S_SYNC;
4449 + inode->i_vflags &= ~(V_BARRIER | V_COW);
4451 + if (flags & JFS_BARRIER_FL)
4452 + inode->i_vflags |= V_BARRIER;
4453 + if (flags & JFS_COW_FL)
4454 + inode->i_vflags |= V_COW;
4457 void jfs_get_inode_flags(struct jfs_inode_info *jfs_ip)
4459 unsigned int flags = jfs_ip->vfs_inode.i_flags;
4460 + unsigned int vflags = jfs_ip->vfs_inode.i_vflags;
4462 + jfs_ip->mode2 &= ~(JFS_IMMUTABLE_FL | JFS_IXUNLINK_FL |
4463 + JFS_APPEND_FL | JFS_NOATIME_FL |
4464 + JFS_DIRSYNC_FL | JFS_SYNC_FL |
4465 + JFS_BARRIER_FL | JFS_COW_FL);
4467 - jfs_ip->mode2 &= ~(JFS_IMMUTABLE_FL | JFS_APPEND_FL | JFS_NOATIME_FL |
4468 - JFS_DIRSYNC_FL | JFS_SYNC_FL);
4469 if (flags & S_IMMUTABLE)
4470 jfs_ip->mode2 |= JFS_IMMUTABLE_FL;
4471 + if (flags & S_IXUNLINK)
4472 + jfs_ip->mode2 |= JFS_IXUNLINK_FL;
4474 if (flags & S_APPEND)
4475 jfs_ip->mode2 |= JFS_APPEND_FL;
4476 if (flags & S_NOATIME)
4477 @@ -61,6 +79,11 @@ void jfs_get_inode_flags(struct jfs_inod
4478 jfs_ip->mode2 |= JFS_DIRSYNC_FL;
4480 jfs_ip->mode2 |= JFS_SYNC_FL;
4482 + if (vflags & V_BARRIER)
4483 + jfs_ip->mode2 |= JFS_BARRIER_FL;
4484 + if (vflags & V_COW)
4485 + jfs_ip->mode2 |= JFS_COW_FL;
4489 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/jfs_inode.h linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_inode.h
4490 --- linux-3.0-rc5/fs/jfs/jfs_inode.h 2011-07-01 11:14:18.000000000 +0200
4491 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/jfs_inode.h 2011-06-10 22:11:24.000000000 +0200
4492 @@ -39,6 +39,7 @@ extern struct dentry *jfs_fh_to_dentry(s
4493 extern struct dentry *jfs_fh_to_parent(struct super_block *sb, struct fid *fid,
4494 int fh_len, int fh_type);
4495 extern void jfs_set_inode_flags(struct inode *);
4496 +extern int jfs_sync_flags(struct inode *, int, int);
4497 extern int jfs_get_block(struct inode *, sector_t, struct buffer_head *, int);
4498 extern int jfs_setattr(struct dentry *, struct iattr *);
4500 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/namei.c linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/namei.c
4501 --- linux-3.0-rc5/fs/jfs/namei.c 2011-05-22 16:17:53.000000000 +0200
4502 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/namei.c 2011-06-10 22:11:24.000000000 +0200
4504 #include <linux/ctype.h>
4505 #include <linux/quotaops.h>
4506 #include <linux/exportfs.h>
4507 +#include <linux/vs_tag.h>
4508 #include "jfs_incore.h"
4509 #include "jfs_superblock.h"
4510 #include "jfs_inode.h"
4511 @@ -1486,6 +1487,7 @@ static struct dentry *jfs_lookup(struct
4512 return ERR_CAST(ip);
4515 + dx_propagate_tag(nd, ip);
4516 return d_splice_alias(ip, dentry);
4519 @@ -1550,6 +1552,7 @@ const struct inode_operations jfs_dir_in
4520 #ifdef CONFIG_JFS_POSIX_ACL
4521 .check_acl = jfs_check_acl,
4523 + .sync_flags = jfs_sync_flags,
4526 const struct file_operations jfs_dir_operations = {
4527 diff -NurpP --minimal linux-3.0-rc5/fs/jfs/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/super.c
4528 --- linux-3.0-rc5/fs/jfs/super.c 2011-05-22 16:17:53.000000000 +0200
4529 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/jfs/super.c 2011-06-10 22:11:24.000000000 +0200
4530 @@ -198,7 +198,8 @@ static void jfs_put_super(struct super_b
4532 Opt_integrity, Opt_nointegrity, Opt_iocharset, Opt_resize,
4533 Opt_resize_nosize, Opt_errors, Opt_ignore, Opt_err, Opt_quota,
4534 - Opt_usrquota, Opt_grpquota, Opt_uid, Opt_gid, Opt_umask
4535 + Opt_usrquota, Opt_grpquota, Opt_uid, Opt_gid, Opt_umask,
4536 + Opt_tag, Opt_notag, Opt_tagid
4539 static const match_table_t tokens = {
4540 @@ -208,6 +209,10 @@ static const match_table_t tokens = {
4541 {Opt_resize, "resize=%u"},
4542 {Opt_resize_nosize, "resize"},
4543 {Opt_errors, "errors=%s"},
4545 + {Opt_notag, "notag"},
4546 + {Opt_tagid, "tagid=%u"},
4547 + {Opt_tag, "tagxid"},
4548 {Opt_ignore, "noquota"},
4549 {Opt_ignore, "quota"},
4550 {Opt_usrquota, "usrquota"},
4551 @@ -342,6 +347,20 @@ static int parse_options(char *options,
4555 +#ifndef CONFIG_TAGGING_NONE
4557 + *flag |= JFS_TAGGED;
4560 + *flag &= JFS_TAGGED;
4563 +#ifdef CONFIG_PROPAGATE
4566 + *flag |= JFS_TAGGED;
4570 printk("jfs: Unrecognized mount option \"%s\" "
4571 " or missing value\n", p);
4572 @@ -373,6 +392,12 @@ static int jfs_remount(struct super_bloc
4576 + if ((flag & JFS_TAGGED) && !(sb->s_flags & MS_TAGGED)) {
4577 + printk(KERN_ERR "JFS: %s: tagging not permitted on remount.\n",
4583 if (sb->s_flags & MS_RDONLY) {
4585 @@ -455,6 +480,9 @@ static int jfs_fill_super(struct super_b
4586 #ifdef CONFIG_JFS_POSIX_ACL
4587 sb->s_flags |= MS_POSIXACL;
4589 + /* map mount option tagxid */
4590 + if (sbi->flag & JFS_TAGGED)
4591 + sb->s_flags |= MS_TAGGED;
4594 printk(KERN_ERR "resize option for remount only\n");
4595 diff -NurpP --minimal linux-3.0-rc5/fs/libfs.c linux-3.0-rc5-vs2.3.1-pre3/fs/libfs.c
4596 --- linux-3.0-rc5/fs/libfs.c 2011-03-15 18:07:32.000000000 +0100
4597 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/libfs.c 2011-06-10 22:11:24.000000000 +0200
4598 @@ -133,7 +133,8 @@ static inline unsigned char dt_type(stru
4599 * both impossible due to the lock on directory.
4602 -int dcache_readdir(struct file * filp, void * dirent, filldir_t filldir)
4603 +static inline int do_dcache_readdir_filter(struct file *filp,
4604 + void *dirent, filldir_t filldir, int (*filter)(struct dentry *dentry))
4606 struct dentry *dentry = filp->f_path.dentry;
4607 struct dentry *cursor = filp->private_data;
4608 @@ -164,6 +165,8 @@ int dcache_readdir(struct file * filp, v
4609 for (p=q->next; p != &dentry->d_subdirs; p=p->next) {
4610 struct dentry *next;
4611 next = list_entry(p, struct dentry, d_u.d_child);
4612 + if (filter && !filter(next))
4614 spin_lock_nested(&next->d_lock, DENTRY_D_LOCK_NESTED);
4615 if (!simple_positive(next)) {
4616 spin_unlock(&next->d_lock);
4617 @@ -190,6 +193,17 @@ int dcache_readdir(struct file * filp, v
4621 +int dcache_readdir(struct file *filp, void *dirent, filldir_t filldir)
4623 + return do_dcache_readdir_filter(filp, dirent, filldir, NULL);
4626 +int dcache_readdir_filter(struct file *filp, void *dirent, filldir_t filldir,
4627 + int (*filter)(struct dentry *))
4629 + return do_dcache_readdir_filter(filp, dirent, filldir, filter);
4632 ssize_t generic_read_dir(struct file *filp, char __user *buf, size_t siz, loff_t *ppos)
4635 @@ -965,6 +979,7 @@ EXPORT_SYMBOL(dcache_dir_close);
4636 EXPORT_SYMBOL(dcache_dir_lseek);
4637 EXPORT_SYMBOL(dcache_dir_open);
4638 EXPORT_SYMBOL(dcache_readdir);
4639 +EXPORT_SYMBOL(dcache_readdir_filter);
4640 EXPORT_SYMBOL(generic_read_dir);
4641 EXPORT_SYMBOL(mount_pseudo);
4642 EXPORT_SYMBOL(simple_write_begin);
4643 diff -NurpP --minimal linux-3.0-rc5/fs/locks.c linux-3.0-rc5-vs2.3.1-pre3/fs/locks.c
4644 --- linux-3.0-rc5/fs/locks.c 2011-05-22 16:17:53.000000000 +0200
4645 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/locks.c 2011-06-10 22:11:24.000000000 +0200
4647 #include <linux/time.h>
4648 #include <linux/rcupdate.h>
4649 #include <linux/pid_namespace.h>
4650 +#include <linux/vs_base.h>
4651 +#include <linux/vs_limit.h>
4653 #include <asm/uaccess.h>
4655 @@ -163,6 +165,8 @@ static struct kmem_cache *filelock_cache
4656 /* Allocate an empty lock structure. */
4657 struct file_lock *locks_alloc_lock(void)
4659 + if (!vx_locks_avail(1))
4661 return kmem_cache_alloc(filelock_cache, GFP_KERNEL);
4663 EXPORT_SYMBOL_GPL(locks_alloc_lock);
4664 @@ -190,6 +194,7 @@ void locks_free_lock(struct file_lock *f
4665 BUG_ON(!list_empty(&fl->fl_block));
4666 BUG_ON(!list_empty(&fl->fl_link));
4669 locks_release_private(fl);
4670 kmem_cache_free(filelock_cache, fl);
4672 @@ -211,6 +216,7 @@ void locks_init_lock(struct file_lock *f
4673 fl->fl_start = fl->fl_end = 0;
4675 fl->fl_lmops = NULL;
4679 EXPORT_SYMBOL(locks_init_lock);
4680 @@ -262,6 +268,7 @@ void locks_copy_lock(struct file_lock *n
4681 new->fl_file = fl->fl_file;
4682 new->fl_ops = fl->fl_ops;
4683 new->fl_lmops = fl->fl_lmops;
4684 + new->fl_xid = fl->fl_xid;
4686 locks_copy_private(new, fl);
4688 @@ -300,6 +307,11 @@ static int flock_make_lock(struct file *
4689 fl->fl_flags = FL_FLOCK;
4691 fl->fl_end = OFFSET_MAX;
4693 + vxd_assert(filp->f_xid == vx_current_xid(),
4694 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
4695 + fl->fl_xid = filp->f_xid;
4700 @@ -449,6 +461,7 @@ static int lease_init(struct file *filp,
4702 fl->fl_owner = current->files;
4703 fl->fl_pid = current->tgid;
4704 + fl->fl_xid = vx_current_xid();
4707 fl->fl_flags = FL_LEASE;
4708 @@ -468,6 +481,11 @@ static struct file_lock *lease_alloc(str
4710 return ERR_PTR(error);
4712 + fl->fl_xid = vx_current_xid();
4714 + vxd_assert(filp->f_xid == fl->fl_xid,
4715 + "f_xid(%d) == fl_xid(%d)", filp->f_xid, fl->fl_xid);
4717 error = lease_init(filp, type, fl);
4719 locks_free_lock(fl);
4720 @@ -769,6 +787,7 @@ static int flock_lock_file(struct file *
4724 + new_fl->fl_xid = -1;
4726 for_each_lock(inode, before) {
4727 struct file_lock *fl = *before;
4728 @@ -789,6 +808,7 @@ find_conflict:
4730 locks_copy_lock(new_fl, request);
4731 locks_insert_lock(before, new_fl);
4732 + vx_locks_inc(new_fl);
4736 @@ -799,7 +819,8 @@ out:
4740 -static int __posix_lock_file(struct inode *inode, struct file_lock *request, struct file_lock *conflock)
4741 +static int __posix_lock_file(struct inode *inode, struct file_lock *request,
4742 + struct file_lock *conflock, xid_t xid)
4744 struct file_lock *fl;
4745 struct file_lock *new_fl = NULL;
4746 @@ -809,6 +830,8 @@ static int __posix_lock_file(struct inod
4747 struct file_lock **before;
4748 int error, added = 0;
4750 + vxd_assert(xid == vx_current_xid(),
4751 + "xid(%d) == current(%d)", xid, vx_current_xid());
4753 * We may need two file_lock structures for this operation,
4754 * so we get them in advance to avoid races.
4755 @@ -819,7 +842,11 @@ static int __posix_lock_file(struct inod
4756 (request->fl_type != F_UNLCK ||
4757 request->fl_start != 0 || request->fl_end != OFFSET_MAX)) {
4758 new_fl = locks_alloc_lock();
4759 + new_fl->fl_xid = xid;
4760 + vx_locks_inc(new_fl);
4761 new_fl2 = locks_alloc_lock();
4762 + new_fl2->fl_xid = xid;
4763 + vx_locks_inc(new_fl2);
4767 @@ -1018,7 +1045,8 @@ static int __posix_lock_file(struct inod
4768 int posix_lock_file(struct file *filp, struct file_lock *fl,
4769 struct file_lock *conflock)
4771 - return __posix_lock_file(filp->f_path.dentry->d_inode, fl, conflock);
4772 + return __posix_lock_file(filp->f_path.dentry->d_inode,
4773 + fl, conflock, filp->f_xid);
4775 EXPORT_SYMBOL(posix_lock_file);
4777 @@ -1108,7 +1136,7 @@ int locks_mandatory_area(int read_write,
4778 fl.fl_end = offset + count - 1;
4781 - error = __posix_lock_file(inode, &fl, NULL);
4782 + error = __posix_lock_file(inode, &fl, NULL, filp->f_xid);
4783 if (error != FILE_LOCK_DEFERRED)
4785 error = wait_event_interruptible(fl.fl_wait, !fl.fl_next);
4786 @@ -1421,6 +1449,7 @@ int generic_setlease(struct file *filp,
4789 locks_insert_lock(before, lease);
4790 + vx_locks_inc(lease);
4794 @@ -1805,6 +1834,11 @@ int fcntl_setlk(unsigned int fd, struct
4795 if (file_lock == NULL)
4798 + vxd_assert(filp->f_xid == vx_current_xid(),
4799 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
4800 + file_lock->fl_xid = filp->f_xid;
4801 + vx_locks_inc(file_lock);
4804 * This might block, so we do it before checking the inode.
4806 @@ -1923,6 +1957,11 @@ int fcntl_setlk64(unsigned int fd, struc
4807 if (file_lock == NULL)
4810 + vxd_assert(filp->f_xid == vx_current_xid(),
4811 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
4812 + file_lock->fl_xid = filp->f_xid;
4813 + vx_locks_inc(file_lock);
4816 * This might block, so we do it before checking the inode.
4818 @@ -2188,8 +2227,11 @@ static int locks_show(struct seq_file *f
4820 lock_get_status(f, fl, *((loff_t *)f->private), "");
4822 - list_for_each_entry(bfl, &fl->fl_block, fl_block)
4823 + list_for_each_entry(bfl, &fl->fl_block, fl_block) {
4824 + if (!vx_check(fl->fl_xid, VS_WATCH_P | VS_IDENT))
4826 lock_get_status(f, bfl, *((loff_t *)f->private), " ->");
4831 diff -NurpP --minimal linux-3.0-rc5/fs/namei.c linux-3.0-rc5-vs2.3.1-pre3/fs/namei.c
4832 --- linux-3.0-rc5/fs/namei.c 2011-07-01 11:14:19.000000000 +0200
4833 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/namei.c 2011-06-22 12:39:15.000000000 +0200
4835 #include <linux/fcntl.h>
4836 #include <linux/device_cgroup.h>
4837 #include <linux/fs_struct.h>
4838 +#include <linux/proc_fs.h>
4839 +#include <linux/vserver/inode.h>
4840 +#include <linux/vs_base.h>
4841 +#include <linux/vs_tag.h>
4842 +#include <linux/vs_cowbl.h>
4843 +#include <linux/vs_device.h>
4844 +#include <linux/vs_context.h>
4845 +#include <linux/pid_namespace.h>
4846 #include <asm/uaccess.h>
4848 #include "internal.h"
4849 @@ -173,6 +181,84 @@ void putname(const char *name)
4850 EXPORT_SYMBOL(putname);
4853 +static inline int dx_barrier(const struct inode *inode)
4855 + if (IS_BARRIER(inode) && !vx_check(0, VS_ADMIN | VS_WATCH)) {
4856 + vxwprintk_task(1, "did hit the barrier.");
4862 +static int __dx_permission(const struct inode *inode, int mask)
4864 + if (dx_barrier(inode))
4867 + if (inode->i_sb->s_magic == DEVPTS_SUPER_MAGIC) {
4868 + /* devpts is xid tagged */
4869 + if (S_ISDIR(inode->i_mode) ||
4870 + vx_check((xid_t)inode->i_tag, VS_IDENT | VS_WATCH_P))
4873 + /* just pretend we didn't find anything */
4876 + else if (inode->i_sb->s_magic == PROC_SUPER_MAGIC) {
4877 + struct proc_dir_entry *de = PDE(inode);
4879 + if (de && !vx_hide_check(0, de->vx_flags))
4882 + if ((mask & (MAY_WRITE | MAY_APPEND))) {
4884 + struct task_struct *tsk;
4886 + if (vx_check(0, VS_ADMIN | VS_WATCH_P) ||
4887 + vx_flags(VXF_STATE_SETUP, 0))
4890 + pid = PROC_I(inode)->pid;
4894 + tsk = pid_task(pid, PIDTYPE_PID);
4895 + vxdprintk(VXD_CBIT(tag, 0), "accessing %p[#%u]",
4896 + tsk, (tsk ? vx_task_xid(tsk) : 0));
4897 + if (tsk && vx_check(vx_task_xid(tsk), VS_IDENT | VS_WATCH_P))
4901 + /* FIXME: Should we block some entries here? */
4906 + if (dx_notagcheck(inode->i_sb) ||
4907 + dx_check(inode->i_tag, DX_HOSTID | DX_ADMIN | DX_WATCH |
4916 +int dx_permission(const struct inode *inode, int mask)
4918 + int ret = __dx_permission(inode, mask);
4919 + if (unlikely(ret)) {
4920 +#ifndef CONFIG_VSERVER_WARN_DEVPTS
4921 + if (inode->i_sb->s_magic != DEVPTS_SUPER_MAGIC)
4924 + "denied [0x%x] access to inode %s:%p[#%d,%lu]",
4925 + mask, inode->i_sb->s_id, inode, inode->i_tag,
4932 * This does basic POSIX ACL permission checking
4934 @@ -283,10 +369,14 @@ int inode_permission(struct inode *inode
4936 * Nobody gets write access to an immutable file.
4938 - if (IS_IMMUTABLE(inode))
4939 + if (IS_IMMUTABLE(inode) && !IS_COW(inode))
4943 + retval = dx_permission(inode, mask);
4947 if (inode->i_op->permission)
4948 retval = inode->i_op->permission(inode, mask, 0);
4950 @@ -580,6 +670,9 @@ static inline int exec_permission(struct
4952 struct user_namespace *ns = inode_userns(inode);
4954 + if (dx_barrier(inode))
4957 if (inode->i_op->permission) {
4958 ret = inode->i_op->permission(inode, MAY_EXEC, flags);
4960 @@ -1082,7 +1175,8 @@ static void follow_dotdot(struct nameida
4962 if (nd->path.dentry == nd->root.dentry &&
4963 nd->path.mnt == nd->root.mnt) {
4965 + /* for sane '/' avoid follow_mount() */
4968 if (nd->path.dentry != nd->path.mnt->mnt_root) {
4969 /* rare case of legitimate dget_parent()... */
4970 @@ -1832,7 +1926,7 @@ static int may_delete(struct inode *dir,
4973 if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)||
4974 - IS_IMMUTABLE(victim->d_inode) || IS_SWAPFILE(victim->d_inode))
4975 + IS_IXORUNLINK(victim->d_inode) || IS_SWAPFILE(victim->d_inode))
4978 if (!S_ISDIR(victim->d_inode->i_mode))
4979 @@ -1959,6 +2053,15 @@ static int may_open(struct path *path, i
4983 +#ifdef CONFIG_VSERVER_COWBL
4984 + if (IS_COW(inode) &&
4985 + ((flag & O_ACCMODE) != O_RDONLY)) {
4986 + if (IS_COW_LINK(inode))
4988 + inode->i_flags &= ~(S_IXUNLINK|S_IMMUTABLE);
4989 + mark_inode_dirty(inode);
4992 error = inode_permission(inode, acc_mode);
4995 @@ -2852,7 +2955,7 @@ int vfs_link(struct dentry *old_dentry,
4997 * A link to an append-only or immutable file cannot be created.
4999 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
5000 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
5002 if (!dir->i_op->link)
5004 @@ -3238,6 +3341,222 @@ int vfs_follow_link(struct nameidata *nd
5005 return __vfs_follow_link(nd, link);
5009 +#ifdef CONFIG_VSERVER_COWBL
5011 +#include <linux/file.h>
5014 +long do_cow_splice(struct file *in, struct file *out, size_t len)
5018 + return do_splice_direct(in, &ppos, out, len, 0);
5021 +struct dentry *cow_break_link(const char *pathname)
5023 + int ret, mode, pathlen, redo = 0;
5024 + struct nameidata old_nd, dir_nd;
5025 + struct path old_path, new_path;
5026 + struct dentry *dir, *res = NULL;
5027 + struct file *old_file;
5028 + struct file *new_file;
5029 + char *to, *path, pad='\251';
5032 + vxdprintk(VXD_CBIT(misc, 1),
5033 + "cow_break_link(" VS_Q("%s") ")", pathname);
5034 + path = kmalloc(PATH_MAX, GFP_KERNEL);
5039 + /* old_nd will have refs to dentry and mnt */
5040 + ret = do_path_lookup(AT_FDCWD, pathname, LOOKUP_FOLLOW, &old_nd);
5041 + vxdprintk(VXD_CBIT(misc, 2), "do_path_lookup(old): %d", ret);
5043 + goto out_free_path;
5045 + old_path = old_nd.path;
5046 + mode = old_path.dentry->d_inode->i_mode;
5048 + to = d_path(&old_path, path, PATH_MAX-2);
5049 + pathlen = strlen(to);
5050 + vxdprintk(VXD_CBIT(misc, 2),
5051 + "old path " VS_Q("%s") " [" VS_Q("%.*s") ":%d]", to,
5052 + old_path.dentry->d_name.len, old_path.dentry->d_name.name,
5053 + old_path.dentry->d_name.len);
5055 + to[pathlen + 1] = 0;
5057 + to[pathlen] = pad--;
5059 + if (pad <= '\240')
5062 + vxdprintk(VXD_CBIT(misc, 1), "temp copy " VS_Q("%s"), to);
5063 + /* dir_nd will have refs to dentry and mnt */
5064 + ret = do_path_lookup(AT_FDCWD, to,
5065 + LOOKUP_PARENT | LOOKUP_OPEN | LOOKUP_CREATE, &dir_nd);
5066 + vxdprintk(VXD_CBIT(misc, 2),
5067 + "do_path_lookup(new): %d", ret);
5071 + /* this puppy downs the inode mutex */
5072 + new_path.dentry = lookup_create(&dir_nd, 0);
5073 + if (!new_path.dentry || IS_ERR(new_path.dentry)) {
5074 + vxdprintk(VXD_CBIT(misc, 2),
5075 + "lookup_create(new): %p", new_path.dentry);
5076 + mutex_unlock(&dir_nd.path.dentry->d_inode->i_mutex);
5077 + path_put(&dir_nd.path);
5080 + vxdprintk(VXD_CBIT(misc, 2),
5081 + "lookup_create(new): %p [" VS_Q("%.*s") ":%d]",
5083 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
5084 + new_path.dentry->d_name.len);
5085 + dir = dir_nd.path.dentry;
5087 + ret = vfs_create(dir_nd.path.dentry->d_inode, new_path.dentry, mode, &dir_nd);
5088 + vxdprintk(VXD_CBIT(misc, 2),
5089 + "vfs_create(new): %d", ret);
5090 + if (ret == -EEXIST) {
5091 + mutex_unlock(&dir->d_inode->i_mutex);
5092 + dput(new_path.dentry);
5093 + path_put(&dir_nd.path);
5097 + goto out_unlock_new;
5099 + /* drop out early, ret passes ENOENT */
5101 + if ((redo = d_unhashed(old_path.dentry)))
5102 + goto out_unlock_new;
5104 + new_path.mnt = dir_nd.path.mnt;
5105 + dget(old_path.dentry);
5106 + mntget(old_path.mnt);
5107 + /* this one cleans up the dentry/mnt in case of failure */
5108 + old_file = dentry_open(old_path.dentry, old_path.mnt,
5109 + O_RDONLY, current_cred());
5110 + vxdprintk(VXD_CBIT(misc, 2),
5111 + "dentry_open(old): %p", old_file);
5112 + if (!old_file || IS_ERR(old_file)) {
5113 + res = IS_ERR(old_file) ? (void *) old_file : res;
5114 + goto out_unlock_new;
5117 + dget(new_path.dentry);
5118 + mntget(new_path.mnt);
5119 + /* this one cleans up the dentry/mnt in case of failure */
5120 + new_file = dentry_open(new_path.dentry, new_path.mnt,
5121 + O_WRONLY, current_cred());
5122 + vxdprintk(VXD_CBIT(misc, 2),
5123 + "dentry_open(new): %p", new_file);
5125 + ret = IS_ERR(new_file) ? PTR_ERR(new_file) : -ENOENT;
5126 + if (!new_file || IS_ERR(new_file))
5127 + goto out_fput_old;
5129 + size = i_size_read(old_file->f_dentry->d_inode);
5130 + ret = do_cow_splice(old_file, new_file, size);
5131 + vxdprintk(VXD_CBIT(misc, 2), "do_splice_direct: %d", ret);
5133 + goto out_fput_both;
5134 + } else if (ret < size) {
5136 + goto out_fput_both;
5138 + struct inode *old_inode = old_path.dentry->d_inode;
5139 + struct inode *new_inode = new_path.dentry->d_inode;
5140 + struct iattr attr = {
5141 + .ia_uid = old_inode->i_uid,
5142 + .ia_gid = old_inode->i_gid,
5143 + .ia_valid = ATTR_UID | ATTR_GID
5146 + setattr_copy(new_inode, &attr);
5147 + mark_inode_dirty(new_inode);
5150 + mutex_lock(&old_path.dentry->d_inode->i_sb->s_vfs_rename_mutex);
5152 + /* drop out late */
5154 + if ((redo = d_unhashed(old_path.dentry)))
5157 + vxdprintk(VXD_CBIT(misc, 2),
5158 + "vfs_rename: [" VS_Q("%*s") ":%d] -> [" VS_Q("%*s") ":%d]",
5159 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
5160 + new_path.dentry->d_name.len,
5161 + old_path.dentry->d_name.len, old_path.dentry->d_name.name,
5162 + old_path.dentry->d_name.len);
5163 + ret = vfs_rename(dir_nd.path.dentry->d_inode, new_path.dentry,
5164 + old_nd.path.dentry->d_parent->d_inode, old_path.dentry);
5165 + vxdprintk(VXD_CBIT(misc, 2), "vfs_rename: %d", ret);
5166 + res = new_path.dentry;
5169 + mutex_unlock(&old_path.dentry->d_inode->i_sb->s_vfs_rename_mutex);
5172 + vxdprintk(VXD_CBIT(misc, 3),
5173 + "fput(new_file=%p[#%ld])", new_file,
5174 + atomic_long_read(&new_file->f_count));
5178 + vxdprintk(VXD_CBIT(misc, 3),
5179 + "fput(old_file=%p[#%ld])", old_file,
5180 + atomic_long_read(&old_file->f_count));
5184 + mutex_unlock(&dir->d_inode->i_mutex);
5188 + /* error path cleanup */
5189 + vfs_unlink(dir->d_inode, new_path.dentry);
5190 + dput(new_path.dentry);
5194 + goto out_rel_both;
5195 + /* lookup dentry once again */
5196 + path_put(&old_nd.path);
5197 + ret = do_path_lookup(AT_FDCWD, pathname, LOOKUP_FOLLOW, &old_nd);
5199 + goto out_rel_both;
5201 + new_path.dentry = old_nd.path.dentry;
5202 + vxdprintk(VXD_CBIT(misc, 2),
5203 + "do_path_lookup(redo): %p [" VS_Q("%.*s") ":%d]",
5205 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
5206 + new_path.dentry->d_name.len);
5207 + dget(new_path.dentry);
5208 + res = new_path.dentry;
5211 + path_put(&dir_nd.path);
5213 + path_put(&old_nd.path);
5218 + res = ERR_PTR(ret);
5224 /* get the link contents into pagecache */
5225 static char *page_getlink(struct dentry * dentry, struct page **ppage)
5227 diff -NurpP --minimal linux-3.0-rc5/fs/namespace.c linux-3.0-rc5-vs2.3.1-pre3/fs/namespace.c
5228 --- linux-3.0-rc5/fs/namespace.c 2011-07-01 11:14:19.000000000 +0200
5229 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/namespace.c 2011-06-13 18:26:48.000000000 +0200
5231 #include <linux/idr.h>
5232 #include <linux/fs_struct.h>
5233 #include <linux/fsnotify.h>
5234 +#include <linux/vs_base.h>
5235 +#include <linux/vs_context.h>
5236 +#include <linux/vs_tag.h>
5237 +#include <linux/vserver/space.h>
5238 +#include <linux/vserver/global.h>
5239 #include <asm/uaccess.h>
5240 #include <asm/unistd.h>
5242 @@ -724,6 +729,7 @@ static struct vfsmount *clone_mnt(struct
5243 mnt->mnt_root = dget(root);
5244 mnt->mnt_mountpoint = mnt->mnt_root;
5245 mnt->mnt_parent = mnt;
5246 + mnt->mnt_tag = old->mnt_tag;
5248 if (flag & CL_SLAVE) {
5249 list_add(&mnt->mnt_slave, &old->mnt_slave_list);
5250 @@ -852,6 +858,31 @@ static inline void mangle(struct seq_fil
5251 seq_escape(m, s, " \t\n\\");
5254 +static int mnt_is_reachable(struct vfsmount *mnt)
5257 + struct dentry *point;
5260 + if (mnt == mnt->mnt_ns->root)
5263 + br_read_lock(vfsmount_lock);
5264 + root = current->fs->root;
5265 + point = root.dentry;
5267 + while ((mnt != mnt->mnt_parent) && (mnt != root.mnt)) {
5268 + point = mnt->mnt_mountpoint;
5269 + mnt = mnt->mnt_parent;
5272 + ret = (mnt == root.mnt) && is_subdir(point, root.dentry);
5274 + br_read_unlock(vfsmount_lock);
5280 * Simple .show_options callback for filesystems which don't want to
5281 * implement more complex mount option showing.
5282 @@ -954,6 +985,8 @@ static int show_sb_opts(struct seq_file
5283 { MS_SYNCHRONOUS, ",sync" },
5284 { MS_DIRSYNC, ",dirsync" },
5285 { MS_MANDLOCK, ",mand" },
5286 + { MS_TAGGED, ",tag" },
5287 + { MS_NOTAGCHECK, ",notagcheck" },
5290 const struct proc_fs_info *fs_infop;
5291 @@ -1000,16 +1033,26 @@ static int show_vfsmnt(struct seq_file *
5293 struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
5295 - if (mnt->mnt_sb->s_op->show_devname) {
5296 - err = mnt->mnt_sb->s_op->show_devname(m, mnt);
5299 + if (vx_flags(VXF_HIDE_MOUNT, 0))
5301 + if (!mnt_is_reachable(mnt) && !vx_check(0, VS_WATCH_P))
5304 + if (!vx_check(0, VS_ADMIN|VS_WATCH) &&
5305 + mnt == current->fs->root.mnt) {
5306 + seq_puts(m, "/dev/root / ");
5308 - mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
5309 + if (mnt->mnt_sb->s_op->show_devname) {
5310 + err = mnt->mnt_sb->s_op->show_devname(m, mnt);
5314 + mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
5317 + seq_path(m, &mnt_path, " \t\n\\");
5321 - seq_path(m, &mnt_path, " \t\n\\");
5323 show_type(m, mnt->mnt_sb);
5324 seq_puts(m, __mnt_is_readonly(mnt) ? " ro" : " rw");
5325 err = show_sb_opts(m, mnt->mnt_sb);
5326 @@ -1039,6 +1082,11 @@ static int show_mountinfo(struct seq_fil
5327 struct path root = p->root;
5330 + if (vx_flags(VXF_HIDE_MOUNT, 0))
5332 + if (!mnt_is_reachable(mnt) && !vx_check(0, VS_WATCH_P))
5335 seq_printf(m, "%i %i %u:%u ", mnt->mnt_id, mnt->mnt_parent->mnt_id,
5336 MAJOR(sb->s_dev), MINOR(sb->s_dev));
5337 if (sb->s_op->show_path)
5338 @@ -1107,21 +1155,31 @@ static int show_vfsstat(struct seq_file
5339 struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
5343 - if (mnt->mnt_sb->s_op->show_devname) {
5344 - err = mnt->mnt_sb->s_op->show_devname(m, mnt);
5345 + if (vx_flags(VXF_HIDE_MOUNT, 0))
5347 + if (!mnt_is_reachable(mnt) && !vx_check(0, VS_WATCH_P))
5350 + if (!vx_check(0, VS_ADMIN|VS_WATCH) &&
5351 + mnt == current->fs->root.mnt) {
5352 + seq_puts(m, "device /dev/root mounted on / ");
5354 - if (mnt->mnt_devname) {
5355 - seq_puts(m, "device ");
5356 - mangle(m, mnt->mnt_devname);
5358 - seq_puts(m, "no device");
5361 + if (mnt->mnt_sb->s_op->show_devname) {
5362 + err = mnt->mnt_sb->s_op->show_devname(m, mnt);
5364 + if (mnt->mnt_devname) {
5365 + seq_puts(m, "device ");
5366 + mangle(m, mnt->mnt_devname);
5368 + seq_puts(m, "no device");
5372 - seq_puts(m, " mounted on ");
5373 - seq_path(m, &mnt_path, " \t\n\\");
5376 + seq_puts(m, " mounted on ");
5377 + seq_path(m, &mnt_path, " \t\n\\");
5381 /* file system type */
5382 seq_puts(m, "with fstype ");
5383 @@ -1380,7 +1438,7 @@ SYSCALL_DEFINE2(umount, char __user *, n
5387 - if (!capable(CAP_SYS_ADMIN))
5388 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
5391 retval = do_umount(path.mnt, flags);
5392 @@ -1406,7 +1464,7 @@ SYSCALL_DEFINE1(oldumount, char __user *
5394 static int mount_is_safe(struct path *path)
5396 - if (capable(CAP_SYS_ADMIN))
5397 + if (vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
5401 @@ -1716,7 +1774,7 @@ static int do_change_type(struct path *p
5405 - if (!capable(CAP_SYS_ADMIN))
5406 + if (!vx_capable(CAP_SYS_ADMIN, VXC_NAMESPACE))
5409 if (path->dentry != path->mnt->mnt_root)
5410 @@ -1732,6 +1790,7 @@ static int do_change_type(struct path *p
5414 + // mnt->mnt_flags = mnt_flags;
5416 br_write_lock(vfsmount_lock);
5417 for (m = mnt; m; m = (recurse ? next_mnt(m, mnt) : NULL))
5418 @@ -1747,12 +1806,14 @@ static int do_change_type(struct path *p
5419 * do loopback mount.
5421 static int do_loopback(struct path *path, char *old_name,
5423 + tag_t tag, unsigned long flags, int mnt_flags)
5425 LIST_HEAD(umount_list);
5426 struct path old_path;
5427 struct vfsmount *mnt = NULL;
5428 int err = mount_is_safe(path);
5429 + int recurse = flags & MS_REC;
5433 if (!old_name || !*old_name)
5434 @@ -1818,12 +1879,12 @@ static int change_mount_flags(struct vfs
5435 * on it - tough luck.
5437 static int do_remount(struct path *path, int flags, int mnt_flags,
5439 + void *data, xid_t xid)
5442 struct super_block *sb = path->mnt->mnt_sb;
5444 - if (!capable(CAP_SYS_ADMIN))
5445 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_REMOUNT))
5448 if (!check_mnt(path->mnt))
5449 @@ -1871,7 +1932,7 @@ static int do_move_mount(struct path *pa
5450 struct path old_path, parent_path;
5453 - if (!capable(CAP_SYS_ADMIN))
5454 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
5456 if (!old_name || !*old_name)
5458 @@ -2022,7 +2083,7 @@ static int do_new_mount(struct path *pat
5461 /* we need capabilities... */
5462 - if (!capable(CAP_SYS_ADMIN))
5463 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
5466 mnt = do_kern_mount(type, flags, name, data);
5467 @@ -2291,6 +2352,7 @@ long do_mount(char *dev_name, char *dir_
5474 if ((flags & MS_MGC_MSK) == MS_MGC_VAL)
5475 @@ -2318,6 +2380,12 @@ long do_mount(char *dev_name, char *dir_
5476 if (!(flags & MS_NOATIME))
5477 mnt_flags |= MNT_RELATIME;
5479 + if (dx_parse_tag(data_page, &tag, 1, &mnt_flags, &flags)) {
5480 + /* FIXME: bind and re-mounts get the tag flag? */
5481 + if (flags & (MS_BIND|MS_REMOUNT))
5482 + flags |= MS_TAGID;
5485 /* Separate the per-mountpoint flags */
5486 if (flags & MS_NOSUID)
5487 mnt_flags |= MNT_NOSUID;
5488 @@ -2334,15 +2402,17 @@ long do_mount(char *dev_name, char *dir_
5489 if (flags & MS_RDONLY)
5490 mnt_flags |= MNT_READONLY;
5492 + if (!capable(CAP_SYS_ADMIN))
5493 + mnt_flags |= MNT_NODEV;
5494 flags &= ~(MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_ACTIVE | MS_BORN |
5495 MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT |
5498 if (flags & MS_REMOUNT)
5499 retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags,
5502 else if (flags & MS_BIND)
5503 - retval = do_loopback(&path, dev_name, flags & MS_REC);
5504 + retval = do_loopback(&path, dev_name, tag, flags, mnt_flags);
5505 else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
5506 retval = do_change_type(&path, flags);
5507 else if (flags & MS_MOVE)
5508 @@ -2442,6 +2512,7 @@ static struct mnt_namespace *dup_mnt_ns(
5509 q = next_mnt(q, new_ns->root);
5511 up_write(&namespace_sem);
5512 + atomic_inc(&vs_global_mnt_ns);
5516 @@ -2581,9 +2652,10 @@ SYSCALL_DEFINE2(pivot_root, const char _
5520 - if (IS_MNT_SHARED(old.mnt) ||
5521 - IS_MNT_SHARED(new.mnt->mnt_parent) ||
5522 - IS_MNT_SHARED(root.mnt->mnt_parent))
5523 + if ((IS_MNT_SHARED(old.mnt) ||
5524 + IS_MNT_SHARED(new.mnt->mnt_parent) ||
5525 + IS_MNT_SHARED(root.mnt->mnt_parent)) &&
5526 + !vx_flags(VXF_STATE_SETUP, 0))
5528 if (!check_mnt(root.mnt) || !check_mnt(new.mnt))
5530 @@ -2715,6 +2787,7 @@ void put_mnt_ns(struct mnt_namespace *ns
5531 br_write_unlock(vfsmount_lock);
5532 up_write(&namespace_sem);
5533 release_mounts(&umount_list);
5534 + atomic_dec(&vs_global_mnt_ns);
5537 EXPORT_SYMBOL(put_mnt_ns);
5538 diff -NurpP --minimal linux-3.0-rc5/fs/nfs/client.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/client.c
5539 --- linux-3.0-rc5/fs/nfs/client.c 2011-07-01 11:14:19.000000000 +0200
5540 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/client.c 2011-06-10 22:11:24.000000000 +0200
5541 @@ -780,6 +780,9 @@ static int nfs_init_server_rpcclient(str
5542 if (server->flags & NFS_MOUNT_SOFT)
5543 server->client->cl_softrtry = 1;
5545 + server->client->cl_tag = 0;
5546 + if (server->flags & NFS_MOUNT_TAGGED)
5547 + server->client->cl_tag = 1;
5551 @@ -951,6 +954,10 @@ static void nfs_server_set_fsinfo(struct
5552 server->acdirmin = server->acdirmax = 0;
5555 + /* FIXME: needs fsinfo
5556 + if (server->flags & NFS_MOUNT_TAGGED)
5557 + sb->s_flags |= MS_TAGGED; */
5559 server->maxfilesize = fsinfo->maxfilesize;
5561 server->time_delta = fsinfo->time_delta;
5562 diff -NurpP --minimal linux-3.0-rc5/fs/nfs/dir.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/dir.c
5563 --- linux-3.0-rc5/fs/nfs/dir.c 2011-07-01 11:14:19.000000000 +0200
5564 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/dir.c 2011-06-10 22:11:24.000000000 +0200
5566 #include <linux/sched.h>
5567 #include <linux/kmemleak.h>
5568 #include <linux/xattr.h>
5569 +#include <linux/vs_tag.h>
5571 #include "delegation.h"
5573 @@ -1298,6 +1299,7 @@ static struct dentry *nfs_lookup(struct
5575 goto out_unblock_sillyrename;
5577 + dx_propagate_tag(nd, inode);
5579 res = d_materialise_unique(dentry, inode);
5581 diff -NurpP --minimal linux-3.0-rc5/fs/nfs/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/inode.c
5582 --- linux-3.0-rc5/fs/nfs/inode.c 2011-07-01 11:14:19.000000000 +0200
5583 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/inode.c 2011-07-01 11:35:34.000000000 +0200
5585 #include <linux/nfs_xdr.h>
5586 #include <linux/slab.h>
5587 #include <linux/compat.h>
5588 +#include <linux/vs_tag.h>
5590 #include <asm/system.h>
5591 #include <asm/uaccess.h>
5592 @@ -273,6 +274,8 @@ nfs_fhget(struct super_block *sb, struct
5593 if (inode->i_state & I_NEW) {
5594 struct nfs_inode *nfsi = NFS_I(inode);
5595 unsigned long now = jiffies;
5599 /* We set i_ino for the few things that still rely on it,
5600 * such as stat(2) */
5601 @@ -321,8 +324,8 @@ nfs_fhget(struct super_block *sb, struct
5602 nfsi->change_attr = 0;
5605 - inode->i_uid = -2;
5606 - inode->i_gid = -2;
5609 inode->i_blocks = 0;
5610 memset(nfsi->cookieverf, 0, sizeof(nfsi->cookieverf));
5612 @@ -359,13 +362,13 @@ nfs_fhget(struct super_block *sb, struct
5613 else if (nfs_server_capable(inode, NFS_CAP_NLINK))
5614 nfsi->cache_validity |= NFS_INO_INVALID_ATTR;
5615 if (fattr->valid & NFS_ATTR_FATTR_OWNER)
5616 - inode->i_uid = fattr->uid;
5618 else if (nfs_server_capable(inode, NFS_CAP_OWNER))
5619 nfsi->cache_validity |= NFS_INO_INVALID_ATTR
5620 | NFS_INO_INVALID_ACCESS
5621 | NFS_INO_INVALID_ACL;
5622 if (fattr->valid & NFS_ATTR_FATTR_GROUP)
5623 - inode->i_gid = fattr->gid;
5625 else if (nfs_server_capable(inode, NFS_CAP_OWNER_GROUP))
5626 nfsi->cache_validity |= NFS_INO_INVALID_ATTR
5627 | NFS_INO_INVALID_ACCESS
5628 @@ -378,6 +381,11 @@ nfs_fhget(struct super_block *sb, struct
5630 inode->i_blocks = nfs_calc_block_size(fattr->du.nfs3.used);
5632 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
5633 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
5634 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid, 0);
5635 + /* maybe fattr->xid someday */
5637 nfsi->attrtimeo = NFS_MINATTRTIMEO(inode);
5638 nfsi->attrtimeo_timestamp = now;
5639 nfsi->access_cache = RB_ROOT;
5640 @@ -494,6 +502,8 @@ void nfs_setattr_update_inode(struct ino
5641 inode->i_uid = attr->ia_uid;
5642 if ((attr->ia_valid & ATTR_GID) != 0)
5643 inode->i_gid = attr->ia_gid;
5644 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
5645 + inode->i_tag = attr->ia_tag;
5646 NFS_I(inode)->cache_validity |= NFS_INO_INVALID_ACCESS|NFS_INO_INVALID_ACL;
5647 spin_unlock(&inode->i_lock);
5649 @@ -941,6 +951,9 @@ static int nfs_check_inode_attributes(st
5650 struct nfs_inode *nfsi = NFS_I(inode);
5651 loff_t cur_size, new_isize;
5652 unsigned long invalid = 0;
5658 /* Has the inode gone and changed behind our back? */
5659 @@ -964,13 +977,18 @@ static int nfs_check_inode_attributes(st
5660 invalid |= NFS_INO_INVALID_ATTR|NFS_INO_REVAL_PAGECACHE;
5663 + uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
5664 + gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
5665 + tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
5667 /* Have any file permissions changed? */
5668 if ((fattr->valid & NFS_ATTR_FATTR_MODE) && (inode->i_mode & S_IALLUGO) != (fattr->mode & S_IALLUGO))
5669 invalid |= NFS_INO_INVALID_ATTR | NFS_INO_INVALID_ACCESS | NFS_INO_INVALID_ACL;
5670 - if ((fattr->valid & NFS_ATTR_FATTR_OWNER) && inode->i_uid != fattr->uid)
5671 + if ((fattr->valid & NFS_ATTR_FATTR_OWNER) && uid != fattr->uid)
5672 invalid |= NFS_INO_INVALID_ATTR | NFS_INO_INVALID_ACCESS | NFS_INO_INVALID_ACL;
5673 - if ((fattr->valid & NFS_ATTR_FATTR_GROUP) && inode->i_gid != fattr->gid)
5674 + if ((fattr->valid & NFS_ATTR_FATTR_GROUP) && gid != fattr->gid)
5675 invalid |= NFS_INO_INVALID_ATTR | NFS_INO_INVALID_ACCESS | NFS_INO_INVALID_ACL;
5676 + /* maybe check for tag too? */
5678 /* Has the link count changed? */
5679 if ((fattr->valid & NFS_ATTR_FATTR_NLINK) && inode->i_nlink != fattr->nlink)
5680 @@ -1205,6 +1223,9 @@ static int nfs_update_inode(struct inode
5681 unsigned long invalid = 0;
5682 unsigned long now = jiffies;
5683 unsigned long save_cache_validity;
5688 dfprintk(VFS, "NFS: %s(%s/%ld ct=%d info=0x%x)\n",
5689 __func__, inode->i_sb->s_id, inode->i_ino,
5690 @@ -1312,6 +1333,9 @@ static int nfs_update_inode(struct inode
5691 | NFS_INO_REVAL_PAGECACHE
5692 | NFS_INO_REVAL_FORCED);
5694 + uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
5695 + gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
5696 + tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
5698 if (fattr->valid & NFS_ATTR_FATTR_ATIME)
5699 memcpy(&inode->i_atime, &fattr->atime, sizeof(inode->i_atime));
5700 @@ -1333,9 +1357,9 @@ static int nfs_update_inode(struct inode
5701 | NFS_INO_REVAL_FORCED);
5703 if (fattr->valid & NFS_ATTR_FATTR_OWNER) {
5704 - if (inode->i_uid != fattr->uid) {
5705 + if (uid != fattr->uid) {
5706 invalid |= NFS_INO_INVALID_ATTR|NFS_INO_INVALID_ACCESS|NFS_INO_INVALID_ACL;
5707 - inode->i_uid = fattr->uid;
5710 } else if (server->caps & NFS_CAP_OWNER)
5711 invalid |= save_cache_validity & (NFS_INO_INVALID_ATTR
5712 @@ -1344,9 +1368,9 @@ static int nfs_update_inode(struct inode
5713 | NFS_INO_REVAL_FORCED);
5715 if (fattr->valid & NFS_ATTR_FATTR_GROUP) {
5716 - if (inode->i_gid != fattr->gid) {
5717 + if (gid != fattr->gid) {
5718 invalid |= NFS_INO_INVALID_ATTR|NFS_INO_INVALID_ACCESS|NFS_INO_INVALID_ACL;
5719 - inode->i_gid = fattr->gid;
5722 } else if (server->caps & NFS_CAP_OWNER_GROUP)
5723 invalid |= save_cache_validity & (NFS_INO_INVALID_ATTR
5724 @@ -1354,6 +1378,10 @@ static int nfs_update_inode(struct inode
5725 | NFS_INO_INVALID_ACL
5726 | NFS_INO_REVAL_FORCED);
5728 + inode->i_uid = uid;
5729 + inode->i_gid = gid;
5730 + inode->i_tag = tag;
5732 if (fattr->valid & NFS_ATTR_FATTR_NLINK) {
5733 if (inode->i_nlink != fattr->nlink) {
5734 invalid |= NFS_INO_INVALID_ATTR;
5735 diff -NurpP --minimal linux-3.0-rc5/fs/nfs/nfs3xdr.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/nfs3xdr.c
5736 --- linux-3.0-rc5/fs/nfs/nfs3xdr.c 2011-03-15 18:07:32.000000000 +0100
5737 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/nfs3xdr.c 2011-06-10 22:11:24.000000000 +0200
5739 #include <linux/nfs3.h>
5740 #include <linux/nfs_fs.h>
5741 #include <linux/nfsacl.h>
5742 +#include <linux/vs_tag.h>
5743 #include "internal.h"
5745 #define NFSDBG_FACILITY NFSDBG_XDR
5746 @@ -562,7 +563,8 @@ static __be32 *xdr_decode_nfstime3(__be3
5750 -static void encode_sattr3(struct xdr_stream *xdr, const struct iattr *attr)
5751 +static void encode_sattr3(struct xdr_stream *xdr,
5752 + const struct iattr *attr, int tag)
5756 @@ -594,15 +596,19 @@ static void encode_sattr3(struct xdr_str
5760 - if (attr->ia_valid & ATTR_UID) {
5761 + if (attr->ia_valid & ATTR_UID ||
5762 + (tag && (attr->ia_valid & ATTR_TAG))) {
5764 - *p++ = cpu_to_be32(attr->ia_uid);
5765 + *p++ = cpu_to_be32(TAGINO_UID(tag,
5766 + attr->ia_uid, attr->ia_tag));
5770 - if (attr->ia_valid & ATTR_GID) {
5771 + if (attr->ia_valid & ATTR_GID ||
5772 + (tag && (attr->ia_valid & ATTR_TAG))) {
5774 - *p++ = cpu_to_be32(attr->ia_gid);
5775 + *p++ = cpu_to_be32(TAGINO_GID(tag,
5776 + attr->ia_gid, attr->ia_tag));
5780 @@ -878,7 +884,7 @@ static void nfs3_xdr_enc_setattr3args(st
5781 const struct nfs3_sattrargs *args)
5783 encode_nfs_fh3(xdr, args->fh);
5784 - encode_sattr3(xdr, args->sattr);
5785 + encode_sattr3(xdr, args->sattr, req->rq_task->tk_client->cl_tag);
5786 encode_sattrguard3(xdr, args);
5789 @@ -1028,13 +1034,13 @@ static void nfs3_xdr_enc_write3args(stru
5792 static void encode_createhow3(struct xdr_stream *xdr,
5793 - const struct nfs3_createargs *args)
5794 + const struct nfs3_createargs *args, int tag)
5796 encode_uint32(xdr, args->createmode);
5797 switch (args->createmode) {
5798 case NFS3_CREATE_UNCHECKED:
5799 case NFS3_CREATE_GUARDED:
5800 - encode_sattr3(xdr, args->sattr);
5801 + encode_sattr3(xdr, args->sattr, tag);
5803 case NFS3_CREATE_EXCLUSIVE:
5804 encode_createverf3(xdr, args->verifier);
5805 @@ -1049,7 +1055,7 @@ static void nfs3_xdr_enc_create3args(str
5806 const struct nfs3_createargs *args)
5808 encode_diropargs3(xdr, args->fh, args->name, args->len);
5809 - encode_createhow3(xdr, args);
5810 + encode_createhow3(xdr, args, req->rq_task->tk_client->cl_tag);
5814 @@ -1065,7 +1071,7 @@ static void nfs3_xdr_enc_mkdir3args(stru
5815 const struct nfs3_mkdirargs *args)
5817 encode_diropargs3(xdr, args->fh, args->name, args->len);
5818 - encode_sattr3(xdr, args->sattr);
5819 + encode_sattr3(xdr, args->sattr, req->rq_task->tk_client->cl_tag);
5823 @@ -1082,9 +1088,9 @@ static void nfs3_xdr_enc_mkdir3args(stru
5826 static void encode_symlinkdata3(struct xdr_stream *xdr,
5827 - const struct nfs3_symlinkargs *args)
5828 + const struct nfs3_symlinkargs *args, int tag)
5830 - encode_sattr3(xdr, args->sattr);
5831 + encode_sattr3(xdr, args->sattr, tag);
5832 encode_nfspath3(xdr, args->pages, args->pathlen);
5835 @@ -1093,7 +1099,7 @@ static void nfs3_xdr_enc_symlink3args(st
5836 const struct nfs3_symlinkargs *args)
5838 encode_diropargs3(xdr, args->fromfh, args->fromname, args->fromlen);
5839 - encode_symlinkdata3(xdr, args);
5840 + encode_symlinkdata3(xdr, args, req->rq_task->tk_client->cl_tag);
5844 @@ -1121,24 +1127,24 @@ static void nfs3_xdr_enc_symlink3args(st
5847 static void encode_devicedata3(struct xdr_stream *xdr,
5848 - const struct nfs3_mknodargs *args)
5849 + const struct nfs3_mknodargs *args, int tag)
5851 - encode_sattr3(xdr, args->sattr);
5852 + encode_sattr3(xdr, args->sattr, tag);
5853 encode_specdata3(xdr, args->rdev);
5856 static void encode_mknoddata3(struct xdr_stream *xdr,
5857 - const struct nfs3_mknodargs *args)
5858 + const struct nfs3_mknodargs *args, int tag)
5860 encode_ftype3(xdr, args->type);
5861 switch (args->type) {
5864 - encode_devicedata3(xdr, args);
5865 + encode_devicedata3(xdr, args, tag);
5869 - encode_sattr3(xdr, args->sattr);
5870 + encode_sattr3(xdr, args->sattr, tag);
5874 @@ -1153,7 +1159,7 @@ static void nfs3_xdr_enc_mknod3args(stru
5875 const struct nfs3_mknodargs *args)
5877 encode_diropargs3(xdr, args->fh, args->name, args->len);
5878 - encode_mknoddata3(xdr, args);
5879 + encode_mknoddata3(xdr, args, req->rq_task->tk_client->cl_tag);
5883 diff -NurpP --minimal linux-3.0-rc5/fs/nfs/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/super.c
5884 --- linux-3.0-rc5/fs/nfs/super.c 2011-07-01 11:14:19.000000000 +0200
5885 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfs/super.c 2011-06-10 22:11:24.000000000 +0200
5887 #include <linux/nfs_xdr.h>
5888 #include <linux/magic.h>
5889 #include <linux/parser.h>
5890 +#include <linux/vs_tag.h>
5892 #include <asm/system.h>
5893 #include <asm/uaccess.h>
5894 @@ -87,6 +88,7 @@ enum {
5895 Opt_sharecache, Opt_nosharecache,
5896 Opt_resvport, Opt_noresvport,
5897 Opt_fscache, Opt_nofscache,
5898 + Opt_tag, Opt_notag,
5900 /* Mount options that take integer arguments */
5902 @@ -100,6 +102,7 @@ enum {
5908 /* Mount options that take string arguments */
5909 Opt_sec, Opt_proto, Opt_mountproto, Opt_mounthost,
5910 @@ -180,6 +183,10 @@ static const match_table_t nfs_mount_opt
5911 { Opt_fscache_uniq, "fsc=%s" },
5912 { Opt_local_lock, "local_lock=%s" },
5914 + { Opt_tag, "tag" },
5915 + { Opt_notag, "notag" },
5916 + { Opt_tagid, "tagid=%u" },
5921 @@ -650,6 +657,7 @@ static void nfs_show_mount_options(struc
5922 { NFS_MOUNT_NORDIRPLUS, ",nordirplus", "" },
5923 { NFS_MOUNT_UNSHARED, ",nosharecache", "" },
5924 { NFS_MOUNT_NORESVPORT, ",noresvport", "" },
5925 + { NFS_MOUNT_TAGGED, ",tag", "" },
5928 const struct proc_nfs_info *nfs_infop;
5929 @@ -1198,6 +1206,14 @@ static int nfs_parse_mount_options(char
5930 kfree(mnt->fscache_uniq);
5931 mnt->fscache_uniq = NULL;
5933 +#ifndef CONFIG_TAGGING_NONE
5935 + mnt->flags |= NFS_MOUNT_TAGGED;
5938 + mnt->flags &= ~NFS_MOUNT_TAGGED;
5943 * options that take numeric values
5944 @@ -1304,6 +1320,12 @@ static int nfs_parse_mount_options(char
5945 goto out_invalid_value;
5946 mnt->minorversion = option;
5948 +#ifdef CONFIG_PROPAGATE
5951 + nfs_data.flags |= NFS_MOUNT_TAGGED;
5956 * options that take text values
5957 diff -NurpP --minimal linux-3.0-rc5/fs/nfsd/auth.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/auth.c
5958 --- linux-3.0-rc5/fs/nfsd/auth.c 2010-02-25 11:52:05.000000000 +0100
5959 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/auth.c 2011-06-10 22:11:24.000000000 +0200
5961 /* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */
5963 #include <linux/sched.h>
5964 +#include <linux/vs_tag.h>
5968 @@ -36,6 +37,9 @@ int nfsd_setuser(struct svc_rqst *rqstp,
5970 new->fsuid = rqstp->rq_cred.cr_uid;
5971 new->fsgid = rqstp->rq_cred.cr_gid;
5972 + /* FIXME: this desperately needs a tag :)
5973 + new->xid = (xid_t)INOTAG_TAG(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid, 0);
5976 rqgi = rqstp->rq_cred.cr_group_info;
5978 diff -NurpP --minimal linux-3.0-rc5/fs/nfsd/nfs3xdr.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/nfs3xdr.c
5979 --- linux-3.0-rc5/fs/nfsd/nfs3xdr.c 2011-07-01 11:14:19.000000000 +0200
5980 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/nfs3xdr.c 2011-06-10 22:11:24.000000000 +0200
5984 #include <linux/namei.h>
5985 +#include <linux/vs_tag.h>
5989 @@ -95,6 +96,8 @@ static __be32 *
5990 decode_sattr3(__be32 *p, struct iattr *iap)
5998 @@ -104,12 +107,15 @@ decode_sattr3(__be32 *p, struct iattr *i
6001 iap->ia_valid |= ATTR_UID;
6002 - iap->ia_uid = ntohl(*p++);
6003 + uid = ntohl(*p++);
6006 iap->ia_valid |= ATTR_GID;
6007 - iap->ia_gid = ntohl(*p++);
6008 + gid = ntohl(*p++);
6010 + iap->ia_uid = INOTAG_UID(DX_TAG_NFSD, uid, gid);
6011 + iap->ia_gid = INOTAG_GID(DX_TAG_NFSD, uid, gid);
6012 + iap->ia_tag = INOTAG_TAG(DX_TAG_NFSD, uid, gid, 0);
6016 @@ -165,8 +171,12 @@ encode_fattr3(struct svc_rqst *rqstp, __
6017 *p++ = htonl(nfs3_ftypes[(stat->mode & S_IFMT) >> 12]);
6018 *p++ = htonl((u32) stat->mode);
6019 *p++ = htonl((u32) stat->nlink);
6020 - *p++ = htonl((u32) nfsd_ruid(rqstp, stat->uid));
6021 - *p++ = htonl((u32) nfsd_rgid(rqstp, stat->gid));
6022 + *p++ = htonl((u32) nfsd_ruid(rqstp,
6023 + TAGINO_UID(0 /* FIXME: DX_TAG(dentry->d_inode) */,
6024 + stat->uid, stat->tag)));
6025 + *p++ = htonl((u32) nfsd_rgid(rqstp,
6026 + TAGINO_GID(0 /* FIXME: DX_TAG(dentry->d_inode) */,
6027 + stat->gid, stat->tag)));
6028 if (S_ISLNK(stat->mode) && stat->size > NFS3_MAXPATHLEN) {
6029 p = xdr_encode_hyper(p, (u64) NFS3_MAXPATHLEN);
6031 diff -NurpP --minimal linux-3.0-rc5/fs/nfsd/nfs4xdr.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/nfs4xdr.c
6032 --- linux-3.0-rc5/fs/nfsd/nfs4xdr.c 2011-07-01 11:14:19.000000000 +0200
6033 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/nfs4xdr.c 2011-06-10 22:11:24.000000000 +0200
6035 #include <linux/statfs.h>
6036 #include <linux/utsname.h>
6037 #include <linux/sunrpc/svcauth_gss.h>
6038 +#include <linux/vs_tag.h>
6042 @@ -2090,14 +2091,18 @@ out_acl:
6043 WRITE32(stat.nlink);
6045 if (bmval1 & FATTR4_WORD1_OWNER) {
6046 - status = nfsd4_encode_user(rqstp, stat.uid, &p, &buflen);
6047 + status = nfsd4_encode_user(rqstp,
6048 + TAGINO_UID(DX_TAG(dentry->d_inode),
6049 + stat.uid, stat.tag), &p, &buflen);
6050 if (status == nfserr_resource)
6055 if (bmval1 & FATTR4_WORD1_OWNER_GROUP) {
6056 - status = nfsd4_encode_group(rqstp, stat.gid, &p, &buflen);
6057 + status = nfsd4_encode_group(rqstp,
6058 + TAGINO_GID(DX_TAG(dentry->d_inode),
6059 + stat.gid, stat.tag), &p, &buflen);
6060 if (status == nfserr_resource)
6063 diff -NurpP --minimal linux-3.0-rc5/fs/nfsd/nfsxdr.c linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/nfsxdr.c
6064 --- linux-3.0-rc5/fs/nfsd/nfsxdr.c 2011-05-22 16:17:53.000000000 +0200
6065 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/nfsd/nfsxdr.c 2011-06-10 22:11:24.000000000 +0200
6070 +#include <linux/vs_tag.h>
6072 #define NFSDDBG_FACILITY NFSDDBG_XDR
6074 @@ -88,6 +89,8 @@ static __be32 *
6075 decode_sattr(__be32 *p, struct iattr *iap)
6083 @@ -101,12 +104,15 @@ decode_sattr(__be32 *p, struct iattr *ia
6085 if ((tmp = ntohl(*p++)) != (u32)-1) {
6086 iap->ia_valid |= ATTR_UID;
6087 - iap->ia_uid = tmp;
6090 if ((tmp = ntohl(*p++)) != (u32)-1) {
6091 iap->ia_valid |= ATTR_GID;
6092 - iap->ia_gid = tmp;
6095 + iap->ia_uid = INOTAG_UID(DX_TAG_NFSD, uid, gid);
6096 + iap->ia_gid = INOTAG_GID(DX_TAG_NFSD, uid, gid);
6097 + iap->ia_tag = INOTAG_TAG(DX_TAG_NFSD, uid, gid, 0);
6098 if ((tmp = ntohl(*p++)) != (u32)-1) {
6099 iap->ia_valid |= ATTR_SIZE;
6101 @@ -151,8 +157,10 @@ encode_fattr(struct svc_rqst *rqstp, __b
6102 *p++ = htonl(nfs_ftypes[type >> 12]);
6103 *p++ = htonl((u32) stat->mode);
6104 *p++ = htonl((u32) stat->nlink);
6105 - *p++ = htonl((u32) nfsd_ruid(rqstp, stat->uid));
6106 - *p++ = htonl((u32) nfsd_rgid(rqstp, stat->gid));
6107 + *p++ = htonl((u32) nfsd_ruid(rqstp,
6108 + TAGINO_UID(DX_TAG(dentry->d_inode), stat->uid, stat->tag)));
6109 + *p++ = htonl((u32) nfsd_rgid(rqstp,
6110 + TAGINO_GID(DX_TAG(dentry->d_inode), stat->gid, stat->tag)));
6112 if (S_ISLNK(type) && stat->size > NFS_MAXPATHLEN) {
6113 *p++ = htonl(NFS_MAXPATHLEN);
6114 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/dlmglue.c linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/dlmglue.c
6115 --- linux-3.0-rc5/fs/ocfs2/dlmglue.c 2011-05-22 16:17:53.000000000 +0200
6116 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/dlmglue.c 2011-06-10 22:11:24.000000000 +0200
6117 @@ -2041,6 +2041,7 @@ static void __ocfs2_stuff_meta_lvb(struc
6118 lvb->lvb_iclusters = cpu_to_be32(oi->ip_clusters);
6119 lvb->lvb_iuid = cpu_to_be32(inode->i_uid);
6120 lvb->lvb_igid = cpu_to_be32(inode->i_gid);
6121 + lvb->lvb_itag = cpu_to_be16(inode->i_tag);
6122 lvb->lvb_imode = cpu_to_be16(inode->i_mode);
6123 lvb->lvb_inlink = cpu_to_be16(inode->i_nlink);
6124 lvb->lvb_iatime_packed =
6125 @@ -2091,6 +2092,7 @@ static void ocfs2_refresh_inode_from_lvb
6127 inode->i_uid = be32_to_cpu(lvb->lvb_iuid);
6128 inode->i_gid = be32_to_cpu(lvb->lvb_igid);
6129 + inode->i_tag = be16_to_cpu(lvb->lvb_itag);
6130 inode->i_mode = be16_to_cpu(lvb->lvb_imode);
6131 inode->i_nlink = be16_to_cpu(lvb->lvb_inlink);
6132 ocfs2_unpack_timespec(&inode->i_atime,
6133 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/dlmglue.h linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/dlmglue.h
6134 --- linux-3.0-rc5/fs/ocfs2/dlmglue.h 2010-10-21 13:07:50.000000000 +0200
6135 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/dlmglue.h 2011-06-10 22:11:24.000000000 +0200
6136 @@ -46,7 +46,8 @@ struct ocfs2_meta_lvb {
6139 __be32 lvb_igeneration;
6140 - __be32 lvb_reserved2;
6142 + __be16 lvb_reserved2;
6145 #define OCFS2_QINFO_LVB_VERSION 1
6146 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/file.c
6147 --- linux-3.0-rc5/fs/ocfs2/file.c 2011-07-01 11:14:20.000000000 +0200
6148 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/file.c 2011-06-10 22:43:33.000000000 +0200
6149 @@ -1111,7 +1111,7 @@ int ocfs2_setattr(struct dentry *dentry,
6150 attr->ia_valid &= ~ATTR_SIZE;
6152 #define OCFS2_VALID_ATTRS (ATTR_ATIME | ATTR_MTIME | ATTR_CTIME | ATTR_SIZE \
6153 - | ATTR_GID | ATTR_UID | ATTR_MODE)
6154 + | ATTR_GID | ATTR_UID | ATTR_TAG | ATTR_MODE)
6155 if (!(attr->ia_valid & OCFS2_VALID_ATTRS))
6158 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/inode.c
6159 --- linux-3.0-rc5/fs/ocfs2/inode.c 2011-05-22 16:17:53.000000000 +0200
6160 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/inode.c 2011-06-10 22:11:24.000000000 +0200
6162 #include <linux/highmem.h>
6163 #include <linux/pagemap.h>
6164 #include <linux/quotaops.h>
6165 +#include <linux/vs_tag.h>
6167 #include <asm/byteorder.h>
6169 @@ -78,11 +79,13 @@ void ocfs2_set_inode_flags(struct inode
6171 unsigned int flags = OCFS2_I(inode)->ip_attr;
6173 - inode->i_flags &= ~(S_IMMUTABLE |
6174 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
6175 S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
6177 if (flags & OCFS2_IMMUTABLE_FL)
6178 inode->i_flags |= S_IMMUTABLE;
6179 + if (flags & OCFS2_IXUNLINK_FL)
6180 + inode->i_flags |= S_IXUNLINK;
6182 if (flags & OCFS2_SYNC_FL)
6183 inode->i_flags |= S_SYNC;
6184 @@ -92,25 +95,44 @@ void ocfs2_set_inode_flags(struct inode
6185 inode->i_flags |= S_NOATIME;
6186 if (flags & OCFS2_DIRSYNC_FL)
6187 inode->i_flags |= S_DIRSYNC;
6189 + inode->i_vflags &= ~(V_BARRIER | V_COW);
6191 + if (flags & OCFS2_BARRIER_FL)
6192 + inode->i_vflags |= V_BARRIER;
6193 + if (flags & OCFS2_COW_FL)
6194 + inode->i_vflags |= V_COW;
6197 /* Propagate flags from i_flags to OCFS2_I(inode)->ip_attr */
6198 void ocfs2_get_inode_flags(struct ocfs2_inode_info *oi)
6200 unsigned int flags = oi->vfs_inode.i_flags;
6201 + unsigned int vflags = oi->vfs_inode.i_vflags;
6203 + oi->ip_attr &= ~(OCFS2_SYNC_FL | OCFS2_APPEND_FL |
6204 + OCFS2_IMMUTABLE_FL | OCFS2_IXUNLINK_FL |
6205 + OCFS2_NOATIME_FL | OCFS2_DIRSYNC_FL |
6206 + OCFS2_BARRIER_FL | OCFS2_COW_FL);
6208 + if (flags & S_IMMUTABLE)
6209 + oi->ip_attr |= OCFS2_IMMUTABLE_FL;
6210 + if (flags & S_IXUNLINK)
6211 + oi->ip_attr |= OCFS2_IXUNLINK_FL;
6213 - oi->ip_attr &= ~(OCFS2_SYNC_FL|OCFS2_APPEND_FL|
6214 - OCFS2_IMMUTABLE_FL|OCFS2_NOATIME_FL|OCFS2_DIRSYNC_FL);
6216 oi->ip_attr |= OCFS2_SYNC_FL;
6217 if (flags & S_APPEND)
6218 oi->ip_attr |= OCFS2_APPEND_FL;
6219 - if (flags & S_IMMUTABLE)
6220 - oi->ip_attr |= OCFS2_IMMUTABLE_FL;
6221 if (flags & S_NOATIME)
6222 oi->ip_attr |= OCFS2_NOATIME_FL;
6223 if (flags & S_DIRSYNC)
6224 oi->ip_attr |= OCFS2_DIRSYNC_FL;
6226 + if (vflags & V_BARRIER)
6227 + oi->ip_attr |= OCFS2_BARRIER_FL;
6228 + if (vflags & V_COW)
6229 + oi->ip_attr |= OCFS2_COW_FL;
6232 struct inode *ocfs2_ilookup(struct super_block *sb, u64 blkno)
6233 @@ -241,6 +263,8 @@ void ocfs2_populate_inode(struct inode *
6234 struct super_block *sb;
6235 struct ocfs2_super *osb;
6242 @@ -269,8 +293,12 @@ void ocfs2_populate_inode(struct inode *
6243 inode->i_generation = le32_to_cpu(fe->i_generation);
6244 inode->i_rdev = huge_decode_dev(le64_to_cpu(fe->id1.dev1.i_rdev));
6245 inode->i_mode = le16_to_cpu(fe->i_mode);
6246 - inode->i_uid = le32_to_cpu(fe->i_uid);
6247 - inode->i_gid = le32_to_cpu(fe->i_gid);
6248 + uid = le32_to_cpu(fe->i_uid);
6249 + gid = le32_to_cpu(fe->i_gid);
6250 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
6251 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
6252 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
6253 + /* le16_to_cpu(raw_inode->i_raw_tag)i */ 0);
6255 /* Fast symlinks will have i_size but no allocated clusters. */
6256 if (S_ISLNK(inode->i_mode) && !fe->i_clusters)
6257 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/inode.h linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/inode.h
6258 --- linux-3.0-rc5/fs/ocfs2/inode.h 2011-01-05 21:50:26.000000000 +0100
6259 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/inode.h 2011-06-10 22:11:24.000000000 +0200
6260 @@ -151,6 +151,7 @@ struct buffer_head *ocfs2_bread(struct i
6262 void ocfs2_set_inode_flags(struct inode *inode);
6263 void ocfs2_get_inode_flags(struct ocfs2_inode_info *oi);
6264 +int ocfs2_sync_flags(struct inode *inode, int, int);
6266 static inline blkcnt_t ocfs2_inode_sector_count(struct inode *inode)
6268 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/ioctl.c
6269 --- linux-3.0-rc5/fs/ocfs2/ioctl.c 2011-07-01 11:14:20.000000000 +0200
6270 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/ioctl.c 2011-06-10 22:11:24.000000000 +0200
6271 @@ -78,7 +78,41 @@ static int ocfs2_get_inode_attr(struct i
6275 -static int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
6276 +int ocfs2_sync_flags(struct inode *inode, int flags, int vflags)
6278 + struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
6279 + struct buffer_head *bh = NULL;
6280 + handle_t *handle = NULL;
6283 + status = ocfs2_inode_lock(inode, &bh, 1);
6285 + mlog_errno(status);
6288 + handle = ocfs2_start_trans(osb, OCFS2_INODE_UPDATE_CREDITS);
6289 + if (IS_ERR(handle)) {
6290 + status = PTR_ERR(handle);
6291 + mlog_errno(status);
6295 + inode->i_flags = flags;
6296 + inode->i_vflags = vflags;
6297 + ocfs2_get_inode_flags(OCFS2_I(inode));
6299 + status = ocfs2_mark_inode_dirty(handle, inode, bh);
6301 + mlog_errno(status);
6303 + ocfs2_commit_trans(osb, handle);
6305 + ocfs2_inode_unlock(inode, 1);
6310 +int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
6313 struct ocfs2_inode_info *ocfs2_inode = OCFS2_I(inode);
6314 @@ -103,6 +137,11 @@ static int ocfs2_set_inode_attr(struct i
6315 if (!S_ISDIR(inode->i_mode))
6316 flags &= ~OCFS2_DIRSYNC_FL;
6318 + if (IS_BARRIER(inode)) {
6319 + vxwprintk_task(1, "messing with the barrier.");
6323 handle = ocfs2_start_trans(osb, OCFS2_INODE_UPDATE_CREDITS);
6324 if (IS_ERR(handle)) {
6325 status = PTR_ERR(handle);
6326 @@ -880,6 +919,7 @@ bail:
6331 long ocfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
6333 struct inode *inode = filp->f_path.dentry->d_inode;
6334 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/namei.c linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/namei.c
6335 --- linux-3.0-rc5/fs/ocfs2/namei.c 2011-05-22 16:17:53.000000000 +0200
6336 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/namei.c 2011-06-10 22:11:24.000000000 +0200
6338 #include <linux/slab.h>
6339 #include <linux/highmem.h>
6340 #include <linux/quotaops.h>
6341 +#include <linux/vs_tag.h>
6343 #include <cluster/masklog.h>
6345 @@ -477,6 +478,7 @@ static int __ocfs2_mknod_locked(struct i
6346 struct ocfs2_dinode *fe = NULL;
6347 struct ocfs2_extent_list *fel;
6353 @@ -514,8 +516,11 @@ static int __ocfs2_mknod_locked(struct i
6354 fe->i_suballoc_loc = cpu_to_le64(suballoc_loc);
6355 fe->i_suballoc_bit = cpu_to_le16(suballoc_bit);
6356 fe->i_suballoc_slot = cpu_to_le16(inode_ac->ac_alloc_slot);
6357 - fe->i_uid = cpu_to_le32(inode->i_uid);
6358 - fe->i_gid = cpu_to_le32(inode->i_gid);
6360 + tag = dx_current_fstag(osb->sb);
6361 + fe->i_uid = cpu_to_le32(TAGINO_UID(DX_TAG(inode), inode->i_uid, tag));
6362 + fe->i_gid = cpu_to_le32(TAGINO_GID(DX_TAG(inode), inode->i_gid, tag));
6363 + inode->i_tag = tag;
6364 fe->i_mode = cpu_to_le16(inode->i_mode);
6365 if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode))
6366 fe->id1.dev1.i_rdev = cpu_to_le64(huge_encode_dev(dev));
6367 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/ocfs2.h linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/ocfs2.h
6368 --- linux-3.0-rc5/fs/ocfs2/ocfs2.h 2011-05-22 16:17:53.000000000 +0200
6369 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/ocfs2.h 2011-06-10 22:11:24.000000000 +0200
6370 @@ -272,6 +272,7 @@ enum ocfs2_mount_options
6372 OCFS2_MOUNT_HB_NONE = 1 << 13, /* No heartbeat */
6373 OCFS2_MOUNT_HB_GLOBAL = 1 << 14, /* Global heartbeat */
6374 + OCFS2_MOUNT_TAGGED = 1 << 15, /* use tagging */
6377 #define OCFS2_OSB_SOFT_RO 0x0001
6378 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/ocfs2_fs.h linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/ocfs2_fs.h
6379 --- linux-3.0-rc5/fs/ocfs2/ocfs2_fs.h 2011-05-22 16:17:53.000000000 +0200
6380 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/ocfs2_fs.h 2011-06-10 22:11:24.000000000 +0200
6381 @@ -266,6 +266,11 @@
6382 #define OCFS2_TOPDIR_FL FS_TOPDIR_FL /* Top of directory hierarchies*/
6383 #define OCFS2_RESERVED_FL FS_RESERVED_FL /* reserved for ext2 lib */
6385 +#define OCFS2_IXUNLINK_FL FS_IXUNLINK_FL /* Immutable invert on unlink */
6387 +#define OCFS2_BARRIER_FL FS_BARRIER_FL /* Barrier for chroot() */
6388 +#define OCFS2_COW_FL FS_COW_FL /* Copy on Write marker */
6390 #define OCFS2_FL_VISIBLE FS_FL_USER_VISIBLE /* User visible flags */
6391 #define OCFS2_FL_MODIFIABLE FS_FL_USER_MODIFIABLE /* User modifiable flags */
6393 diff -NurpP --minimal linux-3.0-rc5/fs/ocfs2/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/super.c
6394 --- linux-3.0-rc5/fs/ocfs2/super.c 2011-07-01 11:14:20.000000000 +0200
6395 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/ocfs2/super.c 2011-06-15 02:40:14.000000000 +0200
6396 @@ -184,6 +184,7 @@ enum {
6400 + Opt_tag, Opt_notag, Opt_tagid,
6404 @@ -215,6 +216,9 @@ static const match_table_t tokens = {
6405 {Opt_coherency_full, "coherency=full"},
6406 {Opt_resv_level, "resv_level=%u"},
6407 {Opt_dir_resv_level, "dir_resv_level=%u"},
6409 + {Opt_notag, "notag"},
6410 + {Opt_tagid, "tagid=%u"},
6414 @@ -662,6 +666,13 @@ static int ocfs2_remount(struct super_bl
6418 + if ((osb->s_mount_opt & OCFS2_MOUNT_TAGGED) !=
6419 + (parsed_options.mount_opt & OCFS2_MOUNT_TAGGED)) {
6421 + mlog(ML_ERROR, "Cannot change tagging on remount\n");
6425 /* We're going to/from readonly mode. */
6426 if ((*flags & MS_RDONLY) != (sb->s_flags & MS_RDONLY)) {
6427 /* Disable quota accounting before remounting RO */
6428 @@ -1177,6 +1188,9 @@ static int ocfs2_fill_super(struct super
6430 ocfs2_complete_mount_recovery(osb);
6432 + if (osb->s_mount_opt & OCFS2_MOUNT_TAGGED)
6433 + sb->s_flags |= MS_TAGGED;
6435 if (ocfs2_mount_local(osb))
6436 snprintf(nodestr, sizeof(nodestr), "local");
6438 @@ -1506,6 +1520,20 @@ static int ocfs2_parse_options(struct su
6439 option < OCFS2_MAX_RESV_LEVEL)
6440 mopt->dir_resv_level = option;
6442 +#ifndef CONFIG_TAGGING_NONE
6444 + mopt->mount_opt |= OCFS2_MOUNT_TAGGED;
6447 + mopt->mount_opt &= ~OCFS2_MOUNT_TAGGED;
6450 +#ifdef CONFIG_PROPAGATE
6453 + mopt->mount_opt |= OCFS2_MOUNT_TAGGED;
6458 "Unrecognized mount option \"%s\" "
6459 diff -NurpP --minimal linux-3.0-rc5/fs/open.c linux-3.0-rc5-vs2.3.1-pre3/fs/open.c
6460 --- linux-3.0-rc5/fs/open.c 2011-05-22 16:17:53.000000000 +0200
6461 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/open.c 2011-06-10 22:11:24.000000000 +0200
6463 #include <linux/fs_struct.h>
6464 #include <linux/ima.h>
6465 #include <linux/dnotify.h>
6466 +#include <linux/vs_base.h>
6467 +#include <linux/vs_limit.h>
6468 +#include <linux/vs_tag.h>
6469 +#include <linux/vs_cowbl.h>
6470 +#include <linux/vserver/dlimit.h>
6472 #include "internal.h"
6474 @@ -494,6 +499,12 @@ SYSCALL_DEFINE3(fchmodat, int, dfd, cons
6475 error = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path);
6479 +#ifdef CONFIG_VSERVER_COWBL
6480 + error = cow_check_and_break(&path);
6482 + goto dput_and_out;
6484 inode = path.dentry->d_inode;
6486 error = mnt_want_write(path.mnt);
6487 @@ -531,11 +542,11 @@ static int chown_common(struct path *pat
6488 newattrs.ia_valid = ATTR_CTIME;
6489 if (user != (uid_t) -1) {
6490 newattrs.ia_valid |= ATTR_UID;
6491 - newattrs.ia_uid = user;
6492 + newattrs.ia_uid = dx_map_uid(user);
6494 if (group != (gid_t) -1) {
6495 newattrs.ia_valid |= ATTR_GID;
6496 - newattrs.ia_gid = group;
6497 + newattrs.ia_gid = dx_map_gid(group);
6499 if (!S_ISDIR(inode->i_mode))
6500 newattrs.ia_valid |=
6501 @@ -560,6 +571,10 @@ SYSCALL_DEFINE3(chown, const char __user
6502 error = mnt_want_write(path.mnt);
6505 +#ifdef CONFIG_VSERVER_COWBL
6506 + error = cow_check_and_break(&path);
6509 error = chown_common(&path, user, group);
6510 mnt_drop_write(path.mnt);
6512 @@ -587,6 +602,10 @@ SYSCALL_DEFINE5(fchownat, int, dfd, cons
6513 error = mnt_want_write(path.mnt);
6516 +#ifdef CONFIG_VSERVER_COWBL
6517 + error = cow_check_and_break(&path);
6520 error = chown_common(&path, user, group);
6521 mnt_drop_write(path.mnt);
6523 @@ -606,6 +625,10 @@ SYSCALL_DEFINE3(lchown, const char __use
6524 error = mnt_want_write(path.mnt);
6527 +#ifdef CONFIG_VSERVER_COWBL
6528 + error = cow_check_and_break(&path);
6531 error = chown_common(&path, user, group);
6532 mnt_drop_write(path.mnt);
6534 @@ -857,6 +880,7 @@ static void __put_unused_fd(struct files
6535 __FD_CLR(fd, fdt->open_fds);
6536 if (fd < files->next_fd)
6537 files->next_fd = fd;
6538 + vx_openfd_dec(fd);
6541 void put_unused_fd(unsigned int fd)
6542 diff -NurpP --minimal linux-3.0-rc5/fs/proc/array.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/array.c
6543 --- linux-3.0-rc5/fs/proc/array.c 2011-07-01 11:14:20.000000000 +0200
6544 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/array.c 2011-06-10 22:11:24.000000000 +0200
6546 #include <linux/pid_namespace.h>
6547 #include <linux/ptrace.h>
6548 #include <linux/tracehook.h>
6549 +#include <linux/vs_context.h>
6550 +#include <linux/vs_network.h>
6552 #include <asm/pgtable.h>
6553 #include <asm/processor.h>
6554 @@ -170,6 +172,9 @@ static inline void task_state(struct seq
6556 ppid = pid_alive(p) ?
6557 task_tgid_nr_ns(rcu_dereference(p->real_parent), ns) : 0;
6558 + if (unlikely(vx_current_initpid(p->pid)))
6563 struct task_struct *tracer = tracehook_tracer_task(p);
6564 @@ -287,7 +292,7 @@ static inline void task_sig(struct seq_f
6567 static void render_cap_t(struct seq_file *m, const char *header,
6569 + struct vx_info *vxi, kernel_cap_t *a)
6573 @@ -312,10 +317,11 @@ static inline void task_cap(struct seq_f
6574 cap_bset = cred->cap_bset;
6577 - render_cap_t(m, "CapInh:\t", &cap_inheritable);
6578 - render_cap_t(m, "CapPrm:\t", &cap_permitted);
6579 - render_cap_t(m, "CapEff:\t", &cap_effective);
6580 - render_cap_t(m, "CapBnd:\t", &cap_bset);
6581 + /* FIXME: maybe move the p->vx_info masking to __task_cred() ? */
6582 + render_cap_t(m, "CapInh:\t", p->vx_info, &cap_inheritable);
6583 + render_cap_t(m, "CapPrm:\t", p->vx_info, &cap_permitted);
6584 + render_cap_t(m, "CapEff:\t", p->vx_info, &cap_effective);
6585 + render_cap_t(m, "CapBnd:\t", p->vx_info, &cap_bset);
6588 static inline void task_context_switch_counts(struct seq_file *m,
6589 @@ -337,6 +343,42 @@ static void task_cpus_allowed(struct seq
6593 +int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
6594 + struct pid *pid, struct task_struct *task)
6596 + seq_printf(m, "Proxy:\t%p(%c)\n"
6604 + (task->nsproxy == init_task.nsproxy ? 'I' : '-'),
6605 + atomic_read(&task->nsproxy->count),
6606 + task->nsproxy->uts_ns,
6607 + (task->nsproxy->uts_ns == init_task.nsproxy->uts_ns ? 'I' : '-'),
6608 + task->nsproxy->ipc_ns,
6609 + (task->nsproxy->ipc_ns == init_task.nsproxy->ipc_ns ? 'I' : '-'),
6610 + task->nsproxy->mnt_ns,
6611 + (task->nsproxy->mnt_ns == init_task.nsproxy->mnt_ns ? 'I' : '-'),
6612 + task->nsproxy->pid_ns,
6613 + (task->nsproxy->pid_ns == init_task.nsproxy->pid_ns ? 'I' : '-'),
6614 + task->nsproxy->net_ns,
6615 + (task->nsproxy->net_ns == init_task.nsproxy->net_ns ? 'I' : '-'));
6619 +void task_vs_id(struct seq_file *m, struct task_struct *task)
6621 + if (task_vx_flags(task, VXF_HIDE_VINFO, 0))
6624 + seq_printf(m, "VxID: %d\n", vx_task_xid(task));
6625 + seq_printf(m, "NxID: %d\n", nx_task_nid(task));
6629 int proc_pid_status(struct seq_file *m, struct pid_namespace *ns,
6630 struct pid *pid, struct task_struct *task)
6632 @@ -353,6 +395,7 @@ int proc_pid_status(struct seq_file *m,
6634 task_cpus_allowed(m, task);
6635 cpuset_task_status_allowed(m, task);
6636 + task_vs_id(m, task);
6637 task_context_switch_counts(m, task);
6640 @@ -462,6 +505,17 @@ static int do_task_stat(struct seq_file
6641 /* convert nsec -> ticks */
6642 start_time = nsec_to_clock_t(start_time);
6644 + /* fixup start time for virt uptime */
6645 + if (vx_flags(VXF_VIRT_UPTIME, 0)) {
6646 + unsigned long long bias =
6647 + current->vx_info->cvirt.bias_clock;
6649 + if (start_time > bias)
6650 + start_time -= bias;
6655 seq_printf(m, "%d (%s) %c %d %d %d %d %d %u %lu \
6656 %lu %lu %lu %lu %lu %ld %ld %ld %ld %d 0 %llu %lu %ld %lu %lu %lu %lu %lu \
6657 %lu %lu %lu %lu %lu %lu %lu %lu %d %d %u %u %llu %lu %ld\n",
6658 diff -NurpP --minimal linux-3.0-rc5/fs/proc/base.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/base.c
6659 --- linux-3.0-rc5/fs/proc/base.c 2011-07-01 11:14:20.000000000 +0200
6660 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/base.c 2011-06-22 12:39:15.000000000 +0200
6662 #include <linux/pid_namespace.h>
6663 #include <linux/fs_struct.h>
6664 #include <linux/slab.h>
6665 +#include <linux/vs_context.h>
6666 +#include <linux/vs_network.h>
6667 #ifdef CONFIG_HARDWALL
6668 #include <asm/hardwall.h>
6670 @@ -1102,11 +1104,16 @@ static ssize_t oom_adjust_write(struct f
6674 - if (oom_adjust < task->signal->oom_adj && !capable(CAP_SYS_RESOURCE)) {
6675 + if (oom_adjust < task->signal->oom_adj &&
6676 + !vx_capable(CAP_SYS_RESOURCE, VXC_OOM_ADJUST)) {
6681 + /* prevent guest processes from circumventing the oom killer */
6682 + if (vx_current_xid() && (oom_adjust == OOM_DISABLE))
6683 + oom_adjust = OOM_ADJUST_MIN;
6685 if (oom_adjust != task->signal->oom_adj) {
6686 if (oom_adjust == OOM_DISABLE)
6687 atomic_inc(&task->mm->oom_disable_count);
6688 @@ -1275,7 +1282,7 @@ static ssize_t proc_loginuid_write(struc
6692 - if (!capable(CAP_AUDIT_CONTROL))
6693 + if (!vx_capable(CAP_AUDIT_CONTROL, VXC_AUDIT_CONTROL))
6697 @@ -1722,6 +1729,8 @@ struct inode *proc_pid_make_inode(struct
6698 inode->i_gid = cred->egid;
6701 + /* procfs is xid tagged */
6702 + inode->i_tag = (tag_t)vx_task_xid(task);
6703 security_task_to_inode(task, inode);
6706 @@ -1758,6 +1767,8 @@ int pid_getattr(struct vfsmount *mnt, st
6710 +static unsigned name_to_int(struct dentry *dentry);
6713 * Exceptional case: normally we are not allowed to unhash a busy
6714 * directory. In this case, however, we can do it - no aliasing problems
6715 @@ -1786,6 +1797,12 @@ int pid_revalidate(struct dentry *dentry
6716 task = get_proc_task(inode);
6719 + unsigned pid = name_to_int(dentry);
6721 + if (pid != ~0U && pid != vx_map_pid(task->pid)) {
6722 + put_task_struct(task);
6725 if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
6726 task_dumpable(task)) {
6728 @@ -1802,6 +1819,7 @@ int pid_revalidate(struct dentry *dentry
6729 put_task_struct(task);
6736 @@ -2283,6 +2301,13 @@ static struct dentry *proc_pident_lookup
6740 + /* TODO: maybe we can come up with a generic approach? */
6741 + if (task_vx_flags(task, VXF_HIDE_VINFO, 0) &&
6742 + (dentry->d_name.len == 5) &&
6743 + (!memcmp(dentry->d_name.name, "vinfo", 5) ||
6744 + !memcmp(dentry->d_name.name, "ninfo", 5)))
6748 * Yes, it does not scale. And it should not. Don't add
6749 * new entries into /proc/<tgid>/ without very good reasons.
6750 @@ -2668,7 +2693,7 @@ out_iput:
6751 static struct dentry *proc_base_lookup(struct inode *dir, struct dentry *dentry)
6753 struct dentry *error;
6754 - struct task_struct *task = get_proc_task(dir);
6755 + struct task_struct *task = get_proc_task_real(dir);
6756 const struct pid_entry *p, *last;
6758 error = ERR_PTR(-ENOENT);
6759 @@ -2762,6 +2787,9 @@ static int proc_pid_personality(struct s
6760 static const struct file_operations proc_task_operations;
6761 static const struct inode_operations proc_task_inode_operations;
6763 +extern int proc_pid_vx_info(struct task_struct *, char *);
6764 +extern int proc_pid_nx_info(struct task_struct *, char *);
6766 static const struct pid_entry tgid_base_stuff[] = {
6767 DIR("task", S_IRUGO|S_IXUGO, proc_task_inode_operations, proc_task_operations),
6768 DIR("fd", S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations),
6769 @@ -2825,6 +2853,8 @@ static const struct pid_entry tgid_base_
6770 #ifdef CONFIG_CGROUPS
6771 REG("cgroup", S_IRUGO, proc_cgroup_operations),
6773 + INF("vinfo", S_IRUGO, proc_pid_vx_info),
6774 + INF("ninfo", S_IRUGO, proc_pid_nx_info),
6775 INF("oom_score", S_IRUGO, proc_oom_score),
6776 REG("oom_adj", S_IRUGO|S_IWUSR, proc_oom_adjust_operations),
6777 REG("oom_score_adj", S_IRUGO|S_IWUSR, proc_oom_score_adj_operations),
6778 @@ -2844,6 +2874,7 @@ static const struct pid_entry tgid_base_
6779 #ifdef CONFIG_HARDWALL
6780 INF("hardwall", S_IRUGO, proc_pid_hardwall),
6782 + ONE("nsproxy", S_IRUGO, proc_pid_nsproxy),
6785 static int proc_tgid_base_readdir(struct file * filp,
6786 @@ -3036,7 +3067,7 @@ retry:
6788 pid = find_ge_pid(iter.tgid, ns);
6790 - iter.tgid = pid_nr_ns(pid, ns);
6791 + iter.tgid = pid_unmapped_nr_ns(pid, ns);
6792 iter.task = pid_task(pid, PIDTYPE_PID);
6793 /* What we to know is if the pid we have find is the
6794 * pid of a thread_group_leader. Testing for task
6795 @@ -3066,7 +3097,7 @@ static int proc_pid_fill_cache(struct fi
6796 struct tgid_iter iter)
6798 char name[PROC_NUMBUF];
6799 - int len = snprintf(name, sizeof(name), "%d", iter.tgid);
6800 + int len = snprintf(name, sizeof(name), "%d", vx_map_tgid(iter.tgid));
6801 return proc_fill_cache(filp, dirent, filldir, name, len,
6802 proc_pid_instantiate, iter.task, NULL);
6804 @@ -3083,7 +3114,7 @@ int proc_pid_readdir(struct file * filp,
6806 nr = filp->f_pos - FIRST_PROCESS_ENTRY;
6808 - reaper = get_proc_task(filp->f_path.dentry->d_inode);
6809 + reaper = get_proc_task_real(filp->f_path.dentry->d_inode);
6813 @@ -3100,6 +3131,8 @@ int proc_pid_readdir(struct file * filp,
6815 iter.tgid += 1, iter = next_tgid(ns, iter)) {
6816 filp->f_pos = iter.tgid + TGID_OFFSET;
6817 + if (!vx_proc_task_visible(iter.task))
6819 if (proc_pid_fill_cache(filp, dirent, filldir, iter) < 0) {
6820 put_task_struct(iter.task);
6822 @@ -3253,6 +3286,8 @@ static struct dentry *proc_task_lookup(s
6823 tid = name_to_int(dentry);
6826 + if (vx_current_initpid(tid))
6829 ns = dentry->d_sb->s_fs_info;
6831 diff -NurpP --minimal linux-3.0-rc5/fs/proc/generic.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/generic.c
6832 --- linux-3.0-rc5/fs/proc/generic.c 2011-07-01 11:14:20.000000000 +0200
6833 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/generic.c 2011-06-10 22:11:24.000000000 +0200
6835 #include <linux/bitops.h>
6836 #include <linux/spinlock.h>
6837 #include <linux/completion.h>
6838 +#include <linux/vserver/inode.h>
6839 #include <asm/uaccess.h>
6841 #include "internal.h"
6842 @@ -424,11 +425,15 @@ struct dentry *proc_lookup_de(struct pro
6843 for (de = de->subdir; de ; de = de->next) {
6844 if (de->namelen != dentry->d_name.len)
6846 + if (!vx_hide_check(0, de->vx_flags))
6848 if (!memcmp(dentry->d_name.name, de->name, de->namelen)) {
6850 spin_unlock(&proc_subdir_lock);
6852 inode = proc_get_inode(dir->i_sb, de);
6853 + /* generic proc entries belong to the host */
6858 @@ -506,6 +511,8 @@ int proc_readdir_de(struct proc_dir_entr
6860 /* filldir passes info to user space */
6862 + if (!vx_hide_check(0, de->vx_flags))
6864 spin_unlock(&proc_subdir_lock);
6865 if (filldir(dirent, de->name, de->namelen, filp->f_pos,
6866 de->low_ino, de->mode >> 12) < 0) {
6867 @@ -513,6 +520,7 @@ int proc_readdir_de(struct proc_dir_entr
6870 spin_lock(&proc_subdir_lock);
6875 @@ -627,6 +635,7 @@ static struct proc_dir_entry *__proc_cre
6877 atomic_set(&ent->count, 1);
6879 + ent->vx_flags = IATTR_PROC_DEFAULT;
6880 spin_lock_init(&ent->pde_unload_lock);
6881 ent->pde_unload_completion = NULL;
6882 INIT_LIST_HEAD(&ent->pde_openers);
6883 @@ -650,7 +659,8 @@ struct proc_dir_entry *proc_symlink(cons
6889 + ent->vx_flags = IATTR_PROC_SYMLINK;
6893 diff -NurpP --minimal linux-3.0-rc5/fs/proc/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/inode.c
6894 --- linux-3.0-rc5/fs/proc/inode.c 2011-07-01 11:14:20.000000000 +0200
6895 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/inode.c 2011-06-10 22:11:24.000000000 +0200
6896 @@ -442,6 +442,8 @@ struct inode *proc_get_inode(struct supe
6897 inode->i_uid = de->uid;
6898 inode->i_gid = de->gid;
6901 + PROC_I(inode)->vx_flags = de->vx_flags;
6903 inode->i_size = de->size;
6905 diff -NurpP --minimal linux-3.0-rc5/fs/proc/internal.h linux-3.0-rc5-vs2.3.1-pre3/fs/proc/internal.h
6906 --- linux-3.0-rc5/fs/proc/internal.h 2011-07-01 11:14:20.000000000 +0200
6907 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/internal.h 2011-06-10 22:11:24.000000000 +0200
6911 #include <linux/proc_fs.h>
6912 +#include <linux/vs_pid.h>
6914 extern struct proc_dir_entry proc_root;
6915 #ifdef CONFIG_PROC_SYSCTL
6916 @@ -51,6 +52,9 @@ extern int proc_pid_status(struct seq_fi
6917 struct pid *pid, struct task_struct *task);
6918 extern int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
6919 struct pid *pid, struct task_struct *task);
6920 +extern int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
6921 + struct pid *pid, struct task_struct *task);
6923 extern loff_t mem_lseek(struct file *file, loff_t offset, int orig);
6925 extern const struct file_operations proc_maps_operations;
6926 @@ -76,11 +80,16 @@ static inline struct pid *proc_pid(struc
6927 return PROC_I(inode)->pid;
6930 -static inline struct task_struct *get_proc_task(struct inode *inode)
6931 +static inline struct task_struct *get_proc_task_real(struct inode *inode)
6933 return get_pid_task(proc_pid(inode), PIDTYPE_PID);
6936 +static inline struct task_struct *get_proc_task(struct inode *inode)
6938 + return vx_get_proc_task(inode, proc_pid(inode));
6941 static inline int proc_fd(struct inode *inode)
6943 return PROC_I(inode)->fd;
6944 diff -NurpP --minimal linux-3.0-rc5/fs/proc/loadavg.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/loadavg.c
6945 --- linux-3.0-rc5/fs/proc/loadavg.c 2009-09-10 15:26:23.000000000 +0200
6946 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/loadavg.c 2011-06-10 22:11:24.000000000 +0200
6949 static int loadavg_proc_show(struct seq_file *m, void *v)
6951 + unsigned long running;
6952 + unsigned int threads;
6953 unsigned long avnrun[3];
6955 get_avenrun(avnrun, FIXED_1/200, 0);
6957 + if (vx_flags(VXF_VIRT_LOAD, 0)) {
6958 + struct vx_info *vxi = current_vx_info();
6960 + running = atomic_read(&vxi->cvirt.nr_running);
6961 + threads = atomic_read(&vxi->cvirt.nr_threads);
6963 + running = nr_running();
6964 + threads = nr_threads;
6967 seq_printf(m, "%lu.%02lu %lu.%02lu %lu.%02lu %ld/%d %d\n",
6968 LOAD_INT(avnrun[0]), LOAD_FRAC(avnrun[0]),
6969 LOAD_INT(avnrun[1]), LOAD_FRAC(avnrun[1]),
6970 LOAD_INT(avnrun[2]), LOAD_FRAC(avnrun[2]),
6971 - nr_running(), nr_threads,
6973 task_active_pid_ns(current)->last_pid);
6976 diff -NurpP --minimal linux-3.0-rc5/fs/proc/meminfo.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/meminfo.c
6977 --- linux-3.0-rc5/fs/proc/meminfo.c 2011-03-15 18:07:33.000000000 +0100
6978 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/meminfo.c 2011-06-10 22:11:24.000000000 +0200
6979 @@ -39,7 +39,8 @@ static int meminfo_proc_show(struct seq_
6980 allowed = ((totalram_pages - hugetlb_total_pages())
6981 * sysctl_overcommit_ratio / 100) + total_swap_pages;
6983 - cached = global_page_state(NR_FILE_PAGES) -
6984 + cached = vx_flags(VXF_VIRT_MEM, 0) ?
6985 + vx_vsi_cached(&i) : global_page_state(NR_FILE_PAGES) -
6986 total_swapcache_pages - i.bufferram;
6989 diff -NurpP --minimal linux-3.0-rc5/fs/proc/root.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/root.c
6990 --- linux-3.0-rc5/fs/proc/root.c 2011-07-01 11:14:20.000000000 +0200
6991 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/root.c 2011-06-22 12:39:15.000000000 +0200
6993 #include <linux/bitops.h>
6994 #include <linux/mount.h>
6995 #include <linux/pid_namespace.h>
6996 +#include <linux/vserver/inode.h>
6998 #include "internal.h"
7000 +struct proc_dir_entry *proc_virtual;
7002 +extern void proc_vx_init(void);
7004 static int proc_test_super(struct super_block *sb, void *data)
7006 return sb->s_fs_info == data;
7007 @@ -125,6 +130,7 @@ void __init proc_root_init(void)
7009 proc_mkdir("bus", NULL);
7014 static int proc_root_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat
7015 @@ -193,6 +199,7 @@ struct proc_dir_entry proc_root = {
7016 .proc_iops = &proc_root_inode_operations,
7017 .proc_fops = &proc_root_operations,
7018 .parent = &proc_root,
7019 + .vx_flags = IATTR_ADMIN | IATTR_WATCH,
7022 int pid_ns_prepare_proc(struct pid_namespace *ns)
7023 diff -NurpP --minimal linux-3.0-rc5/fs/proc/uptime.c linux-3.0-rc5-vs2.3.1-pre3/fs/proc/uptime.c
7024 --- linux-3.0-rc5/fs/proc/uptime.c 2009-12-03 20:02:53.000000000 +0100
7025 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/proc/uptime.c 2011-06-10 22:11:24.000000000 +0200
7027 #include <linux/sched.h>
7028 #include <linux/seq_file.h>
7029 #include <linux/time.h>
7030 -#include <linux/kernel_stat.h>
7031 +#include <linux/vserver/cvirt.h>
7032 #include <asm/cputime.h>
7034 static int uptime_proc_show(struct seq_file *m, void *v)
7036 struct timespec uptime;
7037 struct timespec idle;
7039 - cputime_t idletime = cputime_zero;
7041 - for_each_possible_cpu(i)
7042 - idletime = cputime64_add(idletime, kstat_cpu(i).cpustat.idle);
7043 + cputime_t idletime = cputime_add(init_task.utime, init_task.stime);
7045 do_posix_clock_monotonic_gettime(&uptime);
7046 monotonic_to_bootbased(&uptime);
7047 cputime_to_timespec(idletime, &idle);
7049 + if (vx_flags(VXF_VIRT_UPTIME, 0))
7050 + vx_vsi_uptime(&uptime, &idle);
7052 seq_printf(m, "%lu.%02lu %lu.%02lu\n",
7053 (unsigned long) uptime.tv_sec,
7054 (uptime.tv_nsec / (NSEC_PER_SEC / 100)),
7055 diff -NurpP --minimal linux-3.0-rc5/fs/quota/dquot.c linux-3.0-rc5-vs2.3.1-pre3/fs/quota/dquot.c
7056 --- linux-3.0-rc5/fs/quota/dquot.c 2011-07-01 11:14:20.000000000 +0200
7057 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/quota/dquot.c 2011-06-10 22:11:24.000000000 +0200
7058 @@ -1548,6 +1548,9 @@ int __dquot_alloc_space(struct inode *in
7059 int reserve = flags & DQUOT_SPACE_RESERVE;
7060 int nofail = flags & DQUOT_SPACE_NOFAIL;
7062 + if ((ret = dl_alloc_space(inode, number)))
7066 * First test before acquiring mutex - solves deadlocks when we
7067 * re-enter the quota code and are already holding the mutex
7068 @@ -1602,6 +1605,9 @@ int dquot_alloc_inode(const struct inode
7070 char warntype[MAXQUOTAS];
7072 + if ((ret = dl_alloc_inode(inode)))
7075 /* First test before acquiring mutex - solves deadlocks when we
7076 * re-enter the quota code and are already holding the mutex */
7077 if (!dquot_active(inode))
7078 @@ -1672,6 +1678,8 @@ void __dquot_free_space(struct inode *in
7079 char warntype[MAXQUOTAS];
7080 int reserve = flags & DQUOT_SPACE_RESERVE;
7082 + dl_free_space(inode, number);
7084 /* First test before acquiring mutex - solves deadlocks when we
7085 * re-enter the quota code and are already holding the mutex */
7086 if (!dquot_active(inode)) {
7087 @@ -1710,6 +1718,8 @@ void dquot_free_inode(const struct inode
7089 char warntype[MAXQUOTAS];
7091 + dl_free_inode(inode);
7093 /* First test before acquiring mutex - solves deadlocks when we
7094 * re-enter the quota code and are already holding the mutex */
7095 if (!dquot_active(inode))
7096 diff -NurpP --minimal linux-3.0-rc5/fs/quota/quota.c linux-3.0-rc5-vs2.3.1-pre3/fs/quota/quota.c
7097 --- linux-3.0-rc5/fs/quota/quota.c 2011-03-15 18:07:34.000000000 +0100
7098 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/quota/quota.c 2011-06-13 18:19:47.000000000 +0200
7100 #include <linux/fs.h>
7101 #include <linux/namei.h>
7102 #include <linux/slab.h>
7103 +#include <linux/vs_context.h>
7104 #include <asm/current.h>
7105 #include <asm/uaccess.h>
7106 #include <linux/kernel.h>
7107 @@ -38,7 +39,7 @@ static int check_quotactl_permission(str
7111 - if (!capable(CAP_SYS_ADMIN))
7112 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
7116 @@ -293,6 +294,46 @@ static int do_quotactl(struct super_bloc
7120 +#if defined(CONFIG_BLK_DEV_VROOT) || defined(CONFIG_BLK_DEV_VROOT_MODULE)
7122 +#include <linux/vroot.h>
7123 +#include <linux/major.h>
7124 +#include <linux/module.h>
7125 +#include <linux/kallsyms.h>
7126 +#include <linux/vserver/debug.h>
7128 +static vroot_grb_func *vroot_get_real_bdev = NULL;
7130 +static DEFINE_SPINLOCK(vroot_grb_lock);
7132 +int register_vroot_grb(vroot_grb_func *func) {
7135 + spin_lock(&vroot_grb_lock);
7136 + if (!vroot_get_real_bdev) {
7137 + vroot_get_real_bdev = func;
7140 + spin_unlock(&vroot_grb_lock);
7143 +EXPORT_SYMBOL(register_vroot_grb);
7145 +int unregister_vroot_grb(vroot_grb_func *func) {
7146 + int ret = -EINVAL;
7148 + spin_lock(&vroot_grb_lock);
7149 + if (vroot_get_real_bdev) {
7150 + vroot_get_real_bdev = NULL;
7153 + spin_unlock(&vroot_grb_lock);
7156 +EXPORT_SYMBOL(unregister_vroot_grb);
7161 * look up a superblock on which quota ops will be performed
7162 * - use the name of a block device to find the superblock thereon
7163 @@ -310,6 +351,22 @@ static struct super_block *quotactl_bloc
7166 return ERR_CAST(bdev);
7167 +#if defined(CONFIG_BLK_DEV_VROOT) || defined(CONFIG_BLK_DEV_VROOT_MODULE)
7168 + if (bdev && bdev->bd_inode &&
7169 + imajor(bdev->bd_inode) == VROOT_MAJOR) {
7170 + struct block_device *bdnew = (void *)-EINVAL;
7172 + if (vroot_get_real_bdev)
7173 + bdnew = vroot_get_real_bdev(bdev);
7175 + vxdprintk(VXD_CBIT(misc, 0),
7176 + "vroot_get_real_bdev not set");
7178 + if (IS_ERR(bdnew))
7179 + return ERR_PTR(PTR_ERR(bdnew));
7183 sb = get_super(bdev);
7186 diff -NurpP --minimal linux-3.0-rc5/fs/reiserfs/file.c linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/file.c
7187 --- linux-3.0-rc5/fs/reiserfs/file.c 2011-01-05 21:50:26.000000000 +0100
7188 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/file.c 2011-06-10 22:11:24.000000000 +0200
7189 @@ -312,4 +312,5 @@ const struct inode_operations reiserfs_f
7190 .listxattr = reiserfs_listxattr,
7191 .removexattr = reiserfs_removexattr,
7192 .permission = reiserfs_permission,
7193 + .sync_flags = reiserfs_sync_flags,
7195 diff -NurpP --minimal linux-3.0-rc5/fs/reiserfs/inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/inode.c
7196 --- linux-3.0-rc5/fs/reiserfs/inode.c 2011-05-22 16:17:53.000000000 +0200
7197 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/inode.c 2011-06-10 22:11:24.000000000 +0200
7199 #include <linux/writeback.h>
7200 #include <linux/quotaops.h>
7201 #include <linux/swap.h>
7202 +#include <linux/vs_tag.h>
7204 int reiserfs_commit_write(struct file *f, struct page *page,
7205 unsigned from, unsigned to);
7206 @@ -1131,6 +1132,8 @@ static void init_inode(struct inode *ino
7207 struct buffer_head *bh;
7208 struct item_head *ih;
7212 //int version = ITEM_VERSION_1;
7214 bh = PATH_PLAST_BUFFER(path);
7215 @@ -1151,12 +1154,13 @@ static void init_inode(struct inode *ino
7216 (struct stat_data_v1 *)B_I_PITEM(bh, ih);
7217 unsigned long blocks;
7219 + uid = sd_v1_uid(sd);
7220 + gid = sd_v1_gid(sd);
7222 set_inode_item_key_version(inode, KEY_FORMAT_3_5);
7223 set_inode_sd_version(inode, STAT_DATA_V1);
7224 inode->i_mode = sd_v1_mode(sd);
7225 inode->i_nlink = sd_v1_nlink(sd);
7226 - inode->i_uid = sd_v1_uid(sd);
7227 - inode->i_gid = sd_v1_gid(sd);
7228 inode->i_size = sd_v1_size(sd);
7229 inode->i_atime.tv_sec = sd_v1_atime(sd);
7230 inode->i_mtime.tv_sec = sd_v1_mtime(sd);
7231 @@ -1198,11 +1202,12 @@ static void init_inode(struct inode *ino
7232 // (directories and symlinks)
7233 struct stat_data *sd = (struct stat_data *)B_I_PITEM(bh, ih);
7235 + uid = sd_v2_uid(sd);
7236 + gid = sd_v2_gid(sd);
7238 inode->i_mode = sd_v2_mode(sd);
7239 inode->i_nlink = sd_v2_nlink(sd);
7240 - inode->i_uid = sd_v2_uid(sd);
7241 inode->i_size = sd_v2_size(sd);
7242 - inode->i_gid = sd_v2_gid(sd);
7243 inode->i_mtime.tv_sec = sd_v2_mtime(sd);
7244 inode->i_atime.tv_sec = sd_v2_atime(sd);
7245 inode->i_ctime.tv_sec = sd_v2_ctime(sd);
7246 @@ -1232,6 +1237,10 @@ static void init_inode(struct inode *ino
7247 sd_attrs_to_i_attrs(sd_v2_attrs(sd), inode);
7250 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
7251 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
7252 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid, 0);
7255 if (S_ISREG(inode->i_mode)) {
7256 inode->i_op = &reiserfs_file_inode_operations;
7257 @@ -1254,13 +1263,15 @@ static void init_inode(struct inode *ino
7258 static void inode2sd(void *sd, struct inode *inode, loff_t size)
7260 struct stat_data *sd_v2 = (struct stat_data *)sd;
7261 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
7262 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
7265 + set_sd_v2_uid(sd_v2, uid);
7266 + set_sd_v2_gid(sd_v2, gid);
7267 set_sd_v2_mode(sd_v2, inode->i_mode);
7268 set_sd_v2_nlink(sd_v2, inode->i_nlink);
7269 - set_sd_v2_uid(sd_v2, inode->i_uid);
7270 set_sd_v2_size(sd_v2, size);
7271 - set_sd_v2_gid(sd_v2, inode->i_gid);
7272 set_sd_v2_mtime(sd_v2, inode->i_mtime.tv_sec);
7273 set_sd_v2_atime(sd_v2, inode->i_atime.tv_sec);
7274 set_sd_v2_ctime(sd_v2, inode->i_ctime.tv_sec);
7275 @@ -2863,14 +2874,19 @@ int reiserfs_commit_write(struct file *f
7276 void sd_attrs_to_i_attrs(__u16 sd_attrs, struct inode *inode)
7278 if (reiserfs_attrs(inode->i_sb)) {
7279 - if (sd_attrs & REISERFS_SYNC_FL)
7280 - inode->i_flags |= S_SYNC;
7282 - inode->i_flags &= ~S_SYNC;
7283 if (sd_attrs & REISERFS_IMMUTABLE_FL)
7284 inode->i_flags |= S_IMMUTABLE;
7286 inode->i_flags &= ~S_IMMUTABLE;
7287 + if (sd_attrs & REISERFS_IXUNLINK_FL)
7288 + inode->i_flags |= S_IXUNLINK;
7290 + inode->i_flags &= ~S_IXUNLINK;
7292 + if (sd_attrs & REISERFS_SYNC_FL)
7293 + inode->i_flags |= S_SYNC;
7295 + inode->i_flags &= ~S_SYNC;
7296 if (sd_attrs & REISERFS_APPEND_FL)
7297 inode->i_flags |= S_APPEND;
7299 @@ -2883,6 +2899,15 @@ void sd_attrs_to_i_attrs(__u16 sd_attrs,
7300 REISERFS_I(inode)->i_flags |= i_nopack_mask;
7302 REISERFS_I(inode)->i_flags &= ~i_nopack_mask;
7304 + if (sd_attrs & REISERFS_BARRIER_FL)
7305 + inode->i_vflags |= V_BARRIER;
7307 + inode->i_vflags &= ~V_BARRIER;
7308 + if (sd_attrs & REISERFS_COW_FL)
7309 + inode->i_vflags |= V_COW;
7311 + inode->i_vflags &= ~V_COW;
7315 @@ -2893,6 +2918,11 @@ void i_attrs_to_sd_attrs(struct inode *i
7316 *sd_attrs |= REISERFS_IMMUTABLE_FL;
7318 *sd_attrs &= ~REISERFS_IMMUTABLE_FL;
7319 + if (inode->i_flags & S_IXUNLINK)
7320 + *sd_attrs |= REISERFS_IXUNLINK_FL;
7322 + *sd_attrs &= ~REISERFS_IXUNLINK_FL;
7324 if (inode->i_flags & S_SYNC)
7325 *sd_attrs |= REISERFS_SYNC_FL;
7327 @@ -2905,6 +2935,15 @@ void i_attrs_to_sd_attrs(struct inode *i
7328 *sd_attrs |= REISERFS_NOTAIL_FL;
7330 *sd_attrs &= ~REISERFS_NOTAIL_FL;
7332 + if (inode->i_vflags & V_BARRIER)
7333 + *sd_attrs |= REISERFS_BARRIER_FL;
7335 + *sd_attrs &= ~REISERFS_BARRIER_FL;
7336 + if (inode->i_vflags & V_COW)
7337 + *sd_attrs |= REISERFS_COW_FL;
7339 + *sd_attrs &= ~REISERFS_COW_FL;
7343 @@ -3148,7 +3187,8 @@ int reiserfs_setattr(struct dentry *dent
7346 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
7347 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
7348 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
7349 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
7350 struct reiserfs_transaction_handle th;
7353 @@ -3177,6 +3217,9 @@ int reiserfs_setattr(struct dentry *dent
7354 inode->i_uid = attr->ia_uid;
7355 if (attr->ia_valid & ATTR_GID)
7356 inode->i_gid = attr->ia_gid;
7357 + if ((attr->ia_valid & ATTR_TAG) &&
7359 + inode->i_tag = attr->ia_tag;
7360 mark_inode_dirty(inode);
7361 error = journal_end(&th, inode->i_sb, jbegin_count);
7363 diff -NurpP --minimal linux-3.0-rc5/fs/reiserfs/ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/ioctl.c
7364 --- linux-3.0-rc5/fs/reiserfs/ioctl.c 2011-05-22 16:17:53.000000000 +0200
7365 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/ioctl.c 2011-06-10 22:11:24.000000000 +0200
7367 #include <linux/pagemap.h>
7368 #include <linux/compat.h>
7371 +int reiserfs_sync_flags(struct inode *inode, int flags, int vflags)
7373 + __u16 sd_attrs = 0;
7375 + inode->i_flags = flags;
7376 + inode->i_vflags = vflags;
7378 + i_attrs_to_sd_attrs(inode, &sd_attrs);
7379 + REISERFS_I(inode)->i_attrs = sd_attrs;
7380 + inode->i_ctime = CURRENT_TIME_SEC;
7381 + mark_inode_dirty(inode);
7386 * reiserfs_ioctl - handler for ioctl for inode
7387 * supported commands:
7389 long reiserfs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
7391 struct inode *inode = filp->f_path.dentry->d_inode;
7392 - unsigned int flags;
7393 + unsigned int flags, oldflags;
7396 reiserfs_write_lock(inode->i_sb);
7397 @@ -47,6 +62,7 @@ long reiserfs_ioctl(struct file *filp, u
7399 flags = REISERFS_I(inode)->i_attrs;
7400 i_attrs_to_sd_attrs(inode, (__u16 *) & flags);
7401 + flags &= REISERFS_FL_USER_VISIBLE;
7402 err = put_user(flags, (int __user *)arg);
7404 case REISERFS_IOC_SETFLAGS:{
7405 @@ -67,6 +83,10 @@ long reiserfs_ioctl(struct file *filp, u
7409 + if (IS_BARRIER(inode)) {
7410 + vxwprintk_task(1, "messing with the barrier.");
7414 * Is it quota file? Do not allow user to mess with it
7416 @@ -91,6 +111,10 @@ long reiserfs_ioctl(struct file *filp, u
7421 + oldflags = REISERFS_I(inode)->i_attrs;
7422 + flags &= REISERFS_FL_USER_MODIFIABLE;
7423 + flags |= oldflags & ~REISERFS_FL_USER_MODIFIABLE;
7424 sd_attrs_to_i_attrs(flags, inode);
7425 REISERFS_I(inode)->i_attrs = flags;
7426 inode->i_ctime = CURRENT_TIME_SEC;
7427 diff -NurpP --minimal linux-3.0-rc5/fs/reiserfs/namei.c linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/namei.c
7428 --- linux-3.0-rc5/fs/reiserfs/namei.c 2011-05-22 16:17:53.000000000 +0200
7429 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/namei.c 2011-06-10 22:11:24.000000000 +0200
7431 #include <linux/reiserfs_acl.h>
7432 #include <linux/reiserfs_xattr.h>
7433 #include <linux/quotaops.h>
7434 +#include <linux/vs_tag.h>
7436 #define INC_DIR_INODE_NLINK(i) if (i->i_nlink != 1) { inc_nlink(i); if (i->i_nlink >= REISERFS_LINK_MAX) i->i_nlink=1; }
7437 #define DEC_DIR_INODE_NLINK(i) if (i->i_nlink != 1) drop_nlink(i);
7438 @@ -362,6 +363,7 @@ static struct dentry *reiserfs_lookup(st
7439 if (retval == IO_ERROR) {
7440 return ERR_PTR(-EIO);
7442 + dx_propagate_tag(nd, inode);
7444 return d_splice_alias(inode, dentry);
7446 @@ -1529,6 +1531,7 @@ const struct inode_operations reiserfs_d
7447 .listxattr = reiserfs_listxattr,
7448 .removexattr = reiserfs_removexattr,
7449 .permission = reiserfs_permission,
7450 + .sync_flags = reiserfs_sync_flags,
7454 diff -NurpP --minimal linux-3.0-rc5/fs/reiserfs/super.c linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/super.c
7455 --- linux-3.0-rc5/fs/reiserfs/super.c 2011-07-01 11:14:20.000000000 +0200
7456 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/super.c 2011-06-10 22:11:24.000000000 +0200
7457 @@ -899,6 +899,14 @@ static int reiserfs_parse_options(struct
7458 {"user_xattr",.setmask = 1 << REISERFS_UNSUPPORTED_OPT},
7459 {"nouser_xattr",.clrmask = 1 << REISERFS_UNSUPPORTED_OPT},
7461 +#ifndef CONFIG_TAGGING_NONE
7462 + {"tagxid",.setmask = 1 << REISERFS_TAGGED},
7463 + {"tag",.setmask = 1 << REISERFS_TAGGED},
7464 + {"notag",.clrmask = 1 << REISERFS_TAGGED},
7466 +#ifdef CONFIG_PROPAGATE
7467 + {"tag",.arg_required = 'T',.values = NULL},
7469 #ifdef CONFIG_REISERFS_FS_POSIX_ACL
7470 {"acl",.setmask = 1 << REISERFS_POSIXACL},
7471 {"noacl",.clrmask = 1 << REISERFS_POSIXACL},
7472 @@ -1208,6 +1216,14 @@ static int reiserfs_remount(struct super
7473 handle_quota_files(s, qf_names, &qfmt);
7476 + if ((mount_options & (1 << REISERFS_TAGGED)) &&
7477 + !(s->s_flags & MS_TAGGED)) {
7478 + reiserfs_warning(s, "super-vs01",
7479 + "reiserfs: tagging not permitted on remount.");
7486 /* Add options that are safe here */
7487 @@ -1690,6 +1706,10 @@ static int reiserfs_fill_super(struct su
7491 + /* map mount option tagxid */
7492 + if (REISERFS_SB(s)->s_mount_opt & (1 << REISERFS_TAGGED))
7493 + s->s_flags |= MS_TAGGED;
7495 rs = SB_DISK_SUPER_BLOCK(s);
7496 /* Let's do basic sanity check to verify that underlying device is not
7497 smaller than the filesystem. If the check fails then abort and scream,
7498 diff -NurpP --minimal linux-3.0-rc5/fs/reiserfs/xattr.c linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/xattr.c
7499 --- linux-3.0-rc5/fs/reiserfs/xattr.c 2011-07-01 11:14:20.000000000 +0200
7500 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/reiserfs/xattr.c 2011-06-22 12:39:15.000000000 +0200
7502 #include <linux/errno.h>
7503 #include <linux/gfp.h>
7504 #include <linux/fs.h>
7505 +#include <linux/mount.h>
7506 #include <linux/file.h>
7507 #include <linux/pagemap.h>
7508 #include <linux/xattr.h>
7509 diff -NurpP --minimal linux-3.0-rc5/fs/stat.c linux-3.0-rc5-vs2.3.1-pre3/fs/stat.c
7510 --- linux-3.0-rc5/fs/stat.c 2011-05-22 16:17:54.000000000 +0200
7511 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/stat.c 2011-06-10 22:11:24.000000000 +0200
7512 @@ -26,6 +26,7 @@ void generic_fillattr(struct inode *inod
7513 stat->nlink = inode->i_nlink;
7514 stat->uid = inode->i_uid;
7515 stat->gid = inode->i_gid;
7516 + stat->tag = inode->i_tag;
7517 stat->rdev = inode->i_rdev;
7518 stat->atime = inode->i_atime;
7519 stat->mtime = inode->i_mtime;
7520 diff -NurpP --minimal linux-3.0-rc5/fs/statfs.c linux-3.0-rc5-vs2.3.1-pre3/fs/statfs.c
7521 --- linux-3.0-rc5/fs/statfs.c 2011-05-22 16:17:54.000000000 +0200
7522 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/statfs.c 2011-06-10 22:11:24.000000000 +0200
7524 #include <linux/statfs.h>
7525 #include <linux/security.h>
7526 #include <linux/uaccess.h>
7527 +#include <linux/vs_base.h>
7528 +#include <linux/vs_dlimit.h>
7530 static int flags_by_mnt(int mnt_flags)
7532 @@ -59,6 +61,8 @@ int statfs_by_dentry(struct dentry *dent
7533 retval = dentry->d_sb->s_op->statfs(dentry, buf);
7534 if (retval == 0 && buf->f_frsize == 0)
7535 buf->f_frsize = buf->f_bsize;
7536 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
7537 + vx_vsi_statfs(dentry->d_sb, buf);
7541 diff -NurpP --minimal linux-3.0-rc5/fs/sysfs/mount.c linux-3.0-rc5-vs2.3.1-pre3/fs/sysfs/mount.c
7542 --- linux-3.0-rc5/fs/sysfs/mount.c 2011-07-01 11:14:20.000000000 +0200
7543 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/sysfs/mount.c 2011-06-22 12:39:15.000000000 +0200
7544 @@ -47,7 +47,7 @@ static int sysfs_fill_super(struct super
7546 sb->s_blocksize = PAGE_CACHE_SIZE;
7547 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
7548 - sb->s_magic = SYSFS_MAGIC;
7549 + sb->s_magic = SYSFS_SUPER_MAGIC;
7550 sb->s_op = &sysfs_ops;
7551 sb->s_time_gran = 1;
7553 diff -NurpP --minimal linux-3.0-rc5/fs/utimes.c linux-3.0-rc5-vs2.3.1-pre3/fs/utimes.c
7554 --- linux-3.0-rc5/fs/utimes.c 2011-05-22 16:17:54.000000000 +0200
7555 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/utimes.c 2011-06-10 22:11:24.000000000 +0200
7557 #include <linux/stat.h>
7558 #include <linux/utime.h>
7559 #include <linux/syscalls.h>
7560 +#include <linux/mount.h>
7561 +#include <linux/vs_cowbl.h>
7562 #include <asm/uaccess.h>
7563 #include <asm/unistd.h>
7565 @@ -52,12 +54,18 @@ static int utimes_common(struct path *pa
7568 struct iattr newattrs;
7569 - struct inode *inode = path->dentry->d_inode;
7570 + struct inode *inode;
7572 error = mnt_want_write(path->mnt);
7576 + error = cow_check_and_break(path);
7578 + goto mnt_drop_write_and_out;
7580 + inode = path->dentry->d_inode;
7582 if (times && times[0].tv_nsec == UTIME_NOW &&
7583 times[1].tv_nsec == UTIME_NOW)
7585 diff -NurpP --minimal linux-3.0-rc5/fs/xattr.c linux-3.0-rc5-vs2.3.1-pre3/fs/xattr.c
7586 --- linux-3.0-rc5/fs/xattr.c 2011-07-01 11:14:20.000000000 +0200
7587 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xattr.c 2011-06-10 23:10:19.000000000 +0200
7589 #include <linux/module.h>
7590 #include <linux/fsnotify.h>
7591 #include <linux/audit.h>
7592 +#include <linux/mount.h>
7593 #include <asm/uaccess.h>
7596 @@ -49,7 +50,7 @@ xattr_permission(struct inode *inode, co
7597 * The trusted.* namespace can only be accessed by privileged users.
7599 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
7600 - if (!capable(CAP_SYS_ADMIN))
7601 + if (!vx_capable(CAP_SYS_ADMIN, VXC_FS_TRUSTED))
7602 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
7605 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/linux-2.6/xfs_ioctl.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_ioctl.c
7606 --- linux-3.0-rc5/fs/xfs/linux-2.6/xfs_ioctl.c 2011-05-22 16:17:54.000000000 +0200
7607 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_ioctl.c 2011-06-10 22:11:24.000000000 +0200
7609 #include "xfs_bmap_btree.h"
7610 #include "xfs_dinode.h"
7611 #include "xfs_inode.h"
7612 -#include "xfs_ioctl.h"
7613 +// #include "xfs_ioctl.h"
7614 #include "xfs_rtalloc.h"
7615 #include "xfs_itable.h"
7616 #include "xfs_error.h"
7617 @@ -748,6 +748,10 @@ xfs_merge_ioc_xflags(
7618 xflags |= XFS_XFLAG_IMMUTABLE;
7620 xflags &= ~XFS_XFLAG_IMMUTABLE;
7621 + if (flags & FS_IXUNLINK_FL)
7622 + xflags |= XFS_XFLAG_IXUNLINK;
7624 + xflags &= ~XFS_XFLAG_IXUNLINK;
7625 if (flags & FS_APPEND_FL)
7626 xflags |= XFS_XFLAG_APPEND;
7628 @@ -776,6 +780,8 @@ xfs_di2lxflags(
7630 if (di_flags & XFS_DIFLAG_IMMUTABLE)
7631 flags |= FS_IMMUTABLE_FL;
7632 + if (di_flags & XFS_DIFLAG_IXUNLINK)
7633 + flags |= FS_IXUNLINK_FL;
7634 if (di_flags & XFS_DIFLAG_APPEND)
7635 flags |= FS_APPEND_FL;
7636 if (di_flags & XFS_DIFLAG_SYNC)
7637 @@ -836,6 +842,8 @@ xfs_set_diflags(
7638 di_flags = (ip->i_d.di_flags & XFS_DIFLAG_PREALLOC);
7639 if (xflags & XFS_XFLAG_IMMUTABLE)
7640 di_flags |= XFS_DIFLAG_IMMUTABLE;
7641 + if (xflags & XFS_XFLAG_IXUNLINK)
7642 + di_flags |= XFS_DIFLAG_IXUNLINK;
7643 if (xflags & XFS_XFLAG_APPEND)
7644 di_flags |= XFS_DIFLAG_APPEND;
7645 if (xflags & XFS_XFLAG_SYNC)
7646 @@ -878,6 +886,10 @@ xfs_diflags_to_linux(
7647 inode->i_flags |= S_IMMUTABLE;
7649 inode->i_flags &= ~S_IMMUTABLE;
7650 + if (xflags & XFS_XFLAG_IXUNLINK)
7651 + inode->i_flags |= S_IXUNLINK;
7653 + inode->i_flags &= ~S_IXUNLINK;
7654 if (xflags & XFS_XFLAG_APPEND)
7655 inode->i_flags |= S_APPEND;
7657 @@ -1370,10 +1382,18 @@ xfs_file_ioctl(
7658 case XFS_IOC_FSGETXATTRA:
7659 return xfs_ioc_fsgetxattr(ip, 1, arg);
7660 case XFS_IOC_FSSETXATTR:
7661 + if (IS_BARRIER(inode)) {
7662 + vxwprintk_task(1, "messing with the barrier.");
7663 + return -XFS_ERROR(EACCES);
7665 return xfs_ioc_fssetxattr(ip, filp, arg);
7666 case XFS_IOC_GETXFLAGS:
7667 return xfs_ioc_getxflags(ip, arg);
7668 case XFS_IOC_SETXFLAGS:
7669 + if (IS_BARRIER(inode)) {
7670 + vxwprintk_task(1, "messing with the barrier.");
7671 + return -XFS_ERROR(EACCES);
7673 return xfs_ioc_setxflags(ip, filp, arg);
7675 case XFS_IOC_FSSETDM: {
7676 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/linux-2.6/xfs_ioctl.h linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_ioctl.h
7677 --- linux-3.0-rc5/fs/xfs/linux-2.6/xfs_ioctl.h 2010-07-07 18:31:54.000000000 +0200
7678 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_ioctl.h 2011-06-10 22:11:24.000000000 +0200
7679 @@ -70,6 +70,12 @@ xfs_handle_to_dentry(
7680 void __user *uhandle,
7685 + struct inode *inode,
7692 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/linux-2.6/xfs_iops.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_iops.c
7693 --- linux-3.0-rc5/fs/xfs/linux-2.6/xfs_iops.c 2011-07-01 11:14:20.000000000 +0200
7694 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_iops.c 2011-06-22 12:39:15.000000000 +0200
7696 #include "xfs_bmap_btree.h"
7697 #include "xfs_dinode.h"
7698 #include "xfs_inode.h"
7699 +#include "xfs_ioctl.h"
7700 #include "xfs_bmap.h"
7701 #include "xfs_rtalloc.h"
7702 #include "xfs_error.h"
7704 #include <linux/security.h>
7705 #include <linux/fiemap.h>
7706 #include <linux/slab.h>
7707 +#include <linux/vs_tag.h>
7710 * Bring the timestamps in the XFS inode uptodate.
7711 @@ -464,6 +466,7 @@ xfs_vn_getattr(
7712 stat->nlink = ip->i_d.di_nlink;
7713 stat->uid = ip->i_d.di_uid;
7714 stat->gid = ip->i_d.di_gid;
7715 + stat->tag = ip->i_d.di_tag;
7716 stat->ino = ip->i_ino;
7717 stat->atime = inode->i_atime;
7718 stat->mtime = inode->i_mtime;
7719 @@ -599,6 +602,7 @@ static const struct inode_operations xfs
7720 .removexattr = generic_removexattr,
7721 .listxattr = xfs_vn_listxattr,
7722 .fiemap = xfs_vn_fiemap,
7723 + .sync_flags = xfs_sync_flags,
7726 static const struct inode_operations xfs_dir_inode_operations = {
7727 @@ -624,6 +628,7 @@ static const struct inode_operations xfs
7728 .getxattr = generic_getxattr,
7729 .removexattr = generic_removexattr,
7730 .listxattr = xfs_vn_listxattr,
7731 + .sync_flags = xfs_sync_flags,
7734 static const struct inode_operations xfs_dir_ci_inode_operations = {
7735 @@ -673,6 +678,10 @@ xfs_diflags_to_iflags(
7736 inode->i_flags |= S_IMMUTABLE;
7738 inode->i_flags &= ~S_IMMUTABLE;
7739 + if (ip->i_d.di_flags & XFS_DIFLAG_IXUNLINK)
7740 + inode->i_flags |= S_IXUNLINK;
7742 + inode->i_flags &= ~S_IXUNLINK;
7743 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND)
7744 inode->i_flags |= S_APPEND;
7746 @@ -685,6 +694,15 @@ xfs_diflags_to_iflags(
7747 inode->i_flags |= S_NOATIME;
7749 inode->i_flags &= ~S_NOATIME;
7751 + if (ip->i_d.di_vflags & XFS_DIVFLAG_BARRIER)
7752 + inode->i_vflags |= V_BARRIER;
7754 + inode->i_vflags &= ~V_BARRIER;
7755 + if (ip->i_d.di_vflags & XFS_DIVFLAG_COW)
7756 + inode->i_vflags |= V_COW;
7758 + inode->i_vflags &= ~V_COW;
7762 @@ -716,6 +734,7 @@ xfs_setup_inode(
7763 inode->i_nlink = ip->i_d.di_nlink;
7764 inode->i_uid = ip->i_d.di_uid;
7765 inode->i_gid = ip->i_d.di_gid;
7766 + inode->i_tag = ip->i_d.di_tag;
7768 switch (inode->i_mode & S_IFMT) {
7770 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/linux-2.6/xfs_linux.h linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_linux.h
7771 --- linux-3.0-rc5/fs/xfs/linux-2.6/xfs_linux.h 2011-07-01 11:14:20.000000000 +0200
7772 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_linux.h 2011-06-10 22:11:24.000000000 +0200
7775 #define current_cpu() (raw_smp_processor_id())
7776 #define current_pid() (current->pid)
7777 +#define current_fstag(vp) (dx_current_fstag((vp)->i_sb))
7778 #define current_test_flags(f) (current->flags & (f))
7779 #define current_set_flags_nested(sp, f) \
7780 (*(sp) = current->flags, current->flags |= (f))
7781 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/linux-2.6/xfs_super.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_super.c
7782 --- linux-3.0-rc5/fs/xfs/linux-2.6/xfs_super.c 2011-07-01 11:14:20.000000000 +0200
7783 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/linux-2.6/xfs_super.c 2011-06-22 12:39:15.000000000 +0200
7784 @@ -114,6 +114,9 @@ mempool_t *xfs_ioend_pool;
7785 #define MNTOPT_NODELAYLOG "nodelaylog" /* Delayed logging disabled */
7786 #define MNTOPT_DISCARD "discard" /* Discard unused blocks */
7787 #define MNTOPT_NODISCARD "nodiscard" /* Do not discard unused blocks */
7788 +#define MNTOPT_TAGXID "tagxid" /* context tagging for inodes */
7789 +#define MNTOPT_TAGGED "tag" /* context tagging for inodes */
7790 +#define MNTOPT_NOTAGTAG "notag" /* do not use context tagging */
7793 * Table driven mount option parser.
7794 @@ -122,10 +125,14 @@ mempool_t *xfs_ioend_pool;
7795 * in the future, too.
7798 + Opt_tag, Opt_notag,
7799 Opt_barrier, Opt_nobarrier, Opt_err
7802 static const match_table_t tokens = {
7803 + {Opt_tag, "tagxid"},
7805 + {Opt_notag, "notag"},
7806 {Opt_barrier, "barrier"},
7807 {Opt_nobarrier, "nobarrier"},
7809 @@ -373,6 +380,19 @@ xfs_parseargs(
7810 } else if (!strcmp(this_char, "irixsgid")) {
7812 "irixsgid is now a sysctl(2) variable, option is deprecated.");
7813 +#ifndef CONFIG_TAGGING_NONE
7814 + } else if (!strcmp(this_char, MNTOPT_TAGGED)) {
7815 + mp->m_flags |= XFS_MOUNT_TAGGED;
7816 + } else if (!strcmp(this_char, MNTOPT_NOTAGTAG)) {
7817 + mp->m_flags &= ~XFS_MOUNT_TAGGED;
7818 + } else if (!strcmp(this_char, MNTOPT_TAGXID)) {
7819 + mp->m_flags |= XFS_MOUNT_TAGGED;
7821 +#ifdef CONFIG_PROPAGATE
7822 + } else if (!strcmp(this_char, MNTOPT_TAGGED)) {
7824 + mp->m_flags |= XFS_MOUNT_TAGGED;
7827 xfs_warn(mp, "unknown mount option [%s].", this_char);
7829 @@ -1182,6 +1202,16 @@ xfs_fs_remount(
7831 mp->m_flags &= ~XFS_MOUNT_BARRIER;
7834 + if (!(sb->s_flags & MS_TAGGED)) {
7836 + "XFS: %s: tagging not permitted on remount.\n",
7845 * Logically we would return an error here to prevent
7846 @@ -1397,6 +1427,9 @@ xfs_fs_fill_super(
7850 + if (mp->m_flags & XFS_MOUNT_TAGGED)
7851 + sb->s_flags |= MS_TAGGED;
7854 * we must configure the block size in the superblock before we run the
7855 * full mount process as the mount process can lookup and cache inodes.
7856 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_dinode.h linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_dinode.h
7857 --- linux-3.0-rc5/fs/xfs/xfs_dinode.h 2011-01-05 21:50:28.000000000 +0100
7858 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_dinode.h 2011-06-10 22:11:24.000000000 +0200
7859 @@ -51,7 +51,9 @@ typedef struct xfs_dinode {
7860 __be32 di_nlink; /* number of links to file */
7861 __be16 di_projid_lo; /* lower part of owner's project id */
7862 __be16 di_projid_hi; /* higher part owner's project id */
7863 - __u8 di_pad[6]; /* unused, zeroed space */
7864 + __u8 di_pad[2]; /* unused, zeroed space */
7865 + __be16 di_tag; /* context tagging */
7866 + __be16 di_vflags; /* vserver specific flags */
7867 __be16 di_flushiter; /* incremented on flush */
7868 xfs_timestamp_t di_atime; /* time last accessed */
7869 xfs_timestamp_t di_mtime; /* time last modified */
7870 @@ -184,6 +186,8 @@ static inline void xfs_dinode_put_rdev(s
7871 #define XFS_DIFLAG_EXTSZINHERIT_BIT 12 /* inherit inode extent size */
7872 #define XFS_DIFLAG_NODEFRAG_BIT 13 /* do not reorganize/defragment */
7873 #define XFS_DIFLAG_FILESTREAM_BIT 14 /* use filestream allocator */
7874 +#define XFS_DIFLAG_IXUNLINK_BIT 15 /* Immutable inver on unlink */
7876 #define XFS_DIFLAG_REALTIME (1 << XFS_DIFLAG_REALTIME_BIT)
7877 #define XFS_DIFLAG_PREALLOC (1 << XFS_DIFLAG_PREALLOC_BIT)
7878 #define XFS_DIFLAG_NEWRTBM (1 << XFS_DIFLAG_NEWRTBM_BIT)
7879 @@ -199,6 +203,7 @@ static inline void xfs_dinode_put_rdev(s
7880 #define XFS_DIFLAG_EXTSZINHERIT (1 << XFS_DIFLAG_EXTSZINHERIT_BIT)
7881 #define XFS_DIFLAG_NODEFRAG (1 << XFS_DIFLAG_NODEFRAG_BIT)
7882 #define XFS_DIFLAG_FILESTREAM (1 << XFS_DIFLAG_FILESTREAM_BIT)
7883 +#define XFS_DIFLAG_IXUNLINK (1 << XFS_DIFLAG_IXUNLINK_BIT)
7885 #ifdef CONFIG_XFS_RT
7886 #define XFS_IS_REALTIME_INODE(ip) ((ip)->i_d.di_flags & XFS_DIFLAG_REALTIME)
7887 @@ -211,6 +216,10 @@ static inline void xfs_dinode_put_rdev(s
7888 XFS_DIFLAG_IMMUTABLE | XFS_DIFLAG_APPEND | XFS_DIFLAG_SYNC | \
7889 XFS_DIFLAG_NOATIME | XFS_DIFLAG_NODUMP | XFS_DIFLAG_RTINHERIT | \
7890 XFS_DIFLAG_PROJINHERIT | XFS_DIFLAG_NOSYMLINKS | XFS_DIFLAG_EXTSIZE | \
7891 - XFS_DIFLAG_EXTSZINHERIT | XFS_DIFLAG_NODEFRAG | XFS_DIFLAG_FILESTREAM)
7892 + XFS_DIFLAG_EXTSZINHERIT | XFS_DIFLAG_NODEFRAG | XFS_DIFLAG_FILESTREAM | \
7893 + XFS_DIFLAG_IXUNLINK)
7895 +#define XFS_DIVFLAG_BARRIER 0x01
7896 +#define XFS_DIVFLAG_COW 0x02
7898 #endif /* __XFS_DINODE_H__ */
7899 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_fs.h linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_fs.h
7900 --- linux-3.0-rc5/fs/xfs/xfs_fs.h 2011-01-05 21:50:28.000000000 +0100
7901 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_fs.h 2011-06-10 22:11:24.000000000 +0200
7902 @@ -67,6 +67,9 @@ struct fsxattr {
7903 #define XFS_XFLAG_EXTSZINHERIT 0x00001000 /* inherit inode extent size */
7904 #define XFS_XFLAG_NODEFRAG 0x00002000 /* do not defragment */
7905 #define XFS_XFLAG_FILESTREAM 0x00004000 /* use filestream allocator */
7906 +#define XFS_XFLAG_IXUNLINK 0x00008000 /* immutable invert on unlink */
7907 +#define XFS_XFLAG_BARRIER 0x10000000 /* chroot() barrier */
7908 +#define XFS_XFLAG_COW 0x20000000 /* copy on write mark */
7909 #define XFS_XFLAG_HASATTR 0x80000000 /* no DIFLAG for this */
7912 @@ -297,7 +300,8 @@ typedef struct xfs_bstat {
7913 #define bs_projid bs_projid_lo /* (previously just bs_projid) */
7914 __u16 bs_forkoff; /* inode fork offset in bytes */
7915 __u16 bs_projid_hi; /* higher part of project id */
7916 - unsigned char bs_pad[10]; /* pad space, unused */
7917 + unsigned char bs_pad[8]; /* pad space, unused */
7918 + __u16 bs_tag; /* context tagging */
7919 __u32 bs_dmevmask; /* DMIG event mask */
7920 __u16 bs_dmstate; /* DMIG state info */
7921 __u16 bs_aextents; /* attribute number of extents */
7922 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_ialloc.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_ialloc.c
7923 --- linux-3.0-rc5/fs/xfs/xfs_ialloc.c 2011-05-22 16:17:54.000000000 +0200
7924 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_ialloc.c 2011-06-10 22:11:24.000000000 +0200
7926 #include "xfs_error.h"
7927 #include "xfs_bmap.h"
7931 * Allocation group level functions.
7933 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_inode.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_inode.c
7934 --- linux-3.0-rc5/fs/xfs/xfs_inode.c 2011-07-01 11:14:20.000000000 +0200
7935 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_inode.c 2011-06-10 22:11:24.000000000 +0200
7936 @@ -243,6 +243,7 @@ xfs_inotobp(
7940 +#include <linux/vs_tag.h>
7943 * This routine is called to map an inode to the buffer containing
7944 @@ -641,15 +642,25 @@ xfs_iformat_btree(
7946 xfs_dinode_from_disk(
7948 - xfs_dinode_t *from)
7949 + xfs_dinode_t *from,
7952 + uint32_t uid, gid, tag;
7954 to->di_magic = be16_to_cpu(from->di_magic);
7955 to->di_mode = be16_to_cpu(from->di_mode);
7956 to->di_version = from ->di_version;
7957 to->di_format = from->di_format;
7958 to->di_onlink = be16_to_cpu(from->di_onlink);
7959 - to->di_uid = be32_to_cpu(from->di_uid);
7960 - to->di_gid = be32_to_cpu(from->di_gid);
7962 + uid = be32_to_cpu(from->di_uid);
7963 + gid = be32_to_cpu(from->di_gid);
7964 + tag = be16_to_cpu(from->di_tag);
7966 + to->di_uid = INOTAG_UID(tagged, uid, gid);
7967 + to->di_gid = INOTAG_GID(tagged, uid, gid);
7968 + to->di_tag = INOTAG_TAG(tagged, uid, gid, tag);
7970 to->di_nlink = be32_to_cpu(from->di_nlink);
7971 to->di_projid_lo = be16_to_cpu(from->di_projid_lo);
7972 to->di_projid_hi = be16_to_cpu(from->di_projid_hi);
7973 @@ -671,21 +682,26 @@ xfs_dinode_from_disk(
7974 to->di_dmevmask = be32_to_cpu(from->di_dmevmask);
7975 to->di_dmstate = be16_to_cpu(from->di_dmstate);
7976 to->di_flags = be16_to_cpu(from->di_flags);
7977 + to->di_vflags = be16_to_cpu(from->di_vflags);
7978 to->di_gen = be32_to_cpu(from->di_gen);
7984 - xfs_icdinode_t *from)
7985 + xfs_icdinode_t *from,
7988 to->di_magic = cpu_to_be16(from->di_magic);
7989 to->di_mode = cpu_to_be16(from->di_mode);
7990 to->di_version = from ->di_version;
7991 to->di_format = from->di_format;
7992 to->di_onlink = cpu_to_be16(from->di_onlink);
7993 - to->di_uid = cpu_to_be32(from->di_uid);
7994 - to->di_gid = cpu_to_be32(from->di_gid);
7996 + to->di_uid = cpu_to_be32(TAGINO_UID(tagged, from->di_uid, from->di_tag));
7997 + to->di_gid = cpu_to_be32(TAGINO_GID(tagged, from->di_gid, from->di_tag));
7998 + to->di_tag = cpu_to_be16(TAGINO_TAG(tagged, from->di_tag));
8000 to->di_nlink = cpu_to_be32(from->di_nlink);
8001 to->di_projid_lo = cpu_to_be16(from->di_projid_lo);
8002 to->di_projid_hi = cpu_to_be16(from->di_projid_hi);
8003 @@ -707,12 +723,14 @@ xfs_dinode_to_disk(
8004 to->di_dmevmask = cpu_to_be32(from->di_dmevmask);
8005 to->di_dmstate = cpu_to_be16(from->di_dmstate);
8006 to->di_flags = cpu_to_be16(from->di_flags);
8007 + to->di_vflags = cpu_to_be16(from->di_vflags);
8008 to->di_gen = cpu_to_be32(from->di_gen);
8013 - __uint16_t di_flags)
8014 + __uint16_t di_flags,
8015 + __uint16_t di_vflags)
8019 @@ -723,6 +741,8 @@ _xfs_dic2xflags(
8020 flags |= XFS_XFLAG_PREALLOC;
8021 if (di_flags & XFS_DIFLAG_IMMUTABLE)
8022 flags |= XFS_XFLAG_IMMUTABLE;
8023 + if (di_flags & XFS_DIFLAG_IXUNLINK)
8024 + flags |= XFS_XFLAG_IXUNLINK;
8025 if (di_flags & XFS_DIFLAG_APPEND)
8026 flags |= XFS_XFLAG_APPEND;
8027 if (di_flags & XFS_DIFLAG_SYNC)
8028 @@ -747,6 +767,10 @@ _xfs_dic2xflags(
8029 flags |= XFS_XFLAG_FILESTREAM;
8032 + if (di_vflags & XFS_DIVFLAG_BARRIER)
8033 + flags |= FS_BARRIER_FL;
8034 + if (di_vflags & XFS_DIVFLAG_COW)
8035 + flags |= FS_COW_FL;
8039 @@ -756,7 +780,7 @@ xfs_ip2xflags(
8041 xfs_icdinode_t *dic = &ip->i_d;
8043 - return _xfs_dic2xflags(dic->di_flags) |
8044 + return _xfs_dic2xflags(dic->di_flags, dic->di_vflags) |
8045 (XFS_IFORK_Q(ip) ? XFS_XFLAG_HASATTR : 0);
8048 @@ -764,7 +788,8 @@ uint
8052 - return _xfs_dic2xflags(be16_to_cpu(dip->di_flags)) |
8053 + return _xfs_dic2xflags(be16_to_cpu(dip->di_flags),
8054 + be16_to_cpu(dip->di_vflags)) |
8055 (XFS_DFORK_Q(dip) ? XFS_XFLAG_HASATTR : 0);
8058 @@ -797,7 +822,6 @@ xfs_iread(
8061 dip = (xfs_dinode_t *)xfs_buf_offset(bp, ip->i_imap.im_boffset);
8064 * If we got something that isn't an inode it means someone
8065 * (nfs or dmi) has a stale handle.
8066 @@ -820,7 +844,8 @@ xfs_iread(
8067 * Otherwise, just get the truly permanent information.
8070 - xfs_dinode_from_disk(&ip->i_d, dip);
8071 + xfs_dinode_from_disk(&ip->i_d, dip,
8072 + mp->m_flags & XFS_MOUNT_TAGGED);
8073 error = xfs_iformat(ip, dip);
8076 @@ -1015,6 +1040,7 @@ xfs_ialloc(
8077 ASSERT(ip->i_d.di_nlink == nlink);
8078 ip->i_d.di_uid = current_fsuid();
8079 ip->i_d.di_gid = current_fsgid();
8080 + ip->i_d.di_tag = current_fstag(&ip->i_vnode);
8081 xfs_set_projid(ip, prid);
8082 memset(&(ip->i_d.di_pad[0]), 0, sizeof(ip->i_d.di_pad));
8084 @@ -1075,6 +1101,7 @@ xfs_ialloc(
8085 ip->i_d.di_dmevmask = 0;
8086 ip->i_d.di_dmstate = 0;
8087 ip->i_d.di_flags = 0;
8088 + ip->i_d.di_vflags = 0;
8089 flags = XFS_ILOG_CORE;
8090 switch (mode & S_IFMT) {
8092 @@ -2108,6 +2135,7 @@ xfs_ifree(
8094 ip->i_d.di_mode = 0; /* mark incore inode as free */
8095 ip->i_d.di_flags = 0;
8096 + ip->i_d.di_vflags = 0;
8097 ip->i_d.di_dmevmask = 0;
8098 ip->i_d.di_forkoff = 0; /* mark the attr fork not in use */
8099 ip->i_df.if_ext_max =
8100 @@ -2987,7 +3015,8 @@ xfs_iflush_int(
8101 * because if the inode is dirty at all the core must
8104 - xfs_dinode_to_disk(dip, &ip->i_d);
8105 + xfs_dinode_to_disk(dip, &ip->i_d,
8106 + mp->m_flags & XFS_MOUNT_TAGGED);
8108 /* Wrap, we never let the log put out DI_MAX_FLUSH */
8109 if (ip->i_d.di_flushiter == DI_MAX_FLUSH)
8110 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_inode.h linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_inode.h
8111 --- linux-3.0-rc5/fs/xfs/xfs_inode.h 2011-07-01 11:14:20.000000000 +0200
8112 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_inode.h 2011-07-01 11:35:35.000000000 +0200
8113 @@ -135,7 +135,9 @@ typedef struct xfs_icdinode {
8114 __uint32_t di_nlink; /* number of links to file */
8115 __uint16_t di_projid_lo; /* lower part of owner's project id */
8116 __uint16_t di_projid_hi; /* higher part of owner's project id */
8117 - __uint8_t di_pad[6]; /* unused, zeroed space */
8118 + __uint8_t di_pad[2]; /* unused, zeroed space */
8119 + __uint16_t di_tag; /* context tagging */
8120 + __uint16_t di_vflags; /* vserver specific flags */
8121 __uint16_t di_flushiter; /* incremented on flush */
8122 xfs_ictimestamp_t di_atime; /* time last accessed */
8123 xfs_ictimestamp_t di_mtime; /* time last modified */
8124 @@ -546,7 +548,7 @@ int xfs_itobp(struct xfs_mount *, struc
8125 int xfs_iread(struct xfs_mount *, struct xfs_trans *,
8126 struct xfs_inode *, uint);
8127 void xfs_dinode_to_disk(struct xfs_dinode *,
8128 - struct xfs_icdinode *);
8129 + struct xfs_icdinode *, int);
8130 void xfs_idestroy_fork(struct xfs_inode *, int);
8131 void xfs_idata_realloc(struct xfs_inode *, int, int);
8132 void xfs_iroot_realloc(struct xfs_inode *, int, int);
8133 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_itable.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_itable.c
8134 --- linux-3.0-rc5/fs/xfs/xfs_itable.c 2011-05-22 16:17:54.000000000 +0200
8135 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_itable.c 2011-06-10 22:11:24.000000000 +0200
8136 @@ -98,6 +98,7 @@ xfs_bulkstat_one_int(
8137 buf->bs_mode = dic->di_mode;
8138 buf->bs_uid = dic->di_uid;
8139 buf->bs_gid = dic->di_gid;
8140 + buf->bs_tag = dic->di_tag;
8141 buf->bs_size = dic->di_size;
8144 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_log_recover.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_log_recover.c
8145 --- linux-3.0-rc5/fs/xfs/xfs_log_recover.c 2011-07-01 11:14:20.000000000 +0200
8146 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_log_recover.c 2011-06-10 22:11:24.000000000 +0200
8147 @@ -2343,7 +2343,8 @@ xlog_recover_inode_pass2(
8150 /* The core is in in-core format */
8151 - xfs_dinode_to_disk(dip, item->ri_buf[1].i_addr);
8152 + xfs_dinode_to_disk(dip, item->ri_buf[1].i_addr,
8153 + mp->m_flags & XFS_MOUNT_TAGGED);
8155 /* the rest is in on-disk format */
8156 if (item->ri_buf[1].i_len > sizeof(struct xfs_icdinode)) {
8157 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_mount.h linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_mount.h
8158 --- linux-3.0-rc5/fs/xfs/xfs_mount.h 2011-07-01 11:14:20.000000000 +0200
8159 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_mount.h 2011-06-10 22:11:24.000000000 +0200
8160 @@ -249,6 +249,7 @@ typedef struct xfs_mount {
8162 #define XFS_MOUNT_NOATTR2 (1ULL << 25) /* disable use of attr2 format */
8164 +#define XFS_MOUNT_TAGGED (1ULL << 31) /* context tagging */
8167 * Default minimum read and write sizes.
8168 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_vnodeops.c linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_vnodeops.c
8169 --- linux-3.0-rc5/fs/xfs/xfs_vnodeops.c 2011-07-01 11:14:20.000000000 +0200
8170 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_vnodeops.c 2011-07-01 11:35:35.000000000 +0200
8172 #include "xfs_vnodeops.h"
8173 #include "xfs_trace.h"
8177 +xfs_get_inode_flags(
8180 + struct inode *inode = VFS_I(ip);
8181 + unsigned int flags = inode->i_flags;
8182 + unsigned int vflags = inode->i_vflags;
8184 + if (flags & S_IMMUTABLE)
8185 + ip->i_d.di_flags |= XFS_DIFLAG_IMMUTABLE;
8187 + ip->i_d.di_flags &= ~XFS_DIFLAG_IMMUTABLE;
8188 + if (flags & S_IXUNLINK)
8189 + ip->i_d.di_flags |= XFS_DIFLAG_IXUNLINK;
8191 + ip->i_d.di_flags &= ~XFS_DIFLAG_IXUNLINK;
8193 + if (vflags & V_BARRIER)
8194 + ip->i_d.di_vflags |= XFS_DIVFLAG_BARRIER;
8196 + ip->i_d.di_vflags &= ~XFS_DIVFLAG_BARRIER;
8197 + if (vflags & V_COW)
8198 + ip->i_d.di_vflags |= XFS_DIVFLAG_COW;
8200 + ip->i_d.di_vflags &= ~XFS_DIVFLAG_COW;
8205 + struct inode *inode,
8209 + struct xfs_inode *ip = XFS_I(inode);
8210 + struct xfs_mount *mp = ip->i_mount;
8211 + struct xfs_trans *tp;
8212 + unsigned int lock_flags = 0;
8215 + tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE);
8216 + code = xfs_trans_reserve(tp, 0, XFS_ICHANGE_LOG_RES(mp), 0, 0, 0);
8220 + xfs_ilock(ip, XFS_ILOCK_EXCL);
8222 + xfs_trans_ijoin(tp, ip);
8224 + inode->i_flags = flags;
8225 + inode->i_vflags = vflags;
8226 + xfs_get_inode_flags(ip);
8228 + xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
8229 + xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG);
8231 + XFS_STATS_INC(xs_ig_attrchg);
8233 + if (mp->m_flags & XFS_MOUNT_WSYNC)
8234 + xfs_trans_set_sync(tp);
8235 + code = xfs_trans_commit(tp, 0);
8236 + xfs_iunlock(ip, XFS_ILOCK_EXCL);
8240 + xfs_trans_cancel(tp, 0);
8242 + xfs_iunlock(ip, XFS_ILOCK_EXCL);
8249 struct xfs_inode *ip,
8250 @@ -65,6 +137,7 @@ xfs_setattr(
8251 uint commit_flags=0;
8252 uid_t uid=0, iuid=0;
8253 gid_t gid=0, igid=0;
8254 + tag_t tag=0, itag=0;
8255 struct xfs_dquot *udqp, *gdqp, *olddquot1, *olddquot2;
8256 int need_iolock = 1;
8258 @@ -147,7 +220,7 @@ xfs_setattr(
8260 * Change file ownership. Must be the owner or privileged.
8262 - if (mask & (ATTR_UID|ATTR_GID)) {
8263 + if (mask & (ATTR_UID|ATTR_GID|ATTR_TAG)) {
8265 * These IDs could have changed since we last looked at them.
8266 * But, we're assured that if the ownership did change
8267 @@ -156,8 +229,10 @@ xfs_setattr(
8269 iuid = ip->i_d.di_uid;
8270 igid = ip->i_d.di_gid;
8271 + itag = ip->i_d.di_tag;
8272 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid;
8273 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid;
8274 + tag = (mask & ATTR_TAG) ? iattr->ia_tag : itag;
8277 * Do a quota reservation only if uid/gid is actually
8278 @@ -165,7 +240,8 @@ xfs_setattr(
8280 if (XFS_IS_QUOTA_RUNNING(mp) &&
8281 ((XFS_IS_UQUOTA_ON(mp) && iuid != uid) ||
8282 - (XFS_IS_GQUOTA_ON(mp) && igid != gid))) {
8283 + (XFS_IS_GQUOTA_ON(mp) && igid != gid) ||
8284 + (XFS_IS_GQUOTA_ON(mp) && itag != tag))) {
8286 code = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp,
8287 capable(CAP_FOWNER) ?
8288 @@ -329,7 +405,7 @@ xfs_setattr(
8290 * Change file ownership. Must be the owner or privileged.
8292 - if (mask & (ATTR_UID|ATTR_GID)) {
8293 + if (mask & (ATTR_UID|ATTR_GID|ATTR_TAG)) {
8295 * CAP_FSETID overrides the following restrictions:
8297 @@ -345,6 +421,10 @@ xfs_setattr(
8298 * Change the ownerships and register quota modifications
8299 * in the transaction.
8301 + if (itag != tag) {
8302 + ip->i_d.di_tag = tag;
8303 + inode->i_tag = tag;
8306 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) {
8307 ASSERT(mask & ATTR_UID);
8308 diff -NurpP --minimal linux-3.0-rc5/fs/xfs/xfs_vnodeops.h linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_vnodeops.h
8309 --- linux-3.0-rc5/fs/xfs/xfs_vnodeops.h 2011-05-22 16:17:54.000000000 +0200
8310 +++ linux-3.0-rc5-vs2.3.1-pre3/fs/xfs/xfs_vnodeops.h 2011-06-10 22:11:24.000000000 +0200
8311 @@ -13,6 +13,7 @@ struct xfs_inode;
8315 +int xfs_sync_xflags(struct xfs_inode *ip);
8316 int xfs_setattr(struct xfs_inode *ip, struct iattr *vap, int flags);
8317 #define XFS_ATTR_DMI 0x01 /* invocation from a DMI function */
8318 #define XFS_ATTR_NONBLOCK 0x02 /* return EAGAIN if operation would block */
8319 diff -NurpP --minimal linux-3.0-rc5/include/asm-generic/tlb.h linux-3.0-rc5-vs2.3.1-pre3/include/asm-generic/tlb.h
8320 --- linux-3.0-rc5/include/asm-generic/tlb.h 2011-07-01 11:14:20.000000000 +0200
8321 +++ linux-3.0-rc5-vs2.3.1-pre3/include/asm-generic/tlb.h 2011-06-10 22:11:24.000000000 +0200
8323 #define _ASM_GENERIC__TLB_H
8325 #include <linux/swap.h>
8326 +#include <linux/vs_memory.h>
8327 #include <asm/pgalloc.h>
8328 #include <asm/tlbflush.h>
8330 diff -NurpP --minimal linux-3.0-rc5/include/linux/Kbuild linux-3.0-rc5-vs2.3.1-pre3/include/linux/Kbuild
8331 --- linux-3.0-rc5/include/linux/Kbuild 2011-07-01 11:14:20.000000000 +0200
8332 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/Kbuild 2011-06-10 22:11:24.000000000 +0200
8333 @@ -17,6 +17,7 @@ header-y += netfilter_bridge/
8334 header-y += netfilter_ipv4/
8335 header-y += netfilter_ipv6/
8337 +header-y += vserver/
8340 objhdr-y += version.h
8341 diff -NurpP --minimal linux-3.0-rc5/include/linux/capability.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/capability.h
8342 --- linux-3.0-rc5/include/linux/capability.h 2011-07-01 11:14:21.000000000 +0200
8343 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/capability.h 2011-06-10 22:11:24.000000000 +0200
8344 @@ -279,6 +279,7 @@ struct cpu_vfs_cap_data {
8345 arbitrary SCSI commands */
8346 /* Allow setting encryption key on loopback filesystem */
8347 /* Allow setting zone reclaim policy */
8348 +/* Allow the selection of a security context */
8350 #define CAP_SYS_ADMIN 21
8352 @@ -362,7 +363,12 @@ struct cpu_vfs_cap_data {
8354 #define CAP_LAST_CAP CAP_WAKE_ALARM
8356 -#define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
8357 +/* Allow context manipulations */
8358 +/* Allow changing context info on files */
8360 +#define CAP_CONTEXT 63
8362 +#define cap_valid(x) ((x) >= 0 && ((x) <= CAP_LAST_CAP || (x) == CAP_CONTEXT))
8365 * Bit location of each capability (used by user-space library and kernel)
8366 diff -NurpP --minimal linux-3.0-rc5/include/linux/cred.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/cred.h
8367 --- linux-3.0-rc5/include/linux/cred.h 2011-07-01 11:14:21.000000000 +0200
8368 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/cred.h 2011-06-10 22:11:24.000000000 +0200
8369 @@ -156,6 +156,7 @@ extern void exit_creds(struct task_struc
8370 extern int copy_creds(struct task_struct *, unsigned long);
8371 extern const struct cred *get_task_cred(struct task_struct *);
8372 extern struct cred *cred_alloc_blank(void);
8373 +extern struct cred *__prepare_creds(const struct cred *);
8374 extern struct cred *prepare_creds(void);
8375 extern struct cred *prepare_exec_creds(void);
8376 extern int commit_creds(struct cred *);
8377 @@ -209,6 +210,31 @@ static inline void validate_process_cred
8381 +static inline void set_cred_subscribers(struct cred *cred, int n)
8383 +#ifdef CONFIG_DEBUG_CREDENTIALS
8384 + atomic_set(&cred->subscribers, n);
8388 +static inline int read_cred_subscribers(const struct cred *cred)
8390 +#ifdef CONFIG_DEBUG_CREDENTIALS
8391 + return atomic_read(&cred->subscribers);
8397 +static inline void alter_cred_subscribers(const struct cred *_cred, int n)
8399 +#ifdef CONFIG_DEBUG_CREDENTIALS
8400 + struct cred *cred = (struct cred *) _cred;
8402 + atomic_add(n, &cred->subscribers);
8407 * get_new_cred - Get a reference on a new set of credentials
8408 * @cred: The new credentials to reference
8409 diff -NurpP --minimal linux-3.0-rc5/include/linux/devpts_fs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/devpts_fs.h
8410 --- linux-3.0-rc5/include/linux/devpts_fs.h 2008-12-25 00:26:37.000000000 +0100
8411 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/devpts_fs.h 2011-06-10 22:11:24.000000000 +0200
8412 @@ -45,5 +45,4 @@ static inline void devpts_pty_kill(struc
8417 #endif /* _LINUX_DEVPTS_FS_H */
8418 diff -NurpP --minimal linux-3.0-rc5/include/linux/ext2_fs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/ext2_fs.h
8419 --- linux-3.0-rc5/include/linux/ext2_fs.h 2010-02-25 11:52:07.000000000 +0100
8420 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/ext2_fs.h 2011-06-10 22:11:24.000000000 +0200
8421 @@ -189,8 +189,12 @@ struct ext2_group_desc
8422 #define EXT2_NOTAIL_FL FS_NOTAIL_FL /* file tail should not be merged */
8423 #define EXT2_DIRSYNC_FL FS_DIRSYNC_FL /* dirsync behaviour (directories only) */
8424 #define EXT2_TOPDIR_FL FS_TOPDIR_FL /* Top of directory hierarchies*/
8425 +#define EXT2_IXUNLINK_FL FS_IXUNLINK_FL /* Immutable invert on unlink */
8426 #define EXT2_RESERVED_FL FS_RESERVED_FL /* reserved for ext2 lib */
8428 +#define EXT2_BARRIER_FL FS_BARRIER_FL /* Barrier for chroot() */
8429 +#define EXT2_COW_FL FS_COW_FL /* Copy on Write marker */
8431 #define EXT2_FL_USER_VISIBLE FS_FL_USER_VISIBLE /* User visible flags */
8432 #define EXT2_FL_USER_MODIFIABLE FS_FL_USER_MODIFIABLE /* User modifiable flags */
8434 @@ -274,7 +278,8 @@ struct ext2_inode {
8436 __le16 l_i_uid_high; /* these 2 fields */
8437 __le16 l_i_gid_high; /* were reserved2[0] */
8438 - __u32 l_i_reserved2;
8439 + __le16 l_i_tag; /* Context Tag */
8440 + __u16 l_i_reserved2;
8443 __u8 h_i_frag; /* Fragment number */
8444 @@ -303,6 +308,7 @@ struct ext2_inode {
8445 #define i_gid_low i_gid
8446 #define i_uid_high osd2.linux2.l_i_uid_high
8447 #define i_gid_high osd2.linux2.l_i_gid_high
8448 +#define i_raw_tag osd2.linux2.l_i_tag
8449 #define i_reserved2 osd2.linux2.l_i_reserved2
8452 @@ -347,6 +353,7 @@ struct ext2_inode {
8453 #define EXT2_MOUNT_USRQUOTA 0x020000 /* user quota */
8454 #define EXT2_MOUNT_GRPQUOTA 0x040000 /* group quota */
8455 #define EXT2_MOUNT_RESERVATION 0x080000 /* Preallocation */
8456 +#define EXT2_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
8459 #define clear_opt(o, opt) o &= ~EXT2_MOUNT_##opt
8460 diff -NurpP --minimal linux-3.0-rc5/include/linux/ext3_fs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/ext3_fs.h
8461 --- linux-3.0-rc5/include/linux/ext3_fs.h 2011-07-01 11:14:21.000000000 +0200
8462 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/ext3_fs.h 2011-06-10 22:11:24.000000000 +0200
8463 @@ -173,10 +173,14 @@ struct ext3_group_desc
8464 #define EXT3_NOTAIL_FL 0x00008000 /* file tail should not be merged */
8465 #define EXT3_DIRSYNC_FL 0x00010000 /* dirsync behaviour (directories only) */
8466 #define EXT3_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
8467 +#define EXT3_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
8468 #define EXT3_RESERVED_FL 0x80000000 /* reserved for ext3 lib */
8470 -#define EXT3_FL_USER_VISIBLE 0x0003DFFF /* User visible flags */
8471 -#define EXT3_FL_USER_MODIFIABLE 0x000380FF /* User modifiable flags */
8472 +#define EXT3_BARRIER_FL 0x04000000 /* Barrier for chroot() */
8473 +#define EXT3_COW_FL 0x20000000 /* Copy on Write marker */
8475 +#define EXT3_FL_USER_VISIBLE 0x0103DFFF /* User visible flags */
8476 +#define EXT3_FL_USER_MODIFIABLE 0x010380FF /* User modifiable flags */
8478 /* Flags that should be inherited by new inodes from their parent. */
8479 #define EXT3_FL_INHERITED (EXT3_SECRM_FL | EXT3_UNRM_FL | EXT3_COMPR_FL |\
8480 @@ -312,7 +316,8 @@ struct ext3_inode {
8482 __le16 l_i_uid_high; /* these 2 fields */
8483 __le16 l_i_gid_high; /* were reserved2[0] */
8484 - __u32 l_i_reserved2;
8485 + __le16 l_i_tag; /* Context Tag */
8486 + __u16 l_i_reserved2;
8489 __u8 h_i_frag; /* Fragment number */
8490 @@ -343,6 +348,7 @@ struct ext3_inode {
8491 #define i_gid_low i_gid
8492 #define i_uid_high osd2.linux2.l_i_uid_high
8493 #define i_gid_high osd2.linux2.l_i_gid_high
8494 +#define i_raw_tag osd2.linux2.l_i_tag
8495 #define i_reserved2 osd2.linux2.l_i_reserved2
8497 #elif defined(__GNU__)
8498 @@ -405,6 +411,7 @@ struct ext3_inode {
8499 #define EXT3_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */
8500 #define EXT3_MOUNT_DATA_ERR_ABORT 0x400000 /* Abort on file data write
8501 * error in ordered mode */
8502 +#define EXT3_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
8504 /* Compatibility, for having both ext2_fs.h and ext3_fs.h included at once */
8505 #ifndef _LINUX_EXT2_FS_H
8506 @@ -919,6 +926,7 @@ extern void ext3_get_inode_flags(struct
8507 extern void ext3_set_aops(struct inode *inode);
8508 extern int ext3_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
8509 u64 start, u64 len);
8510 +extern int ext3_sync_flags(struct inode *, int, int);
8513 extern long ext3_ioctl(struct file *, unsigned int, unsigned long);
8514 diff -NurpP --minimal linux-3.0-rc5/include/linux/fs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/fs.h
8515 --- linux-3.0-rc5/include/linux/fs.h 2011-07-01 11:14:21.000000000 +0200
8516 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/fs.h 2011-07-01 11:35:35.000000000 +0200
8517 @@ -208,6 +208,9 @@ struct inodes_stat_t {
8518 #define MS_KERNMOUNT (1<<22) /* this is a kern_mount call */
8519 #define MS_I_VERSION (1<<23) /* Update inode I_version field */
8520 #define MS_STRICTATIME (1<<24) /* Always perform atime updates */
8521 +#define MS_TAGGED (1<<25) /* use generic inode tagging */
8522 +#define MS_TAGID (1<<26) /* use specific tag for this mount */
8523 +#define MS_NOTAGCHECK (1<<27) /* don't check tags */
8524 #define MS_NOSEC (1<<28)
8525 #define MS_BORN (1<<29)
8526 #define MS_ACTIVE (1<<30)
8527 @@ -239,6 +242,14 @@ struct inodes_stat_t {
8528 #define S_IMA 1024 /* Inode has an associated IMA struct */
8529 #define S_AUTOMOUNT 2048 /* Automount/referral quasi-directory */
8530 #define S_NOSEC 4096 /* no suid or xattr security attributes */
8531 +#define S_IXUNLINK 16384 /* Immutable Invert on unlink */
8533 +/* Linux-VServer related Inode flags */
8537 +#define V_BARRIER 4 /* Barrier for chroot() */
8538 +#define V_COW 8 /* Copy on Write */
8541 * Note that nosuid etc flags are inode-specific: setting some file-system
8542 @@ -261,12 +272,15 @@ struct inodes_stat_t {
8543 #define IS_DIRSYNC(inode) (__IS_FLG(inode, MS_SYNCHRONOUS|MS_DIRSYNC) || \
8544 ((inode)->i_flags & (S_SYNC|S_DIRSYNC)))
8545 #define IS_MANDLOCK(inode) __IS_FLG(inode, MS_MANDLOCK)
8546 -#define IS_NOATIME(inode) __IS_FLG(inode, MS_RDONLY|MS_NOATIME)
8547 -#define IS_I_VERSION(inode) __IS_FLG(inode, MS_I_VERSION)
8548 +#define IS_NOATIME(inode) __IS_FLG(inode, MS_RDONLY|MS_NOATIME)
8549 +#define IS_I_VERSION(inode) __IS_FLG(inode, MS_I_VERSION)
8550 +#define IS_TAGGED(inode) __IS_FLG(inode, MS_TAGGED)
8552 #define IS_NOQUOTA(inode) ((inode)->i_flags & S_NOQUOTA)
8553 #define IS_APPEND(inode) ((inode)->i_flags & S_APPEND)
8554 #define IS_IMMUTABLE(inode) ((inode)->i_flags & S_IMMUTABLE)
8555 +#define IS_IXUNLINK(inode) ((inode)->i_flags & S_IXUNLINK)
8556 +#define IS_IXORUNLINK(inode) ((IS_IXUNLINK(inode) ? S_IMMUTABLE : 0) ^ IS_IMMUTABLE(inode))
8557 #define IS_POSIXACL(inode) __IS_FLG(inode, MS_POSIXACL)
8559 #define IS_DEADDIR(inode) ((inode)->i_flags & S_DEAD)
8560 @@ -277,6 +291,16 @@ struct inodes_stat_t {
8561 #define IS_AUTOMOUNT(inode) ((inode)->i_flags & S_AUTOMOUNT)
8562 #define IS_NOSEC(inode) ((inode)->i_flags & S_NOSEC)
8564 +#define IS_BARRIER(inode) (S_ISDIR((inode)->i_mode) && ((inode)->i_vflags & V_BARRIER))
8566 +#ifdef CONFIG_VSERVER_COWBL
8567 +# define IS_COW(inode) (IS_IXUNLINK(inode) && IS_IMMUTABLE(inode))
8568 +# define IS_COW_LINK(inode) (S_ISREG((inode)->i_mode) && ((inode)->i_nlink > 1))
8570 +# define IS_COW(inode) (0)
8571 +# define IS_COW_LINK(inode) (0)
8574 /* the read-only stuff doesn't really belong here, but any other place is
8575 probably as bad and I don't want to create yet another include file. */
8577 @@ -362,11 +386,14 @@ struct inodes_stat_t {
8578 #define FS_EXTENT_FL 0x00080000 /* Extents */
8579 #define FS_DIRECTIO_FL 0x00100000 /* Use direct i/o */
8580 #define FS_NOCOW_FL 0x00800000 /* Do not cow file */
8581 +#define FS_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
8582 #define FS_RESERVED_FL 0x80000000 /* reserved for ext2 lib */
8584 -#define FS_FL_USER_VISIBLE 0x0003DFFF /* User visible flags */
8585 -#define FS_FL_USER_MODIFIABLE 0x000380FF /* User modifiable flags */
8587 +#define FS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
8588 +#define FS_COW_FL 0x20000000 /* Copy on Write marker */
8590 +#define FS_FL_USER_VISIBLE 0x0103DFFF /* User visible flags */
8591 +#define FS_FL_USER_MODIFIABLE 0x010380FF /* User modifiable flags */
8593 #define SYNC_FILE_RANGE_WAIT_BEFORE 1
8594 #define SYNC_FILE_RANGE_WRITE 2
8595 @@ -447,6 +474,7 @@ typedef void (dio_iodone_t)(struct kiocb
8596 #define ATTR_KILL_PRIV (1 << 14)
8597 #define ATTR_OPEN (1 << 15) /* Truncating from open(O_TRUNC) */
8598 #define ATTR_TIMES_SET (1 << 16)
8599 +#define ATTR_TAG (1 << 17)
8602 * This is the Inode Attributes structure, used for notify_change(). It
8603 @@ -462,6 +490,7 @@ struct iattr {
8609 struct timespec ia_atime;
8610 struct timespec ia_mtime;
8611 @@ -475,6 +504,9 @@ struct iattr {
8612 struct file *ia_file;
8615 +#define ATTR_FLAG_BARRIER 512 /* Barrier for chroot() */
8616 +#define ATTR_FLAG_IXUNLINK 1024 /* Immutable invert on unlink */
8619 * Includes for diskquotas.
8621 @@ -740,11 +772,13 @@ struct inode {
8626 const struct inode_operations *i_op;
8627 struct super_block *i_sb;
8629 spinlock_t i_lock; /* i_blocks, i_bytes, maybe i_size */
8630 - unsigned int i_flags;
8631 + unsigned short i_flags;
8632 + unsigned short i_vflags;
8633 unsigned long i_state;
8634 #ifdef CONFIG_SECURITY
8636 @@ -766,6 +800,7 @@ struct inode {
8638 unsigned int i_nlink;
8641 unsigned int i_blkbits;
8644 @@ -890,12 +925,12 @@ static inline void i_size_write(struct i
8646 static inline unsigned iminor(const struct inode *inode)
8648 - return MINOR(inode->i_rdev);
8649 + return MINOR(inode->i_mdev);
8652 static inline unsigned imajor(const struct inode *inode)
8654 - return MAJOR(inode->i_rdev);
8655 + return MAJOR(inode->i_mdev);
8658 extern struct block_device *I_BDEV(struct inode *inode);
8659 @@ -957,6 +992,7 @@ struct file {
8661 struct fown_struct f_owner;
8662 const struct cred *f_cred;
8664 struct file_ra_state f_ra;
8667 @@ -1101,6 +1137,7 @@ struct file_lock {
8668 struct file *fl_file;
8673 struct fasync_struct * fl_fasync; /* for lease break notifications */
8674 unsigned long fl_break_time; /* for nonblocking lease breaks */
8675 @@ -1600,6 +1637,7 @@ struct inode_operations {
8676 ssize_t (*getxattr) (struct dentry *, const char *, void *, size_t);
8677 ssize_t (*listxattr) (struct dentry *, char *, size_t);
8678 int (*removexattr) (struct dentry *, const char *);
8679 + int (*sync_flags) (struct inode *, int, int);
8680 void (*truncate_range)(struct inode *, loff_t, loff_t);
8681 int (*fiemap)(struct inode *, struct fiemap_extent_info *, u64 start,
8683 @@ -1618,6 +1656,7 @@ extern ssize_t vfs_readv(struct file *,
8684 unsigned long, loff_t *);
8685 extern ssize_t vfs_writev(struct file *, const struct iovec __user *,
8686 unsigned long, loff_t *);
8687 +ssize_t vfs_sendfile(struct file *, struct file *, loff_t *, size_t, loff_t);
8689 struct super_operations {
8690 struct inode *(*alloc_inode)(struct super_block *sb);
8691 @@ -2437,6 +2476,7 @@ extern int dcache_dir_open(struct inode
8692 extern int dcache_dir_close(struct inode *, struct file *);
8693 extern loff_t dcache_dir_lseek(struct file *, loff_t, int);
8694 extern int dcache_readdir(struct file *, void *, filldir_t);
8695 +extern int dcache_readdir_filter(struct file *, void *, filldir_t, int (*)(struct dentry *));
8696 extern int simple_setattr(struct dentry *, struct iattr *);
8697 extern int simple_getattr(struct vfsmount *, struct dentry *, struct kstat *);
8698 extern int simple_statfs(struct dentry *, struct kstatfs *);
8699 diff -NurpP --minimal linux-3.0-rc5/include/linux/gfs2_ondisk.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/gfs2_ondisk.h
8700 --- linux-3.0-rc5/include/linux/gfs2_ondisk.h 2010-07-07 18:31:55.000000000 +0200
8701 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/gfs2_ondisk.h 2011-06-10 22:11:24.000000000 +0200
8702 @@ -211,6 +211,9 @@ enum {
8706 + gfs2fl_IXUnlink = 16,
8707 + gfs2fl_Barrier = 17,
8709 gfs2fl_TruncInProg = 29,
8710 gfs2fl_InheritDirectio = 30,
8711 gfs2fl_InheritJdata = 31,
8712 @@ -227,6 +230,9 @@ enum {
8713 #define GFS2_DIF_NOATIME 0x00000080
8714 #define GFS2_DIF_SYNC 0x00000100
8715 #define GFS2_DIF_SYSTEM 0x00000200 /* New in gfs2 */
8716 +#define GFS2_DIF_IXUNLINK 0x00010000
8717 +#define GFS2_DIF_BARRIER 0x00020000
8718 +#define GFS2_DIF_COW 0x00040000
8719 #define GFS2_DIF_TRUNC_IN_PROG 0x20000000 /* New in gfs2 */
8720 #define GFS2_DIF_INHERIT_DIRECTIO 0x40000000
8721 #define GFS2_DIF_INHERIT_JDATA 0x80000000
8722 diff -NurpP --minimal linux-3.0-rc5/include/linux/if_tun.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/if_tun.h
8723 --- linux-3.0-rc5/include/linux/if_tun.h 2010-08-02 16:52:54.000000000 +0200
8724 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/if_tun.h 2011-06-10 22:11:24.000000000 +0200
8726 #define TUNDETACHFILTER _IOW('T', 214, struct sock_fprog)
8727 #define TUNGETVNETHDRSZ _IOR('T', 215, int)
8728 #define TUNSETVNETHDRSZ _IOW('T', 216, int)
8729 +#define TUNSETNID _IOW('T', 217, int)
8731 /* TUNSETIFF ifr flags */
8732 #define IFF_TUN 0x0001
8733 diff -NurpP --minimal linux-3.0-rc5/include/linux/init_task.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/init_task.h
8734 --- linux-3.0-rc5/include/linux/init_task.h 2011-07-01 11:14:21.000000000 +0200
8735 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/init_task.h 2011-06-10 22:11:24.000000000 +0200
8736 @@ -193,6 +193,10 @@ extern struct cred init_cred;
8738 INIT_TRACE_RECURSION \
8739 INIT_TASK_RCU_PREEMPT(tsk) \
8741 + .vx_info = NULL, \
8743 + .nx_info = NULL, \
8747 diff -NurpP --minimal linux-3.0-rc5/include/linux/ipc.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/ipc.h
8748 --- linux-3.0-rc5/include/linux/ipc.h 2009-12-03 20:02:55.000000000 +0100
8749 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/ipc.h 2011-06-10 22:11:24.000000000 +0200
8750 @@ -91,6 +91,7 @@ struct kern_ipc_perm
8758 diff -NurpP --minimal linux-3.0-rc5/include/linux/ipc_namespace.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/ipc_namespace.h
8759 --- linux-3.0-rc5/include/linux/ipc_namespace.h 2011-05-22 16:17:55.000000000 +0200
8760 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/ipc_namespace.h 2011-06-13 14:09:44.000000000 +0200
8761 @@ -94,7 +94,8 @@ static inline int mq_init_ns(struct ipc_
8763 #if defined(CONFIG_IPC_NS)
8764 extern struct ipc_namespace *copy_ipcs(unsigned long flags,
8765 - struct task_struct *tsk);
8766 + struct ipc_namespace *old_ns,
8767 + struct user_namespace *user_ns);
8768 static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns)
8771 @@ -105,12 +106,13 @@ static inline struct ipc_namespace *get_
8772 extern void put_ipc_ns(struct ipc_namespace *ns);
8774 static inline struct ipc_namespace *copy_ipcs(unsigned long flags,
8775 - struct task_struct *tsk)
8776 + struct ipc_namespace *old_ns,
8777 + struct user_namespace *user_ns)
8779 if (flags & CLONE_NEWIPC)
8780 return ERR_PTR(-EINVAL);
8782 - return tsk->nsproxy->ipc_ns;
8786 static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns)
8787 diff -NurpP --minimal linux-3.0-rc5/include/linux/loop.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/loop.h
8788 --- linux-3.0-rc5/include/linux/loop.h 2009-09-10 15:26:25.000000000 +0200
8789 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/loop.h 2011-06-10 22:11:24.000000000 +0200
8790 @@ -45,6 +45,7 @@ struct loop_device {
8791 struct loop_func_table *lo_encryption;
8793 uid_t lo_key_owner; /* Who set the key */
8795 int (*ioctl)(struct loop_device *, int cmd,
8798 diff -NurpP --minimal linux-3.0-rc5/include/linux/magic.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/magic.h
8799 --- linux-3.0-rc5/include/linux/magic.h 2011-05-22 16:17:55.000000000 +0200
8800 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/magic.h 2011-06-10 22:11:24.000000000 +0200
8803 #define ADFS_SUPER_MAGIC 0xadf5
8804 #define AFFS_SUPER_MAGIC 0xadff
8805 -#define AFS_SUPER_MAGIC 0x5346414F
8806 +#define AFS_SUPER_MAGIC 0x5346414F
8807 #define AUTOFS_SUPER_MAGIC 0x0187
8808 #define CODA_SUPER_MAGIC 0x73757245
8809 #define CRAMFS_MAGIC 0x28cd3d45 /* some random number */
8811 #define NFS_SUPER_MAGIC 0x6969
8812 #define OPENPROM_SUPER_MAGIC 0x9fa1
8813 #define PROC_SUPER_MAGIC 0x9fa0
8814 +#define DEVPTS_SUPER_MAGIC 0x1cd1
8815 #define QNX4_SUPER_MAGIC 0x002f /* qnx4 fs detection */
8817 #define REISERFS_SUPER_MAGIC 0x52654973 /* used by gcc */
8818 diff -NurpP --minimal linux-3.0-rc5/include/linux/major.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/major.h
8819 --- linux-3.0-rc5/include/linux/major.h 2009-09-10 15:26:25.000000000 +0200
8820 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/major.h 2011-06-10 22:11:24.000000000 +0200
8822 #define HD_MAJOR IDE0_MAJOR
8823 #define PTY_SLAVE_MAJOR 3
8825 +#define VROOT_MAJOR 4
8826 #define TTYAUX_MAJOR 5
8829 diff -NurpP --minimal linux-3.0-rc5/include/linux/memcontrol.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/memcontrol.h
8830 --- linux-3.0-rc5/include/linux/memcontrol.h 2011-07-01 11:14:21.000000000 +0200
8831 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/memcontrol.h 2011-06-22 12:39:15.000000000 +0200
8832 @@ -86,6 +86,13 @@ extern struct mem_cgroup *try_get_mem_cg
8833 extern struct mem_cgroup *mem_cgroup_from_task(struct task_struct *p);
8834 extern struct mem_cgroup *try_get_mem_cgroup_from_mm(struct mm_struct *mm);
8836 +extern u64 mem_cgroup_res_read_u64(struct mem_cgroup *mem, int member);
8837 +extern u64 mem_cgroup_memsw_read_u64(struct mem_cgroup *mem, int member);
8839 +extern s64 mem_cgroup_stat_read_cache(struct mem_cgroup *mem);
8840 +extern s64 mem_cgroup_stat_read_anon(struct mem_cgroup *mem);
8841 +extern s64 mem_cgroup_stat_read_mapped(struct mem_cgroup *mem);
8844 int mm_match_cgroup(const struct mm_struct *mm, const struct mem_cgroup *cgroup)
8846 diff -NurpP --minimal linux-3.0-rc5/include/linux/mm_types.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/mm_types.h
8847 --- linux-3.0-rc5/include/linux/mm_types.h 2011-07-01 11:14:21.000000000 +0200
8848 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/mm_types.h 2011-06-10 22:11:24.000000000 +0200
8849 @@ -268,6 +268,7 @@ struct mm_struct {
8851 /* Architecture-specific MM context */
8852 mm_context_t context;
8853 + struct vx_info *mm_vx_info;
8855 /* Swap token stuff */
8857 diff -NurpP --minimal linux-3.0-rc5/include/linux/mmzone.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/mmzone.h
8858 --- linux-3.0-rc5/include/linux/mmzone.h 2011-07-01 11:14:21.000000000 +0200
8859 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/mmzone.h 2011-07-01 11:35:35.000000000 +0200
8860 @@ -654,6 +654,13 @@ typedef struct pglist_data {
8861 __pgdat->node_start_pfn + __pgdat->node_spanned_pages;\
8864 +#define node_start_pfn(nid) (NODE_DATA(nid)->node_start_pfn)
8866 +#define node_end_pfn(nid) ({\
8867 + pg_data_t *__pgdat = NODE_DATA(nid);\
8868 + __pgdat->node_start_pfn + __pgdat->node_spanned_pages;\
8871 #include <linux/memory_hotplug.h>
8873 extern struct mutex zonelists_mutex;
8874 diff -NurpP --minimal linux-3.0-rc5/include/linux/mount.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/mount.h
8875 --- linux-3.0-rc5/include/linux/mount.h 2011-03-15 18:07:39.000000000 +0100
8876 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/mount.h 2011-06-10 22:11:24.000000000 +0200
8877 @@ -52,6 +52,9 @@ struct mnt_pcp {
8881 +#define MNT_TAGID 0x10000
8882 +#define MNT_NOTAG 0x20000
8885 struct list_head mnt_hash;
8886 struct vfsmount *mnt_parent; /* fs we are mounted on */
8887 @@ -86,6 +89,7 @@ struct vfsmount {
8888 int mnt_expiry_mark; /* true if marked for expiry */
8891 + tag_t mnt_tag; /* tagging used for vfsmount */
8894 struct file; /* forward dec */
8895 diff -NurpP --minimal linux-3.0-rc5/include/linux/net.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/net.h
8896 --- linux-3.0-rc5/include/linux/net.h 2011-07-01 11:14:21.000000000 +0200
8897 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/net.h 2011-06-10 22:11:24.000000000 +0200
8898 @@ -72,6 +72,7 @@ struct net;
8899 #define SOCK_NOSPACE 2
8900 #define SOCK_PASSCRED 3
8901 #define SOCK_PASSSEC 4
8902 +#define SOCK_USER_SOCKET 5
8904 #ifndef ARCH_HAS_SOCKET_TYPES
8906 diff -NurpP --minimal linux-3.0-rc5/include/linux/nfs_mount.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/nfs_mount.h
8907 --- linux-3.0-rc5/include/linux/nfs_mount.h 2011-01-05 21:50:31.000000000 +0100
8908 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/nfs_mount.h 2011-06-10 22:11:24.000000000 +0200
8909 @@ -63,7 +63,8 @@ struct nfs_mount_data {
8910 #define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 */
8911 #define NFS_MOUNT_NORDIRPLUS 0x4000 /* 5 */
8912 #define NFS_MOUNT_UNSHARED 0x8000 /* 5 */
8913 -#define NFS_MOUNT_FLAGMASK 0xFFFF
8914 +#define NFS_MOUNT_TAGGED 0x10000 /* context tagging */
8915 +#define NFS_MOUNT_FLAGMASK 0x1FFFF
8917 /* The following are for internal use only */
8918 #define NFS_MOUNT_LOOKUP_CACHE_NONEG 0x10000
8919 diff -NurpP --minimal linux-3.0-rc5/include/linux/nsproxy.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/nsproxy.h
8920 --- linux-3.0-rc5/include/linux/nsproxy.h 2011-07-01 11:14:21.000000000 +0200
8921 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/nsproxy.h 2011-06-10 22:11:24.000000000 +0200
8924 #include <linux/spinlock.h>
8925 #include <linux/sched.h>
8926 +#include <linux/vserver/debug.h>
8928 struct mnt_namespace;
8929 struct uts_namespace;
8930 @@ -63,22 +64,33 @@ static inline struct nsproxy *task_nspro
8933 int copy_namespaces(unsigned long flags, struct task_struct *tsk);
8934 +struct nsproxy *copy_nsproxy(struct nsproxy *orig);
8935 void exit_task_namespaces(struct task_struct *tsk);
8936 void switch_task_namespaces(struct task_struct *tsk, struct nsproxy *new);
8937 void free_nsproxy(struct nsproxy *ns);
8938 int unshare_nsproxy_namespaces(unsigned long, struct nsproxy **,
8939 struct fs_struct *);
8941 -static inline void put_nsproxy(struct nsproxy *ns)
8942 +#define get_nsproxy(n) __get_nsproxy(n, __FILE__, __LINE__)
8944 +static inline void __get_nsproxy(struct nsproxy *ns,
8945 + const char *_file, int _line)
8947 - if (atomic_dec_and_test(&ns->count)) {
8950 + vxlprintk(VXD_CBIT(space, 0), "get_nsproxy(%p[%u])",
8951 + ns, atomic_read(&ns->count), _file, _line);
8952 + atomic_inc(&ns->count);
8955 -static inline void get_nsproxy(struct nsproxy *ns)
8956 +#define put_nsproxy(n) __put_nsproxy(n, __FILE__, __LINE__)
8958 +static inline void __put_nsproxy(struct nsproxy *ns,
8959 + const char *_file, int _line)
8961 - atomic_inc(&ns->count);
8962 + vxlprintk(VXD_CBIT(space, 0), "put_nsproxy(%p[%u])",
8963 + ns, atomic_read(&ns->count), _file, _line);
8964 + if (atomic_dec_and_test(&ns->count)) {
8970 diff -NurpP --minimal linux-3.0-rc5/include/linux/pid.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/pid.h
8971 --- linux-3.0-rc5/include/linux/pid.h 2011-07-01 11:14:21.000000000 +0200
8972 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/pid.h 2011-06-10 22:11:24.000000000 +0200
8973 @@ -8,7 +8,8 @@ enum pid_type
8983 @@ -171,6 +172,7 @@ static inline pid_t pid_nr(struct pid *p
8986 pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns);
8987 +pid_t pid_unmapped_nr_ns(struct pid *pid, struct pid_namespace *ns);
8988 pid_t pid_vnr(struct pid *pid);
8990 #define do_each_pid_task(pid, type, task) \
8991 diff -NurpP --minimal linux-3.0-rc5/include/linux/proc_fs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/proc_fs.h
8992 --- linux-3.0-rc5/include/linux/proc_fs.h 2011-07-01 11:14:21.000000000 +0200
8993 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/proc_fs.h 2011-06-10 22:11:24.000000000 +0200
8994 @@ -56,6 +56,7 @@ struct proc_dir_entry {
9000 const struct inode_operations *proc_iops;
9002 @@ -252,12 +253,18 @@ extern const struct proc_ns_operations n
9003 extern const struct proc_ns_operations utsns_operations;
9004 extern const struct proc_ns_operations ipcns_operations;
9010 int (*proc_get_link)(struct inode *, struct path *);
9011 int (*proc_read)(struct task_struct *task, char *page);
9012 int (*proc_show)(struct seq_file *m,
9013 struct pid_namespace *ns, struct pid *pid,
9014 struct task_struct *task);
9015 + int (*proc_vs_read)(char *page);
9016 + int (*proc_vxi_read)(struct vx_info *vxi, char *page);
9017 + int (*proc_nxi_read)(struct nx_info *nxi, char *page);
9020 struct ctl_table_header;
9021 @@ -265,6 +272,7 @@ struct ctl_table;
9028 struct proc_dir_entry *pde;
9029 diff -NurpP --minimal linux-3.0-rc5/include/linux/quotaops.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/quotaops.h
9030 --- linux-3.0-rc5/include/linux/quotaops.h 2011-05-22 16:17:57.000000000 +0200
9031 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/quotaops.h 2011-06-10 22:11:24.000000000 +0200
9033 #define _LINUX_QUOTAOPS_
9035 #include <linux/fs.h>
9036 +#include <linux/vs_dlimit.h>
9038 #define DQUOT_SPACE_WARN 0x1
9039 #define DQUOT_SPACE_RESERVE 0x2
9040 @@ -204,11 +205,12 @@ static inline void dquot_drop(struct ino
9042 static inline int dquot_alloc_inode(const struct inode *inode)
9045 + return dl_alloc_inode(inode);
9048 static inline void dquot_free_inode(const struct inode *inode)
9050 + dl_free_inode(inode);
9053 static inline int dquot_transfer(struct inode *inode, struct iattr *iattr)
9054 @@ -219,6 +221,10 @@ static inline int dquot_transfer(struct
9055 static inline int __dquot_alloc_space(struct inode *inode, qsize_t number,
9060 + if ((ret = dl_alloc_space(inode, number)))
9062 if (!(flags & DQUOT_SPACE_RESERVE))
9063 inode_add_bytes(inode, number);
9065 @@ -229,6 +235,7 @@ static inline void __dquot_free_space(st
9067 if (!(flags & DQUOT_SPACE_RESERVE))
9068 inode_sub_bytes(inode, number);
9069 + dl_free_space(inode, number);
9072 static inline int dquot_claim_space_nodirty(struct inode *inode, qsize_t number)
9073 diff -NurpP --minimal linux-3.0-rc5/include/linux/reboot.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/reboot.h
9074 --- linux-3.0-rc5/include/linux/reboot.h 2010-07-07 18:31:56.000000000 +0200
9075 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/reboot.h 2011-06-10 22:11:24.000000000 +0200
9077 #define LINUX_REBOOT_CMD_RESTART2 0xA1B2C3D4
9078 #define LINUX_REBOOT_CMD_SW_SUSPEND 0xD000FCE2
9079 #define LINUX_REBOOT_CMD_KEXEC 0x45584543
9080 +#define LINUX_REBOOT_CMD_OOM 0xDEADBEEF
9084 diff -NurpP --minimal linux-3.0-rc5/include/linux/reiserfs_fs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/reiserfs_fs.h
9085 --- linux-3.0-rc5/include/linux/reiserfs_fs.h 2011-05-22 16:17:58.000000000 +0200
9086 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/reiserfs_fs.h 2011-06-10 22:11:24.000000000 +0200
9087 @@ -976,6 +976,11 @@ struct stat_data_v1 {
9088 #define REISERFS_COMPR_FL FS_COMPR_FL
9089 #define REISERFS_NOTAIL_FL FS_NOTAIL_FL
9091 +/* unfortunately reiserfs sdattr is only 16 bit */
9092 +#define REISERFS_IXUNLINK_FL (FS_IXUNLINK_FL >> 16)
9093 +#define REISERFS_BARRIER_FL (FS_BARRIER_FL >> 16)
9094 +#define REISERFS_COW_FL (FS_COW_FL >> 16)
9096 /* persistent flags that file inherits from the parent directory */
9097 #define REISERFS_INHERIT_MASK ( REISERFS_IMMUTABLE_FL | \
9098 REISERFS_SYNC_FL | \
9099 @@ -985,6 +990,9 @@ struct stat_data_v1 {
9100 REISERFS_COMPR_FL | \
9101 REISERFS_NOTAIL_FL )
9103 +#define REISERFS_FL_USER_VISIBLE 0x80FF
9104 +#define REISERFS_FL_USER_MODIFIABLE 0x80FF
9106 /* Stat Data on disk (reiserfs version of UFS disk inode minus the
9109 @@ -2073,6 +2081,7 @@ static inline void reiserfs_update_sd(st
9110 void sd_attrs_to_i_attrs(__u16 sd_attrs, struct inode *inode);
9111 void i_attrs_to_sd_attrs(struct inode *inode, __u16 * sd_attrs);
9112 int reiserfs_setattr(struct dentry *dentry, struct iattr *attr);
9113 +int reiserfs_sync_flags(struct inode *inode, int, int);
9115 int __reiserfs_write_begin(struct page *page, unsigned from, unsigned len);
9117 diff -NurpP --minimal linux-3.0-rc5/include/linux/reiserfs_fs_sb.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/reiserfs_fs_sb.h
9118 --- linux-3.0-rc5/include/linux/reiserfs_fs_sb.h 2010-02-25 11:52:07.000000000 +0100
9119 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/reiserfs_fs_sb.h 2011-06-10 22:11:24.000000000 +0200
9120 @@ -476,6 +476,7 @@ enum reiserfs_mount_options {
9121 REISERFS_EXPOSE_PRIVROOT,
9122 REISERFS_BARRIER_NONE,
9123 REISERFS_BARRIER_FLUSH,
9126 /* Actions on error */
9127 REISERFS_ERROR_PANIC,
9128 diff -NurpP --minimal linux-3.0-rc5/include/linux/sched.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/sched.h
9129 --- linux-3.0-rc5/include/linux/sched.h 2011-07-01 11:14:21.000000000 +0200
9130 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/sched.h 2011-06-15 02:40:14.000000000 +0200
9131 @@ -1397,6 +1397,14 @@ struct task_struct {
9135 +/* vserver context data */
9136 + struct vx_info *vx_info;
9137 + struct nx_info *nx_info;
9143 /* Thread group tracking */
9146 @@ -1640,6 +1648,11 @@ struct pid_namespace;
9147 pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type,
9148 struct pid_namespace *ns);
9150 +#include <linux/vserver/base.h>
9151 +#include <linux/vserver/context.h>
9152 +#include <linux/vserver/debug.h>
9153 +#include <linux/vserver/pid.h>
9155 static inline pid_t task_pid_nr(struct task_struct *tsk)
9158 @@ -1653,7 +1666,8 @@ static inline pid_t task_pid_nr_ns(struc
9160 static inline pid_t task_pid_vnr(struct task_struct *tsk)
9162 - return __task_pid_nr_ns(tsk, PIDTYPE_PID, NULL);
9163 + // return __task_pid_nr_ns(tsk, PIDTYPE_PID, NULL);
9164 + return vx_map_pid(__task_pid_nr_ns(tsk, PIDTYPE_PID, NULL));
9168 @@ -1666,7 +1680,7 @@ pid_t task_tgid_nr_ns(struct task_struct
9170 static inline pid_t task_tgid_vnr(struct task_struct *tsk)
9172 - return pid_vnr(task_tgid(tsk));
9173 + return vx_map_tgid(pid_vnr(task_tgid(tsk)));
9177 diff -NurpP --minimal linux-3.0-rc5/include/linux/shmem_fs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/shmem_fs.h
9178 --- linux-3.0-rc5/include/linux/shmem_fs.h 2011-07-01 11:14:21.000000000 +0200
9179 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/shmem_fs.h 2011-07-01 11:35:35.000000000 +0200
9182 #define SHMEM_SYMLINK_INLINE_LEN (SHMEM_NR_DIRECT * sizeof(swp_entry_t))
9184 +#define TMPFS_SUPER_MAGIC 0x01021994
9187 struct shmem_inode_info {
9189 unsigned long flags;
9190 diff -NurpP --minimal linux-3.0-rc5/include/linux/stat.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/stat.h
9191 --- linux-3.0-rc5/include/linux/stat.h 2008-12-25 00:26:37.000000000 +0100
9192 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/stat.h 2011-06-10 22:11:24.000000000 +0200
9193 @@ -66,6 +66,7 @@ struct kstat {
9200 struct timespec atime;
9201 diff -NurpP --minimal linux-3.0-rc5/include/linux/sunrpc/auth.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/sunrpc/auth.h
9202 --- linux-3.0-rc5/include/linux/sunrpc/auth.h 2011-03-15 18:07:39.000000000 +0100
9203 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/sunrpc/auth.h 2011-06-10 22:11:24.000000000 +0200
9209 struct group_info *group_info;
9210 unsigned char machine_cred : 1;
9212 diff -NurpP --minimal linux-3.0-rc5/include/linux/sunrpc/clnt.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/sunrpc/clnt.h
9213 --- linux-3.0-rc5/include/linux/sunrpc/clnt.h 2011-05-22 16:17:58.000000000 +0200
9214 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/sunrpc/clnt.h 2011-06-10 22:11:24.000000000 +0200
9215 @@ -49,7 +49,8 @@ struct rpc_clnt {
9216 unsigned int cl_softrtry : 1,/* soft timeouts */
9217 cl_discrtry : 1,/* disconnect before retry */
9218 cl_autobind : 1,/* use getport() */
9219 - cl_chatty : 1;/* be verbose */
9220 + cl_chatty : 1,/* be verbose */
9221 + cl_tag : 1;/* context tagging */
9223 struct rpc_rtt * cl_rtt; /* RTO estimator data */
9224 const struct rpc_timeout *cl_timeout; /* Timeout strategy */
9225 diff -NurpP --minimal linux-3.0-rc5/include/linux/syscalls.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/syscalls.h
9226 --- linux-3.0-rc5/include/linux/syscalls.h 2011-07-01 11:14:22.000000000 +0200
9227 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/syscalls.h 2011-06-10 22:11:24.000000000 +0200
9228 @@ -483,6 +483,8 @@ asmlinkage long sys_symlink(const char _
9229 asmlinkage long sys_unlink(const char __user *pathname);
9230 asmlinkage long sys_rename(const char __user *oldname,
9231 const char __user *newname);
9232 +asmlinkage long sys_copyfile(const char __user *from, const char __user *to,
9234 asmlinkage long sys_chmod(const char __user *filename, mode_t mode);
9235 asmlinkage long sys_fchmod(unsigned int fd, mode_t mode);
9237 diff -NurpP --minimal linux-3.0-rc5/include/linux/sysctl.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/sysctl.h
9238 --- linux-3.0-rc5/include/linux/sysctl.h 2011-03-15 18:07:40.000000000 +0100
9239 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/sysctl.h 2011-06-10 22:11:24.000000000 +0200
9240 @@ -60,6 +60,7 @@ enum
9241 CTL_ABI=9, /* Binary emulation */
9242 CTL_CPU=10, /* CPU stuff (speed scaling, etc) */
9243 CTL_ARLAN=254, /* arlan wireless driver */
9244 + CTL_VSERVER=4242, /* Linux-VServer debug */
9245 CTL_S390DBF=5677, /* s390 debug */
9246 CTL_SUNRPC=7249, /* sunrpc debug */
9247 CTL_PM=9899, /* frv power management */
9248 @@ -94,6 +95,7 @@ enum
9250 KERN_PANIC=15, /* int: panic timeout */
9251 KERN_REALROOTDEV=16, /* real root device to mount after initrd */
9252 + KERN_VSHELPER=17, /* string: path to vshelper policy agent */
9254 KERN_SPARC_REBOOT=21, /* reboot command on Sparc */
9255 KERN_CTLALTDEL=22, /* int: allow ctl-alt-del to reboot */
9256 diff -NurpP --minimal linux-3.0-rc5/include/linux/sysfs.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/sysfs.h
9257 --- linux-3.0-rc5/include/linux/sysfs.h 2011-07-01 11:14:22.000000000 +0200
9258 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/sysfs.h 2011-06-22 12:39:15.000000000 +0200
9260 #include <linux/kobject_ns.h>
9261 #include <asm/atomic.h>
9263 +#define SYSFS_SUPER_MAGIC 0x62656572
9268 diff -NurpP --minimal linux-3.0-rc5/include/linux/time.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/time.h
9269 --- linux-3.0-rc5/include/linux/time.h 2011-07-01 11:14:22.000000000 +0200
9270 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/time.h 2011-06-10 22:11:24.000000000 +0200
9271 @@ -256,6 +256,9 @@ static __always_inline void timespec_add
9272 a->tv_sec += __iter_div_u64_rem(a->tv_nsec + ns, NSEC_PER_SEC, &ns);
9276 +#include <linux/vs_time.h>
9278 #endif /* __KERNEL__ */
9280 #define NFDBITS __NFDBITS
9281 diff -NurpP --minimal linux-3.0-rc5/include/linux/types.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/types.h
9282 --- linux-3.0-rc5/include/linux/types.h 2011-05-22 16:17:58.000000000 +0200
9283 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/types.h 2011-06-10 22:11:24.000000000 +0200
9284 @@ -40,6 +40,9 @@ typedef __kernel_uid32_t uid_t;
9285 typedef __kernel_gid32_t gid_t;
9286 typedef __kernel_uid16_t uid16_t;
9287 typedef __kernel_gid16_t gid16_t;
9288 +typedef unsigned int xid_t;
9289 +typedef unsigned int nid_t;
9290 +typedef unsigned int tag_t;
9292 typedef unsigned long uintptr_t;
9294 diff -NurpP --minimal linux-3.0-rc5/include/linux/utsname.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/utsname.h
9295 --- linux-3.0-rc5/include/linux/utsname.h 2011-05-22 16:17:58.000000000 +0200
9296 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/utsname.h 2011-06-13 14:36:48.000000000 +0200
9297 @@ -54,7 +54,8 @@ static inline void get_uts_ns(struct uts
9300 extern struct uts_namespace *copy_utsname(unsigned long flags,
9301 - struct task_struct *tsk);
9302 + struct uts_namespace *old_ns,
9303 + struct user_namespace *user_ns);
9304 extern void free_uts_ns(struct kref *kref);
9306 static inline void put_uts_ns(struct uts_namespace *ns)
9307 @@ -71,12 +72,13 @@ static inline void put_uts_ns(struct uts
9310 static inline struct uts_namespace *copy_utsname(unsigned long flags,
9311 - struct task_struct *tsk)
9312 + struct uts_namespace *old_ns,
9313 + struct user_namespace *user_ns)
9315 if (flags & CLONE_NEWUTS)
9316 return ERR_PTR(-EINVAL);
9318 - return tsk->nsproxy->uts_ns;
9323 diff -NurpP --minimal linux-3.0-rc5/include/linux/vroot.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vroot.h
9324 --- linux-3.0-rc5/include/linux/vroot.h 1970-01-01 01:00:00.000000000 +0100
9325 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vroot.h 2011-06-10 22:11:24.000000000 +0200
9329 + * include/linux/vroot.h
9331 + * written by Herbert Pötzl, 9/11/2002
9332 + * ported to 2.6 by Herbert Pötzl, 30/12/2004
9334 + * Copyright (C) 2002-2007 by Herbert Pötzl.
9335 + * Redistribution of this file is permitted under the
9336 + * GNU General Public License.
9339 +#ifndef _LINUX_VROOT_H
9340 +#define _LINUX_VROOT_H
9345 +/* Possible states of device */
9351 +struct vroot_device {
9355 + struct semaphore vr_ctl_mutex;
9356 + struct block_device *vr_device;
9361 +typedef struct block_device *(vroot_grb_func)(struct block_device *);
9363 +extern int register_vroot_grb(vroot_grb_func *);
9364 +extern int unregister_vroot_grb(vroot_grb_func *);
9366 +#endif /* __KERNEL__ */
9368 +#define MAX_VROOT_DEFAULT 8
9371 + * IOCTL commands --- we will commandeer 0x56 ('V')
9374 +#define VROOT_SET_DEV 0x5600
9375 +#define VROOT_CLR_DEV 0x5601
9377 +#endif /* _LINUX_VROOT_H */
9378 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_base.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_base.h
9379 --- linux-3.0-rc5/include/linux/vs_base.h 1970-01-01 01:00:00.000000000 +0100
9380 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_base.h 2011-06-10 22:11:24.000000000 +0200
9385 +#include "vserver/base.h"
9386 +#include "vserver/check.h"
9387 +#include "vserver/debug.h"
9390 +#warning duplicate inclusion
9392 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_context.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_context.h
9393 --- linux-3.0-rc5/include/linux/vs_context.h 1970-01-01 01:00:00.000000000 +0100
9394 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_context.h 2011-06-10 22:11:24.000000000 +0200
9396 +#ifndef _VS_CONTEXT_H
9397 +#define _VS_CONTEXT_H
9399 +#include "vserver/base.h"
9400 +#include "vserver/check.h"
9401 +#include "vserver/context.h"
9402 +#include "vserver/history.h"
9403 +#include "vserver/debug.h"
9405 +#include <linux/sched.h>
9408 +#define get_vx_info(i) __get_vx_info(i, __FILE__, __LINE__, __HERE__)
9410 +static inline struct vx_info *__get_vx_info(struct vx_info *vxi,
9411 + const char *_file, int _line, void *_here)
9416 + vxlprintk(VXD_CBIT(xid, 2), "get_vx_info(%p[#%d.%d])",
9417 + vxi, vxi ? vxi->vx_id : 0,
9418 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
9420 + __vxh_get_vx_info(vxi, _here);
9422 + atomic_inc(&vxi->vx_usecnt);
9427 +extern void free_vx_info(struct vx_info *);
9429 +#define put_vx_info(i) __put_vx_info(i, __FILE__, __LINE__, __HERE__)
9431 +static inline void __put_vx_info(struct vx_info *vxi,
9432 + const char *_file, int _line, void *_here)
9437 + vxlprintk(VXD_CBIT(xid, 2), "put_vx_info(%p[#%d.%d])",
9438 + vxi, vxi ? vxi->vx_id : 0,
9439 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
9441 + __vxh_put_vx_info(vxi, _here);
9443 + if (atomic_dec_and_test(&vxi->vx_usecnt))
9444 + free_vx_info(vxi);
9448 +#define init_vx_info(p, i) \
9449 + __init_vx_info(p, i, __FILE__, __LINE__, __HERE__)
9451 +static inline void __init_vx_info(struct vx_info **vxp, struct vx_info *vxi,
9452 + const char *_file, int _line, void *_here)
9455 + vxlprintk(VXD_CBIT(xid, 3),
9456 + "init_vx_info(%p[#%d.%d])",
9457 + vxi, vxi ? vxi->vx_id : 0,
9458 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
9460 + __vxh_init_vx_info(vxi, vxp, _here);
9462 + atomic_inc(&vxi->vx_usecnt);
9468 +#define set_vx_info(p, i) \
9469 + __set_vx_info(p, i, __FILE__, __LINE__, __HERE__)
9471 +static inline void __set_vx_info(struct vx_info **vxp, struct vx_info *vxi,
9472 + const char *_file, int _line, void *_here)
9474 + struct vx_info *vxo;
9479 + vxlprintk(VXD_CBIT(xid, 3), "set_vx_info(%p[#%d.%d])",
9480 + vxi, vxi ? vxi->vx_id : 0,
9481 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
9483 + __vxh_set_vx_info(vxi, vxp, _here);
9485 + atomic_inc(&vxi->vx_usecnt);
9486 + vxo = xchg(vxp, vxi);
9491 +#define clr_vx_info(p) __clr_vx_info(p, __FILE__, __LINE__, __HERE__)
9493 +static inline void __clr_vx_info(struct vx_info **vxp,
9494 + const char *_file, int _line, void *_here)
9496 + struct vx_info *vxo;
9498 + vxo = xchg(vxp, NULL);
9502 + vxlprintk(VXD_CBIT(xid, 3), "clr_vx_info(%p[#%d.%d])",
9503 + vxo, vxo ? vxo->vx_id : 0,
9504 + vxo ? atomic_read(&vxo->vx_usecnt) : 0,
9506 + __vxh_clr_vx_info(vxo, vxp, _here);
9508 + if (atomic_dec_and_test(&vxo->vx_usecnt))
9509 + free_vx_info(vxo);
9513 +#define claim_vx_info(v, p) \
9514 + __claim_vx_info(v, p, __FILE__, __LINE__, __HERE__)
9516 +static inline void __claim_vx_info(struct vx_info *vxi,
9517 + struct task_struct *task,
9518 + const char *_file, int _line, void *_here)
9520 + vxlprintk(VXD_CBIT(xid, 3), "claim_vx_info(%p[#%d.%d.%d]) %p",
9521 + vxi, vxi ? vxi->vx_id : 0,
9522 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
9523 + vxi ? atomic_read(&vxi->vx_tasks) : 0,
9524 + task, _file, _line);
9525 + __vxh_claim_vx_info(vxi, task, _here);
9527 + atomic_inc(&vxi->vx_tasks);
9531 +extern void unhash_vx_info(struct vx_info *);
9533 +#define release_vx_info(v, p) \
9534 + __release_vx_info(v, p, __FILE__, __LINE__, __HERE__)
9536 +static inline void __release_vx_info(struct vx_info *vxi,
9537 + struct task_struct *task,
9538 + const char *_file, int _line, void *_here)
9540 + vxlprintk(VXD_CBIT(xid, 3), "release_vx_info(%p[#%d.%d.%d]) %p",
9541 + vxi, vxi ? vxi->vx_id : 0,
9542 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
9543 + vxi ? atomic_read(&vxi->vx_tasks) : 0,
9544 + task, _file, _line);
9545 + __vxh_release_vx_info(vxi, task, _here);
9549 + if (atomic_dec_and_test(&vxi->vx_tasks))
9550 + unhash_vx_info(vxi);
9554 +#define task_get_vx_info(p) \
9555 + __task_get_vx_info(p, __FILE__, __LINE__, __HERE__)
9557 +static inline struct vx_info *__task_get_vx_info(struct task_struct *p,
9558 + const char *_file, int _line, void *_here)
9560 + struct vx_info *vxi;
9563 + vxlprintk(VXD_CBIT(xid, 5), "task_get_vx_info(%p)",
9565 + vxi = __get_vx_info(p->vx_info, _file, _line, _here);
9571 +static inline void __wakeup_vx_info(struct vx_info *vxi)
9573 + if (waitqueue_active(&vxi->vx_wait))
9574 + wake_up_interruptible(&vxi->vx_wait);
9578 +#define enter_vx_info(v, s) __enter_vx_info(v, s, __FILE__, __LINE__)
9580 +static inline void __enter_vx_info(struct vx_info *vxi,
9581 + struct vx_info_save *vxis, const char *_file, int _line)
9583 + vxlprintk(VXD_CBIT(xid, 5), "enter_vx_info(%p[#%d],%p) %p[#%d,%p]",
9584 + vxi, vxi ? vxi->vx_id : 0, vxis, current,
9585 + current->xid, current->vx_info, _file, _line);
9586 + vxis->vxi = xchg(¤t->vx_info, vxi);
9587 + vxis->xid = current->xid;
9588 + current->xid = vxi ? vxi->vx_id : 0;
9591 +#define leave_vx_info(s) __leave_vx_info(s, __FILE__, __LINE__)
9593 +static inline void __leave_vx_info(struct vx_info_save *vxis,
9594 + const char *_file, int _line)
9596 + vxlprintk(VXD_CBIT(xid, 5), "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]",
9597 + vxis, vxis->xid, vxis->vxi, current,
9598 + current->xid, current->vx_info, _file, _line);
9599 + (void)xchg(¤t->vx_info, vxis->vxi);
9600 + current->xid = vxis->xid;
9604 +static inline void __enter_vx_admin(struct vx_info_save *vxis)
9606 + vxis->vxi = xchg(¤t->vx_info, NULL);
9607 + vxis->xid = xchg(¤t->xid, (xid_t)0);
9610 +static inline void __leave_vx_admin(struct vx_info_save *vxis)
9612 + (void)xchg(¤t->xid, vxis->xid);
9613 + (void)xchg(¤t->vx_info, vxis->vxi);
9616 +#define task_is_init(p) \
9617 + __task_is_init(p, __FILE__, __LINE__, __HERE__)
9619 +static inline int __task_is_init(struct task_struct *p,
9620 + const char *_file, int _line, void *_here)
9622 + int is_init = is_global_init(p);
9626 + is_init = p->vx_info->vx_initpid == p->pid;
9631 +extern void exit_vx_info(struct task_struct *, int);
9632 +extern void exit_vx_info_early(struct task_struct *, int);
9636 +#warning duplicate inclusion
9638 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_cowbl.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_cowbl.h
9639 --- linux-3.0-rc5/include/linux/vs_cowbl.h 1970-01-01 01:00:00.000000000 +0100
9640 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_cowbl.h 2011-06-10 22:11:24.000000000 +0200
9642 +#ifndef _VS_COWBL_H
9643 +#define _VS_COWBL_H
9645 +#include <linux/fs.h>
9646 +#include <linux/dcache.h>
9647 +#include <linux/namei.h>
9648 +#include <linux/slab.h>
9650 +extern struct dentry *cow_break_link(const char *pathname);
9652 +static inline int cow_check_and_break(struct path *path)
9654 + struct inode *inode = path->dentry->d_inode;
9657 + /* do we need this check? */
9658 + if (IS_RDONLY(inode))
9661 + if (IS_COW(inode)) {
9662 + if (IS_COW_LINK(inode)) {
9663 + struct dentry *new_dentry, *old_dentry = path->dentry;
9666 + buf = kmalloc(PATH_MAX, GFP_KERNEL);
9670 + pp = d_path(path, buf, PATH_MAX);
9671 + new_dentry = cow_break_link(pp);
9673 + if (!IS_ERR(new_dentry)) {
9674 + path->dentry = new_dentry;
9677 + error = PTR_ERR(new_dentry);
9679 + inode->i_flags &= ~(S_IXUNLINK | S_IMMUTABLE);
9680 + inode->i_ctime = CURRENT_TIME;
9681 + mark_inode_dirty(inode);
9688 +#warning duplicate inclusion
9690 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_cvirt.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_cvirt.h
9691 --- linux-3.0-rc5/include/linux/vs_cvirt.h 1970-01-01 01:00:00.000000000 +0100
9692 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_cvirt.h 2011-06-10 22:11:24.000000000 +0200
9694 +#ifndef _VS_CVIRT_H
9695 +#define _VS_CVIRT_H
9697 +#include "vserver/cvirt.h"
9698 +#include "vserver/context.h"
9699 +#include "vserver/base.h"
9700 +#include "vserver/check.h"
9701 +#include "vserver/debug.h"
9704 +static inline void vx_activate_task(struct task_struct *p)
9706 + struct vx_info *vxi;
9708 + if ((vxi = p->vx_info)) {
9709 + vx_update_load(vxi);
9710 + atomic_inc(&vxi->cvirt.nr_running);
9714 +static inline void vx_deactivate_task(struct task_struct *p)
9716 + struct vx_info *vxi;
9718 + if ((vxi = p->vx_info)) {
9719 + vx_update_load(vxi);
9720 + atomic_dec(&vxi->cvirt.nr_running);
9724 +static inline void vx_uninterruptible_inc(struct task_struct *p)
9726 + struct vx_info *vxi;
9728 + if ((vxi = p->vx_info))
9729 + atomic_inc(&vxi->cvirt.nr_uninterruptible);
9732 +static inline void vx_uninterruptible_dec(struct task_struct *p)
9734 + struct vx_info *vxi;
9736 + if ((vxi = p->vx_info))
9737 + atomic_dec(&vxi->cvirt.nr_uninterruptible);
9742 +#warning duplicate inclusion
9744 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_device.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_device.h
9745 --- linux-3.0-rc5/include/linux/vs_device.h 1970-01-01 01:00:00.000000000 +0100
9746 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_device.h 2011-06-10 22:11:24.000000000 +0200
9748 +#ifndef _VS_DEVICE_H
9749 +#define _VS_DEVICE_H
9751 +#include "vserver/base.h"
9752 +#include "vserver/device.h"
9753 +#include "vserver/debug.h"
9756 +#ifdef CONFIG_VSERVER_DEVICE
9758 +int vs_map_device(struct vx_info *, dev_t, dev_t *, umode_t);
9760 +#define vs_device_perm(v, d, m, p) \
9761 + ((vs_map_device(current_vx_info(), d, NULL, m) & (p)) == (p))
9766 +int vs_map_device(struct vx_info *vxi,
9767 + dev_t device, dev_t *target, umode_t mode)
9774 +#define vs_device_perm(v, d, m, p) ((p) == (p))
9779 +#define vs_map_chrdev(d, t, p) \
9780 + ((vs_map_device(current_vx_info(), d, t, S_IFCHR) & (p)) == (p))
9781 +#define vs_map_blkdev(d, t, p) \
9782 + ((vs_map_device(current_vx_info(), d, t, S_IFBLK) & (p)) == (p))
9784 +#define vs_chrdev_perm(d, p) \
9785 + vs_device_perm(current_vx_info(), d, S_IFCHR, p)
9786 +#define vs_blkdev_perm(d, p) \
9787 + vs_device_perm(current_vx_info(), d, S_IFBLK, p)
9791 +#warning duplicate inclusion
9793 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_dlimit.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_dlimit.h
9794 --- linux-3.0-rc5/include/linux/vs_dlimit.h 1970-01-01 01:00:00.000000000 +0100
9795 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_dlimit.h 2011-06-10 22:11:24.000000000 +0200
9797 +#ifndef _VS_DLIMIT_H
9798 +#define _VS_DLIMIT_H
9800 +#include <linux/fs.h>
9802 +#include "vserver/dlimit.h"
9803 +#include "vserver/base.h"
9804 +#include "vserver/debug.h"
9807 +#define get_dl_info(i) __get_dl_info(i, __FILE__, __LINE__)
9809 +static inline struct dl_info *__get_dl_info(struct dl_info *dli,
9810 + const char *_file, int _line)
9814 + vxlprintk(VXD_CBIT(dlim, 4), "get_dl_info(%p[#%d.%d])",
9815 + dli, dli ? dli->dl_tag : 0,
9816 + dli ? atomic_read(&dli->dl_usecnt) : 0,
9818 + atomic_inc(&dli->dl_usecnt);
9823 +#define free_dl_info(i) \
9824 + call_rcu(&(i)->dl_rcu, rcu_free_dl_info)
9826 +#define put_dl_info(i) __put_dl_info(i, __FILE__, __LINE__)
9828 +static inline void __put_dl_info(struct dl_info *dli,
9829 + const char *_file, int _line)
9833 + vxlprintk(VXD_CBIT(dlim, 4), "put_dl_info(%p[#%d.%d])",
9834 + dli, dli ? dli->dl_tag : 0,
9835 + dli ? atomic_read(&dli->dl_usecnt) : 0,
9837 + if (atomic_dec_and_test(&dli->dl_usecnt))
9838 + free_dl_info(dli);
9842 +#define __dlimit_char(d) ((d) ? '*' : ' ')
9844 +static inline int __dl_alloc_space(struct super_block *sb,
9845 + tag_t tag, dlsize_t nr, const char *file, int line)
9847 + struct dl_info *dli = NULL;
9852 + dli = locate_dl_info(sb, tag);
9856 + spin_lock(&dli->dl_lock);
9857 + ret = (dli->dl_space_used + nr > dli->dl_space_total);
9859 + dli->dl_space_used += nr;
9860 + spin_unlock(&dli->dl_lock);
9863 + vxlprintk(VXD_CBIT(dlim, 1),
9864 + "ALLOC (%p,#%d)%c %lld bytes (%d)",
9865 + sb, tag, __dlimit_char(dli), (long long)nr,
9867 + return ret ? -ENOSPC : 0;
9870 +static inline void __dl_free_space(struct super_block *sb,
9871 + tag_t tag, dlsize_t nr, const char *_file, int _line)
9873 + struct dl_info *dli = NULL;
9877 + dli = locate_dl_info(sb, tag);
9881 + spin_lock(&dli->dl_lock);
9882 + if (dli->dl_space_used > nr)
9883 + dli->dl_space_used -= nr;
9885 + dli->dl_space_used = 0;
9886 + spin_unlock(&dli->dl_lock);
9889 + vxlprintk(VXD_CBIT(dlim, 1),
9890 + "FREE (%p,#%d)%c %lld bytes",
9891 + sb, tag, __dlimit_char(dli), (long long)nr,
9895 +static inline int __dl_alloc_inode(struct super_block *sb,
9896 + tag_t tag, const char *_file, int _line)
9898 + struct dl_info *dli;
9901 + dli = locate_dl_info(sb, tag);
9905 + spin_lock(&dli->dl_lock);
9906 + dli->dl_inodes_used++;
9907 + ret = (dli->dl_inodes_used > dli->dl_inodes_total);
9908 + spin_unlock(&dli->dl_lock);
9911 + vxlprintk(VXD_CBIT(dlim, 0),
9912 + "ALLOC (%p,#%d)%c inode (%d)",
9913 + sb, tag, __dlimit_char(dli), ret, _file, _line);
9914 + return ret ? -ENOSPC : 0;
9917 +static inline void __dl_free_inode(struct super_block *sb,
9918 + tag_t tag, const char *_file, int _line)
9920 + struct dl_info *dli;
9922 + dli = locate_dl_info(sb, tag);
9926 + spin_lock(&dli->dl_lock);
9927 + if (dli->dl_inodes_used > 1)
9928 + dli->dl_inodes_used--;
9930 + dli->dl_inodes_used = 0;
9931 + spin_unlock(&dli->dl_lock);
9934 + vxlprintk(VXD_CBIT(dlim, 0),
9935 + "FREE (%p,#%d)%c inode",
9936 + sb, tag, __dlimit_char(dli), _file, _line);
9939 +static inline void __dl_adjust_block(struct super_block *sb, tag_t tag,
9940 + unsigned long long *free_blocks, unsigned long long *root_blocks,
9941 + const char *_file, int _line)
9943 + struct dl_info *dli;
9944 + uint64_t broot, bfree;
9946 + dli = locate_dl_info(sb, tag);
9950 + spin_lock(&dli->dl_lock);
9951 + broot = (dli->dl_space_total -
9952 + (dli->dl_space_total >> 10) * dli->dl_nrlmult)
9953 + >> sb->s_blocksize_bits;
9954 + bfree = (dli->dl_space_total - dli->dl_space_used)
9955 + >> sb->s_blocksize_bits;
9956 + spin_unlock(&dli->dl_lock);
9958 + vxlprintk(VXD_CBIT(dlim, 2),
9959 + "ADJUST: %lld,%lld on %lld,%lld [mult=%d]",
9960 + (long long)bfree, (long long)broot,
9961 + *free_blocks, *root_blocks, dli->dl_nrlmult,
9963 + if (free_blocks) {
9964 + if (*free_blocks > bfree)
9965 + *free_blocks = bfree;
9967 + if (root_blocks) {
9968 + if (*root_blocks > broot)
9969 + *root_blocks = broot;
9974 +#define dl_prealloc_space(in, bytes) \
9975 + __dl_alloc_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
9976 + __FILE__, __LINE__ )
9978 +#define dl_alloc_space(in, bytes) \
9979 + __dl_alloc_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
9980 + __FILE__, __LINE__ )
9982 +#define dl_reserve_space(in, bytes) \
9983 + __dl_alloc_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
9984 + __FILE__, __LINE__ )
9986 +#define dl_claim_space(in, bytes) (0)
9988 +#define dl_release_space(in, bytes) \
9989 + __dl_free_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
9990 + __FILE__, __LINE__ )
9992 +#define dl_free_space(in, bytes) \
9993 + __dl_free_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
9994 + __FILE__, __LINE__ )
9998 +#define dl_alloc_inode(in) \
9999 + __dl_alloc_inode((in)->i_sb, (in)->i_tag, __FILE__, __LINE__ )
10001 +#define dl_free_inode(in) \
10002 + __dl_free_inode((in)->i_sb, (in)->i_tag, __FILE__, __LINE__ )
10005 +#define dl_adjust_block(sb, tag, fb, rb) \
10006 + __dl_adjust_block(sb, tag, fb, rb, __FILE__, __LINE__ )
10010 +#warning duplicate inclusion
10012 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_inet.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_inet.h
10013 --- linux-3.0-rc5/include/linux/vs_inet.h 1970-01-01 01:00:00.000000000 +0100
10014 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_inet.h 2011-06-10 22:11:24.000000000 +0200
10016 +#ifndef _VS_INET_H
10017 +#define _VS_INET_H
10019 +#include "vserver/base.h"
10020 +#include "vserver/network.h"
10021 +#include "vserver/debug.h"
10023 +#define IPI_LOOPBACK htonl(INADDR_LOOPBACK)
10025 +#define NXAV4(a) NIPQUAD((a)->ip[0]), NIPQUAD((a)->ip[1]), \
10026 + NIPQUAD((a)->mask), (a)->type
10027 +#define NXAV4_FMT "[" NIPQUAD_FMT "-" NIPQUAD_FMT "/" NIPQUAD_FMT ":%04x]"
10029 +#define NIPQUAD(addr) \
10030 + ((unsigned char *)&addr)[0], \
10031 + ((unsigned char *)&addr)[1], \
10032 + ((unsigned char *)&addr)[2], \
10033 + ((unsigned char *)&addr)[3]
10035 +#define NIPQUAD_FMT "%u.%u.%u.%u"
10039 +int v4_addr_match(struct nx_addr_v4 *nxa, __be32 addr, uint16_t tmask)
10041 + __be32 ip = nxa->ip[0].s_addr;
10042 + __be32 mask = nxa->mask.s_addr;
10043 + __be32 bcast = ip | ~mask;
10046 + switch (nxa->type & tmask) {
10047 + case NXA_TYPE_MASK:
10048 + ret = (ip == (addr & mask));
10050 + case NXA_TYPE_ADDR:
10054 + /* fall through to broadcast */
10055 + case NXA_MOD_BCAST:
10056 + ret = ((tmask & NXA_MOD_BCAST) && (addr == bcast));
10058 + case NXA_TYPE_RANGE:
10059 + ret = ((nxa->ip[0].s_addr <= addr) &&
10060 + (nxa->ip[1].s_addr > addr));
10062 + case NXA_TYPE_ANY:
10067 + vxdprintk(VXD_CBIT(net, 0),
10068 + "v4_addr_match(%p" NXAV4_FMT "," NIPQUAD_FMT ",%04x) = %d",
10069 + nxa, NXAV4(nxa), NIPQUAD(addr), tmask, ret);
10074 +int v4_addr_in_nx_info(struct nx_info *nxi, __be32 addr, uint16_t tmask)
10076 + struct nx_addr_v4 *nxa;
10083 + /* allow 127.0.0.1 when remapping lback */
10084 + if ((tmask & NXA_LOOPBACK) &&
10085 + (addr == IPI_LOOPBACK) &&
10086 + nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
10089 + /* check for lback address */
10090 + if ((tmask & NXA_MOD_LBACK) &&
10091 + (nxi->v4_lback.s_addr == addr))
10094 + /* check for broadcast address */
10095 + if ((tmask & NXA_MOD_BCAST) &&
10096 + (nxi->v4_bcast.s_addr == addr))
10099 + /* check for v4 addresses */
10100 + for (nxa = &nxi->v4; nxa; nxa = nxa->next)
10101 + if (v4_addr_match(nxa, addr, tmask))
10105 + vxdprintk(VXD_CBIT(net, 0),
10106 + "v4_addr_in_nx_info(%p[#%u]," NIPQUAD_FMT ",%04x) = %d",
10107 + nxi, nxi ? nxi->nx_id : 0, NIPQUAD(addr), tmask, ret);
10112 +int v4_nx_addr_match(struct nx_addr_v4 *nxa, struct nx_addr_v4 *addr, uint16_t mask)
10114 + /* FIXME: needs full range checks */
10115 + return v4_addr_match(nxa, addr->ip[0].s_addr, mask);
10119 +int v4_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v4 *nxa, uint16_t mask)
10121 + struct nx_addr_v4 *ptr;
10123 + for (ptr = &nxi->v4; ptr; ptr = ptr->next)
10124 + if (v4_nx_addr_match(ptr, nxa, mask))
10129 +#include <net/inet_sock.h>
10132 + * Check if a given address matches for a socket
10134 + * nxi: the socket's nx_info if any
10135 + * addr: to be verified address
10138 +int v4_sock_addr_match (
10139 + struct nx_info *nxi,
10140 + struct inet_sock *inet,
10143 + __be32 saddr = inet->inet_rcv_saddr;
10144 + __be32 bcast = nxi ? nxi->v4_bcast.s_addr : INADDR_BROADCAST;
10146 + if (addr && (saddr == addr || bcast == addr))
10149 + return v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND);
10154 +/* inet related checks and helpers */
10158 +struct net_device;
10161 +#ifdef CONFIG_INET
10163 +#include <linux/netdevice.h>
10164 +#include <linux/inetdevice.h>
10165 +#include <net/inet_sock.h>
10166 +#include <net/inet_timewait_sock.h>
10169 +int dev_in_nx_info(struct net_device *, struct nx_info *);
10170 +int v4_dev_in_nx_info(struct net_device *, struct nx_info *);
10171 +int nx_v4_addr_conflict(struct nx_info *, struct nx_info *);
10175 + * check if address is covered by socket
10177 + * sk: the socket to check against
10178 + * addr: the address in question (must be != 0)
10182 +int __v4_addr_match_socket(const struct sock *sk, struct nx_addr_v4 *nxa)
10184 + struct nx_info *nxi = sk->sk_nx_info;
10185 + __be32 saddr = sk_rcv_saddr(sk);
10187 + vxdprintk(VXD_CBIT(net, 5),
10188 + "__v4_addr_in_socket(%p," NXAV4_FMT ") %p:" NIPQUAD_FMT " %p;%lx",
10189 + sk, NXAV4(nxa), nxi, NIPQUAD(saddr), sk->sk_socket,
10190 + (sk->sk_socket?sk->sk_socket->flags:0));
10192 + if (saddr) { /* direct address match */
10193 + return v4_addr_match(nxa, saddr, -1);
10194 + } else if (nxi) { /* match against nx_info */
10195 + return v4_nx_addr_in_nx_info(nxi, nxa, -1);
10196 + } else { /* unrestricted any socket */
10204 +int nx_dev_visible(struct nx_info *nxi, struct net_device *dev)
10206 + vxdprintk(VXD_CBIT(net, 1),
10207 + "nx_dev_visible(%p[#%u],%p " VS_Q("%s") ") %d",
10208 + nxi, nxi ? nxi->nx_id : 0, dev, dev->name,
10209 + nxi ? dev_in_nx_info(dev, nxi) : 0);
10211 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
10213 + if (dev_in_nx_info(dev, nxi))
10220 +int v4_ifa_in_nx_info(struct in_ifaddr *ifa, struct nx_info *nxi)
10226 + return v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW);
10230 +int nx_v4_ifa_visible(struct nx_info *nxi, struct in_ifaddr *ifa)
10232 + vxdprintk(VXD_CBIT(net, 1), "nx_v4_ifa_visible(%p[#%u],%p) %d",
10233 + nxi, nxi ? nxi->nx_id : 0, ifa,
10234 + nxi ? v4_ifa_in_nx_info(ifa, nxi) : 0);
10236 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
10238 + if (v4_ifa_in_nx_info(ifa, nxi))
10244 +struct nx_v4_sock_addr {
10245 + __be32 saddr; /* Address used for validation */
10246 + __be32 baddr; /* Address used for socket bind */
10250 +int v4_map_sock_addr(struct inet_sock *inet, struct sockaddr_in *addr,
10251 + struct nx_v4_sock_addr *nsa)
10253 + struct sock *sk = &inet->sk;
10254 + struct nx_info *nxi = sk->sk_nx_info;
10255 + __be32 saddr = addr->sin_addr.s_addr;
10256 + __be32 baddr = saddr;
10258 + vxdprintk(VXD_CBIT(net, 3),
10259 + "inet_bind(%p)* %p,%p;%lx " NIPQUAD_FMT,
10260 + sk, sk->sk_nx_info, sk->sk_socket,
10261 + (sk->sk_socket ? sk->sk_socket->flags : 0),
10265 + if (saddr == INADDR_ANY) {
10266 + if (nx_info_flags(nxi, NXF_SINGLE_IP, 0))
10267 + baddr = nxi->v4.ip[0].s_addr;
10268 + } else if (saddr == IPI_LOOPBACK) {
10269 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
10270 + baddr = nxi->v4_lback.s_addr;
10271 + } else { /* normal address bind */
10272 + if (!v4_addr_in_nx_info(nxi, saddr, NXA_MASK_BIND))
10273 + return -EADDRNOTAVAIL;
10277 + vxdprintk(VXD_CBIT(net, 3),
10278 + "inet_bind(%p) " NIPQUAD_FMT ", " NIPQUAD_FMT,
10279 + sk, NIPQUAD(saddr), NIPQUAD(baddr));
10281 + nsa->saddr = saddr;
10282 + nsa->baddr = baddr;
10287 +void v4_set_sock_addr(struct inet_sock *inet, struct nx_v4_sock_addr *nsa)
10289 + inet->inet_saddr = nsa->baddr;
10290 + inet->inet_rcv_saddr = nsa->baddr;
10295 + * helper to simplify inet_lookup_listener
10297 + * nxi: the socket's nx_info if any
10298 + * addr: to be verified address
10299 + * saddr: socket address
10301 +static inline int v4_inet_addr_match (
10302 + struct nx_info *nxi,
10306 + if (addr && (saddr == addr))
10309 + return nxi ? v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND) : 1;
10313 +static inline __be32 nx_map_sock_lback(struct nx_info *nxi, __be32 addr)
10315 + if (nx_info_flags(nxi, NXF_HIDE_LBACK, 0) &&
10316 + (addr == nxi->v4_lback.s_addr))
10317 + return IPI_LOOPBACK;
10322 +int nx_info_has_v4(struct nx_info *nxi)
10326 + if (NX_IPV4(nxi))
10328 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
10333 +#else /* CONFIG_INET */
10336 +int nx_dev_visible(struct nx_info *n, struct net_device *d)
10342 +int nx_v4_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
10348 +int v4_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
10354 +int nx_info_has_v4(struct nx_info *nxi)
10359 +#endif /* CONFIG_INET */
10361 +#define current_nx_info_has_v4() \
10362 + nx_info_has_v4(current_nx_info())
10365 +// #warning duplicate inclusion
10367 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_inet6.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_inet6.h
10368 --- linux-3.0-rc5/include/linux/vs_inet6.h 1970-01-01 01:00:00.000000000 +0100
10369 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_inet6.h 2011-06-10 22:11:24.000000000 +0200
10371 +#ifndef _VS_INET6_H
10372 +#define _VS_INET6_H
10374 +#include "vserver/base.h"
10375 +#include "vserver/network.h"
10376 +#include "vserver/debug.h"
10378 +#include <net/ipv6.h>
10380 +#define NXAV6(a) &(a)->ip, &(a)->mask, (a)->prefix, (a)->type
10381 +#define NXAV6_FMT "[%pI6/%pI6/%d:%04x]"
10384 +#ifdef CONFIG_IPV6
10387 +int v6_addr_match(struct nx_addr_v6 *nxa,
10388 + const struct in6_addr *addr, uint16_t mask)
10392 + switch (nxa->type & mask) {
10393 + case NXA_TYPE_MASK:
10394 + ret = ipv6_masked_addr_cmp(&nxa->ip, &nxa->mask, addr);
10396 + case NXA_TYPE_ADDR:
10397 + ret = ipv6_addr_equal(&nxa->ip, addr);
10399 + case NXA_TYPE_ANY:
10403 + vxdprintk(VXD_CBIT(net, 0),
10404 + "v6_addr_match(%p" NXAV6_FMT ",%pI6,%04x) = %d",
10405 + nxa, NXAV6(nxa), addr, mask, ret);
10410 +int v6_addr_in_nx_info(struct nx_info *nxi,
10411 + const struct in6_addr *addr, uint16_t mask)
10413 + struct nx_addr_v6 *nxa;
10418 + for (nxa = &nxi->v6; nxa; nxa = nxa->next)
10419 + if (v6_addr_match(nxa, addr, mask))
10423 + vxdprintk(VXD_CBIT(net, 0),
10424 + "v6_addr_in_nx_info(%p[#%u],%pI6,%04x) = %d",
10425 + nxi, nxi ? nxi->nx_id : 0, addr, mask, ret);
10430 +int v6_nx_addr_match(struct nx_addr_v6 *nxa, struct nx_addr_v6 *addr, uint16_t mask)
10432 + /* FIXME: needs full range checks */
10433 + return v6_addr_match(nxa, &addr->ip, mask);
10437 +int v6_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v6 *nxa, uint16_t mask)
10439 + struct nx_addr_v6 *ptr;
10441 + for (ptr = &nxi->v6; ptr; ptr = ptr->next)
10442 + if (v6_nx_addr_match(ptr, nxa, mask))
10449 + * Check if a given address matches for a socket
10451 + * nxi: the socket's nx_info if any
10452 + * addr: to be verified address
10455 +int v6_sock_addr_match (
10456 + struct nx_info *nxi,
10457 + struct inet_sock *inet,
10458 + struct in6_addr *addr)
10460 + struct sock *sk = &inet->sk;
10461 + struct in6_addr *saddr = inet6_rcv_saddr(sk);
10463 + if (!ipv6_addr_any(addr) &&
10464 + ipv6_addr_equal(saddr, addr))
10466 + if (ipv6_addr_any(saddr))
10467 + return v6_addr_in_nx_info(nxi, addr, -1);
10472 + * check if address is covered by socket
10474 + * sk: the socket to check against
10475 + * addr: the address in question (must be != 0)
10479 +int __v6_addr_match_socket(const struct sock *sk, struct nx_addr_v6 *nxa)
10481 + struct nx_info *nxi = sk->sk_nx_info;
10482 + struct in6_addr *saddr = inet6_rcv_saddr(sk);
10484 + vxdprintk(VXD_CBIT(net, 5),
10485 + "__v6_addr_in_socket(%p," NXAV6_FMT ") %p:%pI6 %p;%lx",
10486 + sk, NXAV6(nxa), nxi, saddr, sk->sk_socket,
10487 + (sk->sk_socket?sk->sk_socket->flags:0));
10489 + if (!ipv6_addr_any(saddr)) { /* direct address match */
10490 + return v6_addr_match(nxa, saddr, -1);
10491 + } else if (nxi) { /* match against nx_info */
10492 + return v6_nx_addr_in_nx_info(nxi, nxa, -1);
10493 + } else { /* unrestricted any socket */
10499 +/* inet related checks and helpers */
10503 +struct net_device;
10507 +#include <linux/netdevice.h>
10508 +#include <linux/inetdevice.h>
10509 +#include <net/inet_timewait_sock.h>
10512 +int dev_in_nx_info(struct net_device *, struct nx_info *);
10513 +int v6_dev_in_nx_info(struct net_device *, struct nx_info *);
10514 +int nx_v6_addr_conflict(struct nx_info *, struct nx_info *);
10519 +int v6_ifa_in_nx_info(struct inet6_ifaddr *ifa, struct nx_info *nxi)
10525 + return v6_addr_in_nx_info(nxi, &ifa->addr, -1);
10529 +int nx_v6_ifa_visible(struct nx_info *nxi, struct inet6_ifaddr *ifa)
10531 + vxdprintk(VXD_CBIT(net, 1), "nx_v6_ifa_visible(%p[#%u],%p) %d",
10532 + nxi, nxi ? nxi->nx_id : 0, ifa,
10533 + nxi ? v6_ifa_in_nx_info(ifa, nxi) : 0);
10535 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
10537 + if (v6_ifa_in_nx_info(ifa, nxi))
10543 +struct nx_v6_sock_addr {
10544 + struct in6_addr saddr; /* Address used for validation */
10545 + struct in6_addr baddr; /* Address used for socket bind */
10549 +int v6_map_sock_addr(struct inet_sock *inet, struct sockaddr_in6 *addr,
10550 + struct nx_v6_sock_addr *nsa)
10552 + // struct sock *sk = &inet->sk;
10553 + // struct nx_info *nxi = sk->sk_nx_info;
10554 + struct in6_addr saddr = addr->sin6_addr;
10555 + struct in6_addr baddr = saddr;
10557 + nsa->saddr = saddr;
10558 + nsa->baddr = baddr;
10563 +void v6_set_sock_addr(struct inet_sock *inet, struct nx_v6_sock_addr *nsa)
10565 + // struct sock *sk = &inet->sk;
10566 + // struct in6_addr *saddr = inet6_rcv_saddr(sk);
10568 + // *saddr = nsa->baddr;
10569 + // inet->inet_saddr = nsa->baddr;
10573 +int nx_info_has_v6(struct nx_info *nxi)
10577 + if (NX_IPV6(nxi))
10582 +#else /* CONFIG_IPV6 */
10585 +int nx_v6_dev_visible(struct nx_info *n, struct net_device *d)
10592 +int nx_v6_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
10598 +int v6_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
10604 +int nx_info_has_v6(struct nx_info *nxi)
10609 +#endif /* CONFIG_IPV6 */
10611 +#define current_nx_info_has_v6() \
10612 + nx_info_has_v6(current_nx_info())
10615 +#warning duplicate inclusion
10617 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_limit.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_limit.h
10618 --- linux-3.0-rc5/include/linux/vs_limit.h 1970-01-01 01:00:00.000000000 +0100
10619 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_limit.h 2011-06-10 22:11:24.000000000 +0200
10621 +#ifndef _VS_LIMIT_H
10622 +#define _VS_LIMIT_H
10624 +#include "vserver/limit.h"
10625 +#include "vserver/base.h"
10626 +#include "vserver/context.h"
10627 +#include "vserver/debug.h"
10628 +#include "vserver/context.h"
10629 +#include "vserver/limit_int.h"
10632 +#define vx_acc_cres(v, d, p, r) \
10633 + __vx_acc_cres(v, r, d, p, __FILE__, __LINE__)
10635 +#define vx_acc_cres_cond(x, d, p, r) \
10636 + __vx_acc_cres(((x) == vx_current_xid()) ? current_vx_info() : 0, \
10637 + r, d, p, __FILE__, __LINE__)
10640 +#define vx_add_cres(v, a, p, r) \
10641 + __vx_add_cres(v, r, a, p, __FILE__, __LINE__)
10642 +#define vx_sub_cres(v, a, p, r) vx_add_cres(v, -(a), p, r)
10644 +#define vx_add_cres_cond(x, a, p, r) \
10645 + __vx_add_cres(((x) == vx_current_xid()) ? current_vx_info() : 0, \
10646 + r, a, p, __FILE__, __LINE__)
10647 +#define vx_sub_cres_cond(x, a, p, r) vx_add_cres_cond(x, -(a), p, r)
10650 +/* process and file limits */
10652 +#define vx_nproc_inc(p) \
10653 + vx_acc_cres((p)->vx_info, 1, p, RLIMIT_NPROC)
10655 +#define vx_nproc_dec(p) \
10656 + vx_acc_cres((p)->vx_info,-1, p, RLIMIT_NPROC)
10658 +#define vx_files_inc(f) \
10659 + vx_acc_cres_cond((f)->f_xid, 1, f, RLIMIT_NOFILE)
10661 +#define vx_files_dec(f) \
10662 + vx_acc_cres_cond((f)->f_xid,-1, f, RLIMIT_NOFILE)
10664 +#define vx_locks_inc(l) \
10665 + vx_acc_cres_cond((l)->fl_xid, 1, l, RLIMIT_LOCKS)
10667 +#define vx_locks_dec(l) \
10668 + vx_acc_cres_cond((l)->fl_xid,-1, l, RLIMIT_LOCKS)
10670 +#define vx_openfd_inc(f) \
10671 + vx_acc_cres(current_vx_info(), 1, (void *)(long)(f), VLIMIT_OPENFD)
10673 +#define vx_openfd_dec(f) \
10674 + vx_acc_cres(current_vx_info(),-1, (void *)(long)(f), VLIMIT_OPENFD)
10677 +#define vx_cres_avail(v, n, r) \
10678 + __vx_cres_avail(v, r, n, __FILE__, __LINE__)
10681 +#define vx_nproc_avail(n) \
10682 + vx_cres_avail(current_vx_info(), n, RLIMIT_NPROC)
10684 +#define vx_files_avail(n) \
10685 + vx_cres_avail(current_vx_info(), n, RLIMIT_NOFILE)
10687 +#define vx_locks_avail(n) \
10688 + vx_cres_avail(current_vx_info(), n, RLIMIT_LOCKS)
10690 +#define vx_openfd_avail(n) \
10691 + vx_cres_avail(current_vx_info(), n, VLIMIT_OPENFD)
10694 +/* dentry limits */
10696 +#define vx_dentry_inc(d) do { \
10697 + if ((d)->d_count == 1) \
10698 + vx_acc_cres(current_vx_info(), 1, d, VLIMIT_DENTRY); \
10701 +#define vx_dentry_dec(d) do { \
10702 + if ((d)->d_count == 0) \
10703 + vx_acc_cres(current_vx_info(),-1, d, VLIMIT_DENTRY); \
10706 +#define vx_dentry_avail(n) \
10707 + vx_cres_avail(current_vx_info(), n, VLIMIT_DENTRY)
10710 +/* socket limits */
10712 +#define vx_sock_inc(s) \
10713 + vx_acc_cres((s)->sk_vx_info, 1, s, VLIMIT_NSOCK)
10715 +#define vx_sock_dec(s) \
10716 + vx_acc_cres((s)->sk_vx_info,-1, s, VLIMIT_NSOCK)
10718 +#define vx_sock_avail(n) \
10719 + vx_cres_avail(current_vx_info(), n, VLIMIT_NSOCK)
10722 +/* ipc resource limits */
10724 +#define vx_ipcmsg_add(v, u, a) \
10725 + vx_add_cres(v, a, u, RLIMIT_MSGQUEUE)
10727 +#define vx_ipcmsg_sub(v, u, a) \
10728 + vx_sub_cres(v, a, u, RLIMIT_MSGQUEUE)
10730 +#define vx_ipcmsg_avail(v, a) \
10731 + vx_cres_avail(v, a, RLIMIT_MSGQUEUE)
10734 +#define vx_ipcshm_add(v, k, a) \
10735 + vx_add_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
10737 +#define vx_ipcshm_sub(v, k, a) \
10738 + vx_sub_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
10740 +#define vx_ipcshm_avail(v, a) \
10741 + vx_cres_avail(v, a, VLIMIT_SHMEM)
10744 +#define vx_semary_inc(a) \
10745 + vx_acc_cres(current_vx_info(), 1, a, VLIMIT_SEMARY)
10747 +#define vx_semary_dec(a) \
10748 + vx_acc_cres(current_vx_info(), -1, a, VLIMIT_SEMARY)
10751 +#define vx_nsems_add(a,n) \
10752 + vx_add_cres(current_vx_info(), n, a, VLIMIT_NSEMS)
10754 +#define vx_nsems_sub(a,n) \
10755 + vx_sub_cres(current_vx_info(), n, a, VLIMIT_NSEMS)
10759 +#warning duplicate inclusion
10761 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_memory.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_memory.h
10762 --- linux-3.0-rc5/include/linux/vs_memory.h 1970-01-01 01:00:00.000000000 +0100
10763 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_memory.h 2011-06-10 22:11:24.000000000 +0200
10765 +#ifndef _VS_MEMORY_H
10766 +#define _VS_MEMORY_H
10768 +#include "vserver/limit.h"
10769 +#include "vserver/base.h"
10770 +#include "vserver/context.h"
10771 +#include "vserver/debug.h"
10772 +#include "vserver/context.h"
10773 +#include "vserver/limit_int.h"
10776 + VXPT_UNKNOWN = 0,
10785 +#define vx_page_fault(mm, vma, type, ret)
10789 +void __vx_page_fault(struct mm_struct *mm,
10790 + struct vm_area_struct *vma, int type, int ret)
10792 + struct vx_info *vxi = mm->mm_vx_info;
10795 + static char *page_type[6] =
10796 + { "UNKNOWN", "ANON", "NONE", "FILE", "SWAP", "WRITE" };
10797 + static char *page_what[4] =
10798 + { "FAULT_OOM", "FAULT_SIGBUS", "FAULT_MINOR", "FAULT_MAJOR" };
10804 + what = (ret & 0x3);
10806 +/* printk("[%d] page[%d][%d] %2x %s %s\n", vxi->vx_id,
10807 + type, what, ret, page_type[type], page_what[what]);
10809 + if (ret & VM_FAULT_WRITE)
10811 + atomic_inc(&vxi->cacct.page[type][what]);
10814 +#define vx_page_fault(mm, vma, type, ret) __vx_page_fault(mm, vma, type, ret)
10818 +extern unsigned long vx_badness(struct task_struct *task, struct mm_struct *mm);
10821 +#warning duplicate inclusion
10823 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_network.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_network.h
10824 --- linux-3.0-rc5/include/linux/vs_network.h 1970-01-01 01:00:00.000000000 +0100
10825 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_network.h 2011-06-10 22:11:24.000000000 +0200
10827 +#ifndef _NX_VS_NETWORK_H
10828 +#define _NX_VS_NETWORK_H
10830 +#include "vserver/context.h"
10831 +#include "vserver/network.h"
10832 +#include "vserver/base.h"
10833 +#include "vserver/check.h"
10834 +#include "vserver/debug.h"
10836 +#include <linux/sched.h>
10839 +#define get_nx_info(i) __get_nx_info(i, __FILE__, __LINE__)
10841 +static inline struct nx_info *__get_nx_info(struct nx_info *nxi,
10842 + const char *_file, int _line)
10847 + vxlprintk(VXD_CBIT(nid, 2), "get_nx_info(%p[#%d.%d])",
10848 + nxi, nxi ? nxi->nx_id : 0,
10849 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
10852 + atomic_inc(&nxi->nx_usecnt);
10857 +extern void free_nx_info(struct nx_info *);
10859 +#define put_nx_info(i) __put_nx_info(i, __FILE__, __LINE__)
10861 +static inline void __put_nx_info(struct nx_info *nxi, const char *_file, int _line)
10866 + vxlprintk(VXD_CBIT(nid, 2), "put_nx_info(%p[#%d.%d])",
10867 + nxi, nxi ? nxi->nx_id : 0,
10868 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
10871 + if (atomic_dec_and_test(&nxi->nx_usecnt))
10872 + free_nx_info(nxi);
10876 +#define init_nx_info(p, i) __init_nx_info(p, i, __FILE__, __LINE__)
10878 +static inline void __init_nx_info(struct nx_info **nxp, struct nx_info *nxi,
10879 + const char *_file, int _line)
10882 + vxlprintk(VXD_CBIT(nid, 3),
10883 + "init_nx_info(%p[#%d.%d])",
10884 + nxi, nxi ? nxi->nx_id : 0,
10885 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
10888 + atomic_inc(&nxi->nx_usecnt);
10894 +#define set_nx_info(p, i) __set_nx_info(p, i, __FILE__, __LINE__)
10896 +static inline void __set_nx_info(struct nx_info **nxp, struct nx_info *nxi,
10897 + const char *_file, int _line)
10899 + struct nx_info *nxo;
10904 + vxlprintk(VXD_CBIT(nid, 3), "set_nx_info(%p[#%d.%d])",
10905 + nxi, nxi ? nxi->nx_id : 0,
10906 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
10909 + atomic_inc(&nxi->nx_usecnt);
10910 + nxo = xchg(nxp, nxi);
10914 +#define clr_nx_info(p) __clr_nx_info(p, __FILE__, __LINE__)
10916 +static inline void __clr_nx_info(struct nx_info **nxp,
10917 + const char *_file, int _line)
10919 + struct nx_info *nxo;
10921 + nxo = xchg(nxp, NULL);
10925 + vxlprintk(VXD_CBIT(nid, 3), "clr_nx_info(%p[#%d.%d])",
10926 + nxo, nxo ? nxo->nx_id : 0,
10927 + nxo ? atomic_read(&nxo->nx_usecnt) : 0,
10930 + if (atomic_dec_and_test(&nxo->nx_usecnt))
10931 + free_nx_info(nxo);
10935 +#define claim_nx_info(v, p) __claim_nx_info(v, p, __FILE__, __LINE__)
10937 +static inline void __claim_nx_info(struct nx_info *nxi,
10938 + struct task_struct *task, const char *_file, int _line)
10940 + vxlprintk(VXD_CBIT(nid, 3), "claim_nx_info(%p[#%d.%d.%d]) %p",
10941 + nxi, nxi ? nxi->nx_id : 0,
10942 + nxi?atomic_read(&nxi->nx_usecnt):0,
10943 + nxi?atomic_read(&nxi->nx_tasks):0,
10944 + task, _file, _line);
10946 + atomic_inc(&nxi->nx_tasks);
10950 +extern void unhash_nx_info(struct nx_info *);
10952 +#define release_nx_info(v, p) __release_nx_info(v, p, __FILE__, __LINE__)
10954 +static inline void __release_nx_info(struct nx_info *nxi,
10955 + struct task_struct *task, const char *_file, int _line)
10957 + vxlprintk(VXD_CBIT(nid, 3), "release_nx_info(%p[#%d.%d.%d]) %p",
10958 + nxi, nxi ? nxi->nx_id : 0,
10959 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
10960 + nxi ? atomic_read(&nxi->nx_tasks) : 0,
10961 + task, _file, _line);
10965 + if (atomic_dec_and_test(&nxi->nx_tasks))
10966 + unhash_nx_info(nxi);
10970 +#define task_get_nx_info(i) __task_get_nx_info(i, __FILE__, __LINE__)
10972 +static __inline__ struct nx_info *__task_get_nx_info(struct task_struct *p,
10973 + const char *_file, int _line)
10975 + struct nx_info *nxi;
10978 + vxlprintk(VXD_CBIT(nid, 5), "task_get_nx_info(%p)",
10979 + p, _file, _line);
10980 + nxi = __get_nx_info(p->nx_info, _file, _line);
10986 +static inline void exit_nx_info(struct task_struct *p)
10989 + release_nx_info(p->nx_info, p);
10994 +#warning duplicate inclusion
10996 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_pid.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_pid.h
10997 --- linux-3.0-rc5/include/linux/vs_pid.h 1970-01-01 01:00:00.000000000 +0100
10998 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_pid.h 2011-06-10 22:11:24.000000000 +0200
11003 +#include "vserver/base.h"
11004 +#include "vserver/check.h"
11005 +#include "vserver/context.h"
11006 +#include "vserver/debug.h"
11007 +#include "vserver/pid.h"
11008 +#include <linux/pid_namespace.h>
11011 +#define VXF_FAKE_INIT (VXF_INFO_INIT | VXF_STATE_INIT)
11014 +int vx_proc_task_visible(struct task_struct *task)
11016 + if ((task->pid == 1) &&
11017 + !vx_flags(VXF_FAKE_INIT, VXF_FAKE_INIT))
11018 + /* show a blend through init */
11020 + if (vx_check(vx_task_xid(task), VS_WATCH | VS_IDENT))
11027 +#define find_task_by_real_pid(pid) find_task_by_pid_ns(pid, &init_pid_ns)
11031 +struct task_struct *vx_get_proc_task(struct inode *inode, struct pid *pid)
11033 + struct task_struct *task = get_pid_task(pid, PIDTYPE_PID);
11035 + if (task && !vx_proc_task_visible(task)) {
11036 + vxdprintk(VXD_CBIT(misc, 6),
11037 + "dropping task (get) %p[#%u,%u] for %p[#%u,%u]",
11038 + task, task->xid, task->pid,
11039 + current, current->xid, current->pid);
11040 + put_task_struct(task);
11048 +#warning duplicate inclusion
11050 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_sched.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_sched.h
11051 --- linux-3.0-rc5/include/linux/vs_sched.h 1970-01-01 01:00:00.000000000 +0100
11052 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_sched.h 2011-06-10 22:11:24.000000000 +0200
11054 +#ifndef _VS_SCHED_H
11055 +#define _VS_SCHED_H
11057 +#include "vserver/base.h"
11058 +#include "vserver/context.h"
11059 +#include "vserver/sched.h"
11062 +#define MAX_PRIO_BIAS 20
11063 +#define MIN_PRIO_BIAS -20
11066 +int vx_adjust_prio(struct task_struct *p, int prio, int max_user)
11068 + struct vx_info *vxi = p->vx_info;
11071 + prio += vx_cpu(vxi, sched_pc).prio_bias;
11075 +static inline void vx_account_user(struct vx_info *vxi,
11076 + cputime_t cputime, int nice)
11080 + vx_cpu(vxi, sched_pc).user_ticks += cputime;
11083 +static inline void vx_account_system(struct vx_info *vxi,
11084 + cputime_t cputime, int idle)
11088 + vx_cpu(vxi, sched_pc).sys_ticks += cputime;
11092 +#warning duplicate inclusion
11094 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_socket.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_socket.h
11095 --- linux-3.0-rc5/include/linux/vs_socket.h 1970-01-01 01:00:00.000000000 +0100
11096 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_socket.h 2011-06-10 22:11:24.000000000 +0200
11098 +#ifndef _VS_SOCKET_H
11099 +#define _VS_SOCKET_H
11101 +#include "vserver/debug.h"
11102 +#include "vserver/base.h"
11103 +#include "vserver/cacct.h"
11104 +#include "vserver/context.h"
11105 +#include "vserver/tag.h"
11108 +/* socket accounting */
11110 +#include <linux/socket.h>
11112 +static inline int vx_sock_type(int family)
11114 + switch (family) {
11116 + return VXA_SOCK_UNSPEC;
11118 + return VXA_SOCK_UNIX;
11120 + return VXA_SOCK_INET;
11122 + return VXA_SOCK_INET6;
11124 + return VXA_SOCK_PACKET;
11126 + return VXA_SOCK_OTHER;
11130 +#define vx_acc_sock(v, f, p, s) \
11131 + __vx_acc_sock(v, f, p, s, __FILE__, __LINE__)
11133 +static inline void __vx_acc_sock(struct vx_info *vxi,
11134 + int family, int pos, int size, char *file, int line)
11137 + int type = vx_sock_type(family);
11139 + atomic_long_inc(&vxi->cacct.sock[type][pos].count);
11140 + atomic_long_add(size, &vxi->cacct.sock[type][pos].total);
11144 +#define vx_sock_recv(sk, s) \
11145 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 0, s)
11146 +#define vx_sock_send(sk, s) \
11147 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 1, s)
11148 +#define vx_sock_fail(sk, s) \
11149 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 2, s)
11152 +#define sock_vx_init(s) do { \
11153 + (s)->sk_xid = 0; \
11154 + (s)->sk_vx_info = NULL; \
11157 +#define sock_nx_init(s) do { \
11158 + (s)->sk_nid = 0; \
11159 + (s)->sk_nx_info = NULL; \
11163 +#warning duplicate inclusion
11165 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_tag.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_tag.h
11166 --- linux-3.0-rc5/include/linux/vs_tag.h 1970-01-01 01:00:00.000000000 +0100
11167 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_tag.h 2011-06-10 22:11:24.000000000 +0200
11172 +#include <linux/vserver/tag.h>
11174 +/* check conditions */
11176 +#define DX_ADMIN 0x0001
11177 +#define DX_WATCH 0x0002
11178 +#define DX_HOSTID 0x0008
11180 +#define DX_IDENT 0x0010
11182 +#define DX_ARG_MASK 0x0010
11185 +#define dx_task_tag(t) ((t)->tag)
11187 +#define dx_current_tag() dx_task_tag(current)
11189 +#define dx_check(c, m) __dx_check(dx_current_tag(), c, m)
11191 +#define dx_weak_check(c, m) ((m) ? dx_check(c, m) : 1)
11195 + * check current context for ADMIN/WATCH and
11196 + * optionally against supplied argument
11198 +static inline int __dx_check(tag_t cid, tag_t id, unsigned int mode)
11200 + if (mode & DX_ARG_MASK) {
11201 + if ((mode & DX_IDENT) && (id == cid))
11204 + return (((mode & DX_ADMIN) && (cid == 0)) ||
11205 + ((mode & DX_WATCH) && (cid == 1)) ||
11206 + ((mode & DX_HOSTID) && (id == 0)));
11210 +int dx_permission(const struct inode *inode, int mask);
11214 +#warning duplicate inclusion
11216 diff -NurpP --minimal linux-3.0-rc5/include/linux/vs_time.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_time.h
11217 --- linux-3.0-rc5/include/linux/vs_time.h 1970-01-01 01:00:00.000000000 +0100
11218 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vs_time.h 2011-06-13 14:57:45.000000000 +0200
11220 +#ifndef _VS_TIME_H
11221 +#define _VS_TIME_H
11224 +/* time faking stuff */
11226 +#ifdef CONFIG_VSERVER_VTIME
11228 +extern void vx_adjust_timespec(struct timespec *ts);
11229 +extern int vx_settimeofday(const struct timespec *ts);
11232 +#define vx_adjust_timespec(t) do { } while (0)
11233 +#define vx_settimeofday(t) do_settimeofday(t)
11237 +#warning duplicate inclusion
11239 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/Kbuild linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/Kbuild
11240 --- linux-3.0-rc5/include/linux/vserver/Kbuild 1970-01-01 01:00:00.000000000 +0100
11241 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/Kbuild 2011-06-10 22:11:24.000000000 +0200
11244 +unifdef-y += context_cmd.h network_cmd.h space_cmd.h \
11245 + cacct_cmd.h cvirt_cmd.h limit_cmd.h dlimit_cmd.h \
11246 + inode_cmd.h tag_cmd.h sched_cmd.h signal_cmd.h \
11247 + debug_cmd.h device_cmd.h
11249 +unifdef-y += switch.h network.h monitor.h inode.h device.h
11251 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/base.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/base.h
11252 --- linux-3.0-rc5/include/linux/vserver/base.h 1970-01-01 01:00:00.000000000 +0100
11253 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/base.h 2011-06-13 14:09:44.000000000 +0200
11255 +#ifndef _VX_BASE_H
11256 +#define _VX_BASE_H
11259 +/* context state changes */
11271 +#define vx_task_xid(t) ((t)->xid)
11273 +#define vx_current_xid() vx_task_xid(current)
11275 +#define current_vx_info() (current->vx_info)
11278 +#define nx_task_nid(t) ((t)->nid)
11280 +#define nx_current_nid() nx_task_nid(current)
11282 +#define current_nx_info() (current->nx_info)
11285 +/* generic flag merging */
11287 +#define vs_check_flags(v, m, f) (((v) & (m)) ^ (f))
11289 +#define vs_mask_flags(v, f, m) (((v) & ~(m)) | ((f) & (m)))
11291 +#define vs_mask_mask(v, f, m) (((v) & ~(m)) | ((v) & (f) & (m)))
11293 +#define vs_check_bit(v, n) ((v) & (1LL << (n)))
11296 +/* context flags */
11298 +#define __vx_flags(v) ((v) ? (v)->vx_flags : 0)
11300 +#define vx_current_flags() __vx_flags(current_vx_info())
11302 +#define vx_info_flags(v, m, f) \
11303 + vs_check_flags(__vx_flags(v), m, f)
11305 +#define task_vx_flags(t, m, f) \
11306 + ((t) && vx_info_flags((t)->vx_info, m, f))
11308 +#define vx_flags(m, f) vx_info_flags(current_vx_info(), m, f)
11311 +/* context caps */
11313 +#define __vx_ccaps(v) ((v) ? (v)->vx_ccaps : 0)
11315 +#define vx_current_ccaps() __vx_ccaps(current_vx_info())
11317 +#define vx_info_ccaps(v, c) (__vx_ccaps(v) & (c))
11319 +#define vx_ccaps(c) vx_info_ccaps(current_vx_info(), (c))
11323 +/* network flags */
11325 +#define __nx_flags(n) ((n) ? (n)->nx_flags : 0)
11327 +#define nx_current_flags() __nx_flags(current_nx_info())
11329 +#define nx_info_flags(n, m, f) \
11330 + vs_check_flags(__nx_flags(n), m, f)
11332 +#define task_nx_flags(t, m, f) \
11333 + ((t) && nx_info_flags((t)->nx_info, m, f))
11335 +#define nx_flags(m, f) nx_info_flags(current_nx_info(), m, f)
11338 +/* network caps */
11340 +#define __nx_ncaps(n) ((n) ? (n)->nx_ncaps : 0)
11342 +#define nx_current_ncaps() __nx_ncaps(current_nx_info())
11344 +#define nx_info_ncaps(n, c) (__nx_ncaps(n) & (c))
11346 +#define nx_ncaps(c) nx_info_ncaps(current_nx_info(), c)
11349 +/* context mask capabilities */
11351 +#define __vx_mcaps(v) ((v) ? (v)->vx_ccaps >> 32UL : ~0 )
11353 +#define vx_info_mcaps(v, c) (__vx_mcaps(v) & (c))
11355 +#define vx_mcaps(c) vx_info_mcaps(current_vx_info(), c)
11358 +/* context bcap mask */
11360 +#define __vx_bcaps(v) ((v)->vx_bcaps)
11362 +#define vx_current_bcaps() __vx_bcaps(current_vx_info())
11365 +/* mask given bcaps */
11367 +#define vx_info_mbcaps(v, c) ((v) ? cap_intersect(__vx_bcaps(v), c) : c)
11369 +#define vx_mbcaps(c) vx_info_mbcaps(current_vx_info(), c)
11372 +/* masked cap_bset */
11374 +#define vx_info_cap_bset(v) vx_info_mbcaps(v, current->cap_bset)
11376 +#define vx_current_cap_bset() vx_info_cap_bset(current_vx_info())
11379 +#define vx_info_mbcap(v, b) \
11380 + (!vx_info_flags(v, VXF_STATE_SETUP, 0) ? \
11381 + vx_info_bcaps(v, b) : (b))
11383 +#define task_vx_mbcap(t, b) \
11384 + vx_info_mbcap((t)->vx_info, (t)->b)
11386 +#define vx_mbcap(b) task_vx_mbcap(current, b)
11389 +#define vx_cap_raised(v, c, f) cap_raised(vx_info_mbcaps(v, c), f)
11391 +#define vx_capable(b, c) (capable(b) || \
11392 + (cap_raised(current_cap(), b) && vx_ccaps(c)))
11394 +#define vx_ns_capable(n, b, c) (ns_capable(n, b) || \
11395 + (cap_raised(current_cap(), b) && vx_ccaps(c)))
11397 +#define nx_capable(b, c) (capable(b) || \
11398 + (cap_raised(current_cap(), b) && nx_ncaps(c)))
11400 +#define vx_task_initpid(t, n) \
11401 + ((t)->vx_info && \
11402 + ((t)->vx_info->vx_initpid == (n)))
11404 +#define vx_current_initpid(n) vx_task_initpid(current, n)
11407 +/* context unshare mask */
11409 +#define __vx_umask(v) ((v)->vx_umask)
11411 +#define vx_current_umask() __vx_umask(current_vx_info())
11413 +#define vx_can_unshare(b, f) (capable(b) || \
11414 + (cap_raised(current_cap(), b) && \
11415 + !((f) & ~vx_current_umask())))
11418 +#define __vx_state(v) ((v) ? ((v)->vx_state) : 0)
11420 +#define vx_info_state(v, m) (__vx_state(v) & (m))
11423 +#define __nx_state(n) ((n) ? ((n)->nx_state) : 0)
11425 +#define nx_info_state(n, m) (__nx_state(n) & (m))
11428 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/cacct.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct.h
11429 --- linux-3.0-rc5/include/linux/vserver/cacct.h 1970-01-01 01:00:00.000000000 +0100
11430 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct.h 2011-06-10 22:11:24.000000000 +0200
11432 +#ifndef _VX_CACCT_H
11433 +#define _VX_CACCT_H
11436 +enum sock_acc_field {
11437 + VXA_SOCK_UNSPEC = 0,
11443 + VXA_SOCK_SIZE /* array size */
11446 +#endif /* _VX_CACCT_H */
11447 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/cacct_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct_cmd.h
11448 --- linux-3.0-rc5/include/linux/vserver/cacct_cmd.h 1970-01-01 01:00:00.000000000 +0100
11449 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct_cmd.h 2011-06-10 22:11:24.000000000 +0200
11451 +#ifndef _VX_CACCT_CMD_H
11452 +#define _VX_CACCT_CMD_H
11455 +/* virtual host info name commands */
11457 +#define VCMD_sock_stat VC_CMD(VSTAT, 5, 0)
11459 +struct vcmd_sock_stat_v0 {
11461 + uint32_t count[3];
11462 + uint64_t total[3];
11468 +#include <linux/compiler.h>
11470 +extern int vc_sock_stat(struct vx_info *, void __user *);
11472 +#endif /* __KERNEL__ */
11473 +#endif /* _VX_CACCT_CMD_H */
11474 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/cacct_def.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct_def.h
11475 --- linux-3.0-rc5/include/linux/vserver/cacct_def.h 1970-01-01 01:00:00.000000000 +0100
11476 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct_def.h 2011-06-10 22:11:24.000000000 +0200
11478 +#ifndef _VX_CACCT_DEF_H
11479 +#define _VX_CACCT_DEF_H
11481 +#include <asm/atomic.h>
11482 +#include <linux/vserver/cacct.h>
11485 +struct _vx_sock_acc {
11486 + atomic_long_t count;
11487 + atomic_long_t total;
11490 +/* context sub struct */
11492 +struct _vx_cacct {
11493 + struct _vx_sock_acc sock[VXA_SOCK_SIZE][3];
11494 + atomic_t slab[8];
11495 + atomic_t page[6][8];
11498 +#ifdef CONFIG_VSERVER_DEBUG
11500 +static inline void __dump_vx_cacct(struct _vx_cacct *cacct)
11504 + printk("\t_vx_cacct:");
11505 + for (i = 0; i < 6; i++) {
11506 + struct _vx_sock_acc *ptr = cacct->sock[i];
11508 + printk("\t [%d] =", i);
11509 + for (j = 0; j < 3; j++) {
11510 + printk(" [%d] = %8lu, %8lu", j,
11511 + atomic_long_read(&ptr[j].count),
11512 + atomic_long_read(&ptr[j].total));
11520 +#endif /* _VX_CACCT_DEF_H */
11521 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/cacct_int.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct_int.h
11522 --- linux-3.0-rc5/include/linux/vserver/cacct_int.h 1970-01-01 01:00:00.000000000 +0100
11523 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cacct_int.h 2011-06-10 22:11:24.000000000 +0200
11525 +#ifndef _VX_CACCT_INT_H
11526 +#define _VX_CACCT_INT_H
11532 +unsigned long vx_sock_count(struct _vx_cacct *cacct, int type, int pos)
11534 + return atomic_long_read(&cacct->sock[type][pos].count);
11539 +unsigned long vx_sock_total(struct _vx_cacct *cacct, int type, int pos)
11541 + return atomic_long_read(&cacct->sock[type][pos].total);
11544 +#endif /* __KERNEL__ */
11545 +#endif /* _VX_CACCT_INT_H */
11546 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/check.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/check.h
11547 --- linux-3.0-rc5/include/linux/vserver/check.h 1970-01-01 01:00:00.000000000 +0100
11548 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/check.h 2011-06-10 22:11:24.000000000 +0200
11550 +#ifndef _VS_CHECK_H
11551 +#define _VS_CHECK_H
11554 +#define MAX_S_CONTEXT 65535 /* Arbitrary limit */
11556 +#ifdef CONFIG_VSERVER_DYNAMIC_IDS
11557 +#define MIN_D_CONTEXT 49152 /* dynamic contexts start here */
11559 +#define MIN_D_CONTEXT 65536
11562 +/* check conditions */
11564 +#define VS_ADMIN 0x0001
11565 +#define VS_WATCH 0x0002
11566 +#define VS_HIDE 0x0004
11567 +#define VS_HOSTID 0x0008
11569 +#define VS_IDENT 0x0010
11570 +#define VS_EQUIV 0x0020
11571 +#define VS_PARENT 0x0040
11572 +#define VS_CHILD 0x0080
11574 +#define VS_ARG_MASK 0x00F0
11576 +#define VS_DYNAMIC 0x0100
11577 +#define VS_STATIC 0x0200
11579 +#define VS_ATR_MASK 0x0F00
11581 +#ifdef CONFIG_VSERVER_PRIVACY
11582 +#define VS_ADMIN_P (0)
11583 +#define VS_WATCH_P (0)
11585 +#define VS_ADMIN_P VS_ADMIN
11586 +#define VS_WATCH_P VS_WATCH
11589 +#define VS_HARDIRQ 0x1000
11590 +#define VS_SOFTIRQ 0x2000
11591 +#define VS_IRQ 0x4000
11593 +#define VS_IRQ_MASK 0xF000
11595 +#include <linux/hardirq.h>
11598 + * check current context for ADMIN/WATCH and
11599 + * optionally against supplied argument
11601 +static inline int __vs_check(int cid, int id, unsigned int mode)
11603 + if (mode & VS_ARG_MASK) {
11604 + if ((mode & VS_IDENT) && (id == cid))
11607 + if (mode & VS_ATR_MASK) {
11608 + if ((mode & VS_DYNAMIC) &&
11609 + (id >= MIN_D_CONTEXT) &&
11610 + (id <= MAX_S_CONTEXT))
11612 + if ((mode & VS_STATIC) &&
11613 + (id > 1) && (id < MIN_D_CONTEXT))
11616 + if (mode & VS_IRQ_MASK) {
11617 + if ((mode & VS_IRQ) && unlikely(in_interrupt()))
11619 + if ((mode & VS_HARDIRQ) && unlikely(in_irq()))
11621 + if ((mode & VS_SOFTIRQ) && unlikely(in_softirq()))
11624 + return (((mode & VS_ADMIN) && (cid == 0)) ||
11625 + ((mode & VS_WATCH) && (cid == 1)) ||
11626 + ((mode & VS_HOSTID) && (id == 0)));
11629 +#define vx_check(c, m) __vs_check(vx_current_xid(), c, (m) | VS_IRQ)
11631 +#define vx_weak_check(c, m) ((m) ? vx_check(c, m) : 1)
11634 +#define nx_check(c, m) __vs_check(nx_current_nid(), c, m)
11636 +#define nx_weak_check(c, m) ((m) ? nx_check(c, m) : 1)
11639 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/context.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/context.h
11640 --- linux-3.0-rc5/include/linux/vserver/context.h 1970-01-01 01:00:00.000000000 +0100
11641 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/context.h 2011-06-10 22:11:24.000000000 +0200
11643 +#ifndef _VX_CONTEXT_H
11644 +#define _VX_CONTEXT_H
11646 +#include <linux/types.h>
11647 +#include <linux/capability.h>
11650 +/* context flags */
11652 +#define VXF_INFO_SCHED 0x00000002
11653 +#define VXF_INFO_NPROC 0x00000004
11654 +#define VXF_INFO_PRIVATE 0x00000008
11656 +#define VXF_INFO_INIT 0x00000010
11657 +#define VXF_INFO_HIDE 0x00000020
11658 +#define VXF_INFO_ULIMIT 0x00000040
11659 +#define VXF_INFO_NSPACE 0x00000080
11661 +#define VXF_SCHED_HARD 0x00000100
11662 +#define VXF_SCHED_PRIO 0x00000200
11663 +#define VXF_SCHED_PAUSE 0x00000400
11665 +#define VXF_VIRT_MEM 0x00010000
11666 +#define VXF_VIRT_UPTIME 0x00020000
11667 +#define VXF_VIRT_CPU 0x00040000
11668 +#define VXF_VIRT_LOAD 0x00080000
11669 +#define VXF_VIRT_TIME 0x00100000
11671 +#define VXF_HIDE_MOUNT 0x01000000
11672 +/* was VXF_HIDE_NETIF 0x02000000 */
11673 +#define VXF_HIDE_VINFO 0x04000000
11675 +#define VXF_STATE_SETUP (1ULL << 32)
11676 +#define VXF_STATE_INIT (1ULL << 33)
11677 +#define VXF_STATE_ADMIN (1ULL << 34)
11679 +#define VXF_SC_HELPER (1ULL << 36)
11680 +#define VXF_REBOOT_KILL (1ULL << 37)
11681 +#define VXF_PERSISTENT (1ULL << 38)
11683 +#define VXF_FORK_RSS (1ULL << 48)
11684 +#define VXF_PROLIFIC (1ULL << 49)
11686 +#define VXF_IGNEG_NICE (1ULL << 52)
11688 +#define VXF_ONE_TIME (0x0007ULL << 32)
11690 +#define VXF_INIT_SET (VXF_STATE_SETUP | VXF_STATE_INIT | VXF_STATE_ADMIN)
11693 +/* context migration */
11695 +#define VXM_SET_INIT 0x00000001
11696 +#define VXM_SET_REAPER 0x00000002
11698 +/* context caps */
11700 +#define VXC_CAP_MASK 0x00000000
11702 +#define VXC_SET_UTSNAME 0x00000001
11703 +#define VXC_SET_RLIMIT 0x00000002
11704 +#define VXC_FS_SECURITY 0x00000004
11705 +#define VXC_FS_TRUSTED 0x00000008
11706 +#define VXC_TIOCSTI 0x00000010
11708 +/* was VXC_RAW_ICMP 0x00000100 */
11709 +#define VXC_SYSLOG 0x00001000
11710 +#define VXC_OOM_ADJUST 0x00002000
11711 +#define VXC_AUDIT_CONTROL 0x00004000
11713 +#define VXC_SECURE_MOUNT 0x00010000
11714 +#define VXC_SECURE_REMOUNT 0x00020000
11715 +#define VXC_BINARY_MOUNT 0x00040000
11717 +#define VXC_QUOTA_CTL 0x00100000
11718 +#define VXC_ADMIN_MAPPER 0x00200000
11719 +#define VXC_ADMIN_CLOOP 0x00400000
11721 +#define VXC_KTHREAD 0x01000000
11722 +#define VXC_NAMESPACE 0x02000000
11727 +#include <linux/list.h>
11728 +#include <linux/spinlock.h>
11729 +#include <linux/rcupdate.h>
11731 +#include "limit_def.h"
11732 +#include "sched_def.h"
11733 +#include "cvirt_def.h"
11734 +#include "cacct_def.h"
11735 +#include "device_def.h"
11737 +#define VX_SPACES 2
11739 +struct _vx_info_pc {
11740 + struct _vx_sched_pc sched_pc;
11741 + struct _vx_cvirt_pc cvirt_pc;
11744 +struct _vx_space {
11745 + unsigned long vx_nsmask; /* assignment mask */
11746 + struct nsproxy *vx_nsproxy; /* private namespaces */
11747 + struct fs_struct *vx_fs; /* private namespace fs */
11748 + const struct cred *vx_cred; /* task credentials */
11752 + struct hlist_node vx_hlist; /* linked list of contexts */
11753 + xid_t vx_id; /* context id */
11754 + atomic_t vx_usecnt; /* usage count */
11755 + atomic_t vx_tasks; /* tasks count */
11756 + struct vx_info *vx_parent; /* parent context */
11757 + int vx_state; /* context state */
11759 + struct _vx_space space[VX_SPACES]; /* namespace store */
11761 + uint64_t vx_flags; /* context flags */
11762 + uint64_t vx_ccaps; /* context caps (vserver) */
11763 + uint64_t vx_umask; /* unshare mask (guest) */
11764 + kernel_cap_t vx_bcaps; /* bounding caps (system) */
11766 + struct task_struct *vx_reaper; /* guest reaper process */
11767 + pid_t vx_initpid; /* PID of guest init */
11768 + int64_t vx_badness_bias; /* OOM points bias */
11770 + struct _vx_limit limit; /* vserver limits */
11771 + struct _vx_sched sched; /* vserver scheduler */
11772 + struct _vx_cvirt cvirt; /* virtual/bias stuff */
11773 + struct _vx_cacct cacct; /* context accounting */
11775 + struct _vx_device dmap; /* default device map targets */
11777 +#ifndef CONFIG_SMP
11778 + struct _vx_info_pc info_pc; /* per cpu data */
11780 + struct _vx_info_pc *ptr_pc; /* per cpu array */
11783 + wait_queue_head_t vx_wait; /* context exit waitqueue */
11784 + int reboot_cmd; /* last sys_reboot() cmd */
11785 + int exit_code; /* last process exit code */
11787 + char vx_name[65]; /* vserver name */
11790 +#ifndef CONFIG_SMP
11791 +#define vx_ptr_pc(vxi) (&(vxi)->info_pc)
11792 +#define vx_per_cpu(vxi, v, id) vx_ptr_pc(vxi)->v
11794 +#define vx_ptr_pc(vxi) ((vxi)->ptr_pc)
11795 +#define vx_per_cpu(vxi, v, id) per_cpu_ptr(vx_ptr_pc(vxi), id)->v
11798 +#define vx_cpu(vxi, v) vx_per_cpu(vxi, v, smp_processor_id())
11801 +struct vx_info_save {
11802 + struct vx_info *vxi;
11807 +/* status flags */
11809 +#define VXS_HASHED 0x0001
11810 +#define VXS_PAUSED 0x0010
11811 +#define VXS_SHUTDOWN 0x0100
11812 +#define VXS_HELPER 0x1000
11813 +#define VXS_RELEASED 0x8000
11816 +extern void claim_vx_info(struct vx_info *, struct task_struct *);
11817 +extern void release_vx_info(struct vx_info *, struct task_struct *);
11819 +extern struct vx_info *lookup_vx_info(int);
11820 +extern struct vx_info *lookup_or_create_vx_info(int);
11822 +extern int get_xid_list(int, unsigned int *, int);
11823 +extern int xid_is_hashed(xid_t);
11825 +extern int vx_migrate_task(struct task_struct *, struct vx_info *, int);
11827 +extern long vs_state_change(struct vx_info *, unsigned int);
11830 +#endif /* __KERNEL__ */
11831 +#endif /* _VX_CONTEXT_H */
11832 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/context_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/context_cmd.h
11833 --- linux-3.0-rc5/include/linux/vserver/context_cmd.h 1970-01-01 01:00:00.000000000 +0100
11834 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/context_cmd.h 2011-06-10 22:11:24.000000000 +0200
11836 +#ifndef _VX_CONTEXT_CMD_H
11837 +#define _VX_CONTEXT_CMD_H
11840 +/* vinfo commands */
11842 +#define VCMD_task_xid VC_CMD(VINFO, 1, 0)
11845 +extern int vc_task_xid(uint32_t);
11847 +#endif /* __KERNEL__ */
11849 +#define VCMD_vx_info VC_CMD(VINFO, 5, 0)
11851 +struct vcmd_vx_info_v0 {
11853 + uint32_t initpid;
11854 + /* more to come */
11858 +extern int vc_vx_info(struct vx_info *, void __user *);
11860 +#endif /* __KERNEL__ */
11862 +#define VCMD_ctx_stat VC_CMD(VSTAT, 0, 0)
11864 +struct vcmd_ctx_stat_v0 {
11867 + /* more to come */
11871 +extern int vc_ctx_stat(struct vx_info *, void __user *);
11873 +#endif /* __KERNEL__ */
11875 +/* context commands */
11877 +#define VCMD_ctx_create_v0 VC_CMD(VPROC, 1, 0)
11878 +#define VCMD_ctx_create VC_CMD(VPROC, 1, 1)
11880 +struct vcmd_ctx_create {
11881 + uint64_t flagword;
11884 +#define VCMD_ctx_migrate_v0 VC_CMD(PROCMIG, 1, 0)
11885 +#define VCMD_ctx_migrate VC_CMD(PROCMIG, 1, 1)
11887 +struct vcmd_ctx_migrate {
11888 + uint64_t flagword;
11892 +extern int vc_ctx_create(uint32_t, void __user *);
11893 +extern int vc_ctx_migrate(struct vx_info *, void __user *);
11895 +#endif /* __KERNEL__ */
11898 +/* flag commands */
11900 +#define VCMD_get_cflags VC_CMD(FLAGS, 1, 0)
11901 +#define VCMD_set_cflags VC_CMD(FLAGS, 2, 0)
11903 +struct vcmd_ctx_flags_v0 {
11904 + uint64_t flagword;
11909 +extern int vc_get_cflags(struct vx_info *, void __user *);
11910 +extern int vc_set_cflags(struct vx_info *, void __user *);
11912 +#endif /* __KERNEL__ */
11915 +/* context caps commands */
11917 +#define VCMD_get_ccaps VC_CMD(FLAGS, 3, 1)
11918 +#define VCMD_set_ccaps VC_CMD(FLAGS, 4, 1)
11920 +struct vcmd_ctx_caps_v1 {
11926 +extern int vc_get_ccaps(struct vx_info *, void __user *);
11927 +extern int vc_set_ccaps(struct vx_info *, void __user *);
11929 +#endif /* __KERNEL__ */
11932 +/* bcaps commands */
11934 +#define VCMD_get_bcaps VC_CMD(FLAGS, 9, 0)
11935 +#define VCMD_set_bcaps VC_CMD(FLAGS, 10, 0)
11937 +struct vcmd_bcaps {
11943 +extern int vc_get_bcaps(struct vx_info *, void __user *);
11944 +extern int vc_set_bcaps(struct vx_info *, void __user *);
11946 +#endif /* __KERNEL__ */
11949 +/* umask commands */
11951 +#define VCMD_get_umask VC_CMD(FLAGS, 13, 0)
11952 +#define VCMD_set_umask VC_CMD(FLAGS, 14, 0)
11954 +struct vcmd_umask {
11960 +extern int vc_get_umask(struct vx_info *, void __user *);
11961 +extern int vc_set_umask(struct vx_info *, void __user *);
11963 +#endif /* __KERNEL__ */
11968 +#define VCMD_get_badness VC_CMD(MEMCTRL, 5, 0)
11969 +#define VCMD_set_badness VC_CMD(MEMCTRL, 6, 0)
11971 +struct vcmd_badness_v0 {
11976 +extern int vc_get_badness(struct vx_info *, void __user *);
11977 +extern int vc_set_badness(struct vx_info *, void __user *);
11979 +#endif /* __KERNEL__ */
11980 +#endif /* _VX_CONTEXT_CMD_H */
11981 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/cvirt.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cvirt.h
11982 --- linux-3.0-rc5/include/linux/vserver/cvirt.h 1970-01-01 01:00:00.000000000 +0100
11983 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cvirt.h 2011-06-10 22:11:24.000000000 +0200
11985 +#ifndef _VX_CVIRT_H
11986 +#define _VX_CVIRT_H
11993 +void vx_vsi_uptime(struct timespec *, struct timespec *);
11998 +void vx_update_load(struct vx_info *);
12001 +int vx_do_syslog(int, char __user *, int);
12003 +#endif /* __KERNEL__ */
12004 +#endif /* _VX_CVIRT_H */
12005 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/cvirt_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cvirt_cmd.h
12006 --- linux-3.0-rc5/include/linux/vserver/cvirt_cmd.h 1970-01-01 01:00:00.000000000 +0100
12007 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cvirt_cmd.h 2011-06-10 22:11:24.000000000 +0200
12009 +#ifndef _VX_CVIRT_CMD_H
12010 +#define _VX_CVIRT_CMD_H
12013 +/* virtual host info name commands */
12015 +#define VCMD_set_vhi_name VC_CMD(VHOST, 1, 0)
12016 +#define VCMD_get_vhi_name VC_CMD(VHOST, 2, 0)
12018 +struct vcmd_vhi_name_v0 {
12024 +enum vhi_name_field {
12025 + VHIN_CONTEXT = 0,
12037 +#include <linux/compiler.h>
12039 +extern int vc_set_vhi_name(struct vx_info *, void __user *);
12040 +extern int vc_get_vhi_name(struct vx_info *, void __user *);
12042 +#endif /* __KERNEL__ */
12044 +#define VCMD_virt_stat VC_CMD(VSTAT, 3, 0)
12046 +struct vcmd_virt_stat_v0 {
12049 + uint32_t nr_threads;
12050 + uint32_t nr_running;
12051 + uint32_t nr_uninterruptible;
12052 + uint32_t nr_onhold;
12053 + uint32_t nr_forks;
12054 + uint32_t load[3];
12058 +extern int vc_virt_stat(struct vx_info *, void __user *);
12060 +#endif /* __KERNEL__ */
12061 +#endif /* _VX_CVIRT_CMD_H */
12062 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/cvirt_def.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cvirt_def.h
12063 --- linux-3.0-rc5/include/linux/vserver/cvirt_def.h 1970-01-01 01:00:00.000000000 +0100
12064 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/cvirt_def.h 2011-06-10 22:11:24.000000000 +0200
12066 +#ifndef _VX_CVIRT_DEF_H
12067 +#define _VX_CVIRT_DEF_H
12069 +#include <linux/jiffies.h>
12070 +#include <linux/spinlock.h>
12071 +#include <linux/wait.h>
12072 +#include <linux/time.h>
12073 +#include <asm/atomic.h>
12076 +struct _vx_usage_stat {
12080 + uint64_t softirq;
12086 +struct _vx_syslog {
12087 + wait_queue_head_t log_wait;
12088 + spinlock_t logbuf_lock; /* lock for the log buffer */
12090 + unsigned long log_start; /* next char to be read by syslog() */
12091 + unsigned long con_start; /* next char to be sent to consoles */
12092 + unsigned long log_end; /* most-recently-written-char + 1 */
12093 + unsigned long logged_chars; /* #chars since last read+clear operation */
12095 + char log_buf[1024];
12099 +/* context sub struct */
12101 +struct _vx_cvirt {
12102 + atomic_t nr_threads; /* number of current threads */
12103 + atomic_t nr_running; /* number of running threads */
12104 + atomic_t nr_uninterruptible; /* number of uninterruptible threads */
12106 + atomic_t nr_onhold; /* processes on hold */
12107 + uint32_t onhold_last; /* jiffies when put on hold */
12109 + struct timespec bias_ts; /* time offset to the host */
12110 + struct timespec bias_idle;
12111 + struct timespec bias_uptime; /* context creation point */
12112 + uint64_t bias_clock; /* offset in clock_t */
12114 + spinlock_t load_lock; /* lock for the load averages */
12115 + atomic_t load_updates; /* nr of load updates done so far */
12116 + uint32_t load_last; /* last time load was calculated */
12117 + uint32_t load[3]; /* load averages 1,5,15 */
12119 + atomic_t total_forks; /* number of forks so far */
12121 + struct _vx_syslog syslog;
12124 +struct _vx_cvirt_pc {
12125 + struct _vx_usage_stat cpustat;
12129 +#ifdef CONFIG_VSERVER_DEBUG
12131 +static inline void __dump_vx_cvirt(struct _vx_cvirt *cvirt)
12133 + printk("\t_vx_cvirt:\n");
12134 + printk("\t threads: %4d, %4d, %4d, %4d\n",
12135 + atomic_read(&cvirt->nr_threads),
12136 + atomic_read(&cvirt->nr_running),
12137 + atomic_read(&cvirt->nr_uninterruptible),
12138 + atomic_read(&cvirt->nr_onhold));
12139 + /* add rest here */
12140 + printk("\t total_forks = %d\n", atomic_read(&cvirt->total_forks));
12145 +#endif /* _VX_CVIRT_DEF_H */
12146 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/debug.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/debug.h
12147 --- linux-3.0-rc5/include/linux/vserver/debug.h 1970-01-01 01:00:00.000000000 +0100
12148 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/debug.h 2011-06-10 22:11:24.000000000 +0200
12150 +#ifndef _VX_DEBUG_H
12151 +#define _VX_DEBUG_H
12154 +#define VXD_CBIT(n, m) (vx_debug_ ## n & (1 << (m)))
12155 +#define VXD_CMIN(n, m) (vx_debug_ ## n > (m))
12156 +#define VXD_MASK(n, m) (vx_debug_ ## n & (m))
12158 +#define VXD_DEV(d) (d), (d)->bd_inode->i_ino, \
12159 + imajor((d)->bd_inode), iminor((d)->bd_inode)
12160 +#define VXF_DEV "%p[%lu,%d:%d]"
12162 +#if defined(CONFIG_QUOTES_UTF8)
12163 +#define VS_Q_LQM "\xc2\xbb"
12164 +#define VS_Q_RQM "\xc2\xab"
12165 +#elif defined(CONFIG_QUOTES_ASCII)
12166 +#define VS_Q_LQM "\x27"
12167 +#define VS_Q_RQM "\x27"
12169 +#define VS_Q_LQM "\xbb"
12170 +#define VS_Q_RQM "\xab"
12173 +#define VS_Q(f) VS_Q_LQM f VS_Q_RQM
12176 +#define vxd_path(p) \
12177 + ({ static char _buffer[PATH_MAX]; \
12178 + d_path(p, _buffer, sizeof(_buffer)); })
12180 +#define vxd_cond_path(n) \
12181 + ((n) ? vxd_path(&(n)->path) : "<null>" )
12184 +#ifdef CONFIG_VSERVER_DEBUG
12186 +extern unsigned int vx_debug_switch;
12187 +extern unsigned int vx_debug_xid;
12188 +extern unsigned int vx_debug_nid;
12189 +extern unsigned int vx_debug_tag;
12190 +extern unsigned int vx_debug_net;
12191 +extern unsigned int vx_debug_limit;
12192 +extern unsigned int vx_debug_cres;
12193 +extern unsigned int vx_debug_dlim;
12194 +extern unsigned int vx_debug_quota;
12195 +extern unsigned int vx_debug_cvirt;
12196 +extern unsigned int vx_debug_space;
12197 +extern unsigned int vx_debug_misc;
12200 +#define VX_LOGLEVEL "vxD: "
12201 +#define VX_PROC_FMT "%p: "
12202 +#define VX_PROCESS current
12204 +#define vxdprintk(c, f, x...) \
12207 + printk(VX_LOGLEVEL VX_PROC_FMT f "\n", \
12208 + VX_PROCESS , ##x); \
12211 +#define vxlprintk(c, f, x...) \
12214 + printk(VX_LOGLEVEL f " @%s:%d\n", x); \
12217 +#define vxfprintk(c, f, x...) \
12220 + printk(VX_LOGLEVEL f " %s@%s:%d\n", x); \
12226 +void dump_vx_info(struct vx_info *, int);
12227 +void dump_vx_info_inactive(int);
12229 +#else /* CONFIG_VSERVER_DEBUG */
12231 +#define vx_debug_switch 0
12232 +#define vx_debug_xid 0
12233 +#define vx_debug_nid 0
12234 +#define vx_debug_tag 0
12235 +#define vx_debug_net 0
12236 +#define vx_debug_limit 0
12237 +#define vx_debug_cres 0
12238 +#define vx_debug_dlim 0
12239 +#define vx_debug_cvirt 0
12241 +#define vxdprintk(x...) do { } while (0)
12242 +#define vxlprintk(x...) do { } while (0)
12243 +#define vxfprintk(x...) do { } while (0)
12245 +#endif /* CONFIG_VSERVER_DEBUG */
12248 +#ifdef CONFIG_VSERVER_WARN
12250 +#define VX_WARNLEVEL KERN_WARNING "vxW: "
12251 +#define VX_WARN_TASK "[" VS_Q("%s") ",%u:#%u|%u|%u] "
12252 +#define VX_WARN_XID "[xid #%u] "
12253 +#define VX_WARN_NID "[nid #%u] "
12254 +#define VX_WARN_TAG "[tag #%u] "
12256 +#define vxwprintk(c, f, x...) \
12259 + printk(VX_WARNLEVEL f "\n", ##x); \
12262 +#else /* CONFIG_VSERVER_WARN */
12264 +#define vxwprintk(x...) do { } while (0)
12266 +#endif /* CONFIG_VSERVER_WARN */
12268 +#define vxwprintk_task(c, f, x...) \
12269 + vxwprintk(c, VX_WARN_TASK f, \
12270 + current->comm, current->pid, \
12271 + current->xid, current->nid, current->tag, ##x)
12272 +#define vxwprintk_xid(c, f, x...) \
12273 + vxwprintk(c, VX_WARN_XID f, current->xid, x)
12274 +#define vxwprintk_nid(c, f, x...) \
12275 + vxwprintk(c, VX_WARN_NID f, current->nid, x)
12276 +#define vxwprintk_tag(c, f, x...) \
12277 + vxwprintk(c, VX_WARN_TAG f, current->tag, x)
12279 +#ifdef CONFIG_VSERVER_DEBUG
12280 +#define vxd_assert_lock(l) assert_spin_locked(l)
12281 +#define vxd_assert(c, f, x...) vxlprintk(!(c), \
12282 + "assertion [" f "] failed.", ##x, __FILE__, __LINE__)
12284 +#define vxd_assert_lock(l) do { } while (0)
12285 +#define vxd_assert(c, f, x...) do { } while (0)
12289 +#endif /* _VX_DEBUG_H */
12290 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/debug_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/debug_cmd.h
12291 --- linux-3.0-rc5/include/linux/vserver/debug_cmd.h 1970-01-01 01:00:00.000000000 +0100
12292 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/debug_cmd.h 2011-06-10 22:11:24.000000000 +0200
12294 +#ifndef _VX_DEBUG_CMD_H
12295 +#define _VX_DEBUG_CMD_H
12298 +/* debug commands */
12300 +#define VCMD_dump_history VC_CMD(DEBUG, 1, 0)
12302 +#define VCMD_read_history VC_CMD(DEBUG, 5, 0)
12303 +#define VCMD_read_monitor VC_CMD(DEBUG, 6, 0)
12305 +struct vcmd_read_history_v0 {
12308 + char __user *data;
12311 +struct vcmd_read_monitor_v0 {
12314 + char __user *data;
12320 +#ifdef CONFIG_COMPAT
12322 +#include <asm/compat.h>
12324 +struct vcmd_read_history_v0_x32 {
12327 + compat_uptr_t data_ptr;
12330 +struct vcmd_read_monitor_v0_x32 {
12333 + compat_uptr_t data_ptr;
12336 +#endif /* CONFIG_COMPAT */
12338 +extern int vc_dump_history(uint32_t);
12340 +extern int vc_read_history(uint32_t, void __user *);
12341 +extern int vc_read_monitor(uint32_t, void __user *);
12343 +#ifdef CONFIG_COMPAT
12345 +extern int vc_read_history_x32(uint32_t, void __user *);
12346 +extern int vc_read_monitor_x32(uint32_t, void __user *);
12348 +#endif /* CONFIG_COMPAT */
12350 +#endif /* __KERNEL__ */
12351 +#endif /* _VX_DEBUG_CMD_H */
12352 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/device.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/device.h
12353 --- linux-3.0-rc5/include/linux/vserver/device.h 1970-01-01 01:00:00.000000000 +0100
12354 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/device.h 2011-06-10 22:11:24.000000000 +0200
12356 +#ifndef _VX_DEVICE_H
12357 +#define _VX_DEVICE_H
12360 +#define DATTR_CREATE 0x00000001
12361 +#define DATTR_OPEN 0x00000002
12363 +#define DATTR_REMAP 0x00000010
12365 +#define DATTR_MASK 0x00000013
12368 +#else /* _VX_DEVICE_H */
12369 +#warning duplicate inclusion
12370 +#endif /* _VX_DEVICE_H */
12371 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/device_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/device_cmd.h
12372 --- linux-3.0-rc5/include/linux/vserver/device_cmd.h 1970-01-01 01:00:00.000000000 +0100
12373 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/device_cmd.h 2011-06-10 22:11:24.000000000 +0200
12375 +#ifndef _VX_DEVICE_CMD_H
12376 +#define _VX_DEVICE_CMD_H
12379 +/* device vserver commands */
12381 +#define VCMD_set_mapping VC_CMD(DEVICE, 1, 0)
12382 +#define VCMD_unset_mapping VC_CMD(DEVICE, 2, 0)
12384 +struct vcmd_set_mapping_v0 {
12385 + const char __user *device;
12386 + const char __user *target;
12393 +#ifdef CONFIG_COMPAT
12395 +#include <asm/compat.h>
12397 +struct vcmd_set_mapping_v0_x32 {
12398 + compat_uptr_t device_ptr;
12399 + compat_uptr_t target_ptr;
12403 +#endif /* CONFIG_COMPAT */
12405 +#include <linux/compiler.h>
12407 +extern int vc_set_mapping(struct vx_info *, void __user *);
12408 +extern int vc_unset_mapping(struct vx_info *, void __user *);
12410 +#ifdef CONFIG_COMPAT
12412 +extern int vc_set_mapping_x32(struct vx_info *, void __user *);
12413 +extern int vc_unset_mapping_x32(struct vx_info *, void __user *);
12415 +#endif /* CONFIG_COMPAT */
12417 +#endif /* __KERNEL__ */
12418 +#endif /* _VX_DEVICE_CMD_H */
12419 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/device_def.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/device_def.h
12420 --- linux-3.0-rc5/include/linux/vserver/device_def.h 1970-01-01 01:00:00.000000000 +0100
12421 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/device_def.h 2011-06-10 22:11:24.000000000 +0200
12423 +#ifndef _VX_DEVICE_DEF_H
12424 +#define _VX_DEVICE_DEF_H
12426 +#include <linux/types.h>
12428 +struct vx_dmap_target {
12433 +struct _vx_device {
12434 +#ifdef CONFIG_VSERVER_DEVICE
12435 + struct vx_dmap_target targets[2];
12439 +#endif /* _VX_DEVICE_DEF_H */
12440 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/dlimit.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/dlimit.h
12441 --- linux-3.0-rc5/include/linux/vserver/dlimit.h 1970-01-01 01:00:00.000000000 +0100
12442 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/dlimit.h 2011-06-10 22:11:24.000000000 +0200
12444 +#ifndef _VX_DLIMIT_H
12445 +#define _VX_DLIMIT_H
12447 +#include "switch.h"
12452 +/* keep in sync with CDLIM_INFINITY */
12454 +#define DLIM_INFINITY (~0ULL)
12456 +#include <linux/spinlock.h>
12457 +#include <linux/rcupdate.h>
12459 +struct super_block;
12462 + struct hlist_node dl_hlist; /* linked list of contexts */
12463 + struct rcu_head dl_rcu; /* the rcu head */
12464 + tag_t dl_tag; /* context tag */
12465 + atomic_t dl_usecnt; /* usage count */
12466 + atomic_t dl_refcnt; /* reference count */
12468 + struct super_block *dl_sb; /* associated superblock */
12470 + spinlock_t dl_lock; /* protect the values */
12472 + unsigned long long dl_space_used; /* used space in bytes */
12473 + unsigned long long dl_space_total; /* maximum space in bytes */
12474 + unsigned long dl_inodes_used; /* used inodes */
12475 + unsigned long dl_inodes_total; /* maximum inodes */
12477 + unsigned int dl_nrlmult; /* non root limit mult */
12482 +extern void rcu_free_dl_info(struct rcu_head *);
12483 +extern void unhash_dl_info(struct dl_info *);
12485 +extern struct dl_info *locate_dl_info(struct super_block *, tag_t);
12490 +extern void vx_vsi_statfs(struct super_block *, struct kstatfs *);
12492 +typedef uint64_t dlsize_t;
12494 +#endif /* __KERNEL__ */
12495 +#else /* _VX_DLIMIT_H */
12496 +#warning duplicate inclusion
12497 +#endif /* _VX_DLIMIT_H */
12498 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/dlimit_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/dlimit_cmd.h
12499 --- linux-3.0-rc5/include/linux/vserver/dlimit_cmd.h 1970-01-01 01:00:00.000000000 +0100
12500 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/dlimit_cmd.h 2011-06-10 22:11:24.000000000 +0200
12502 +#ifndef _VX_DLIMIT_CMD_H
12503 +#define _VX_DLIMIT_CMD_H
12506 +/* dlimit vserver commands */
12508 +#define VCMD_add_dlimit VC_CMD(DLIMIT, 1, 0)
12509 +#define VCMD_rem_dlimit VC_CMD(DLIMIT, 2, 0)
12511 +#define VCMD_set_dlimit VC_CMD(DLIMIT, 5, 0)
12512 +#define VCMD_get_dlimit VC_CMD(DLIMIT, 6, 0)
12514 +struct vcmd_ctx_dlimit_base_v0 {
12515 + const char __user *name;
12519 +struct vcmd_ctx_dlimit_v0 {
12520 + const char __user *name;
12521 + uint32_t space_used; /* used space in kbytes */
12522 + uint32_t space_total; /* maximum space in kbytes */
12523 + uint32_t inodes_used; /* used inodes */
12524 + uint32_t inodes_total; /* maximum inodes */
12525 + uint32_t reserved; /* reserved for root in % */
12529 +#define CDLIM_UNSET ((uint32_t)0UL)
12530 +#define CDLIM_INFINITY ((uint32_t)~0UL)
12531 +#define CDLIM_KEEP ((uint32_t)~1UL)
12533 +#define DLIME_UNIT 0
12534 +#define DLIME_KILO 1
12535 +#define DLIME_MEGA 2
12536 +#define DLIME_GIGA 3
12538 +#define DLIMF_SHIFT 0x10
12540 +#define DLIMS_USED 0
12541 +#define DLIMS_TOTAL 2
12544 +uint64_t dlimit_space_32to64(uint32_t val, uint32_t flags, int shift)
12546 + int exp = (flags & DLIMF_SHIFT) ?
12547 + (flags >> shift) & DLIME_GIGA : DLIME_KILO;
12548 + return ((uint64_t)val) << (10 * exp);
12552 +uint32_t dlimit_space_64to32(uint64_t val, uint32_t *flags, int shift)
12556 + if (*flags & DLIMF_SHIFT) {
12557 + while (val > (1LL << 32) && (exp < 3)) {
12561 + *flags &= ~(DLIME_GIGA << shift);
12562 + *flags |= exp << shift;
12570 +#ifdef CONFIG_COMPAT
12572 +#include <asm/compat.h>
12574 +struct vcmd_ctx_dlimit_base_v0_x32 {
12575 + compat_uptr_t name_ptr;
12579 +struct vcmd_ctx_dlimit_v0_x32 {
12580 + compat_uptr_t name_ptr;
12581 + uint32_t space_used; /* used space in kbytes */
12582 + uint32_t space_total; /* maximum space in kbytes */
12583 + uint32_t inodes_used; /* used inodes */
12584 + uint32_t inodes_total; /* maximum inodes */
12585 + uint32_t reserved; /* reserved for root in % */
12589 +#endif /* CONFIG_COMPAT */
12591 +#include <linux/compiler.h>
12593 +extern int vc_add_dlimit(uint32_t, void __user *);
12594 +extern int vc_rem_dlimit(uint32_t, void __user *);
12596 +extern int vc_set_dlimit(uint32_t, void __user *);
12597 +extern int vc_get_dlimit(uint32_t, void __user *);
12599 +#ifdef CONFIG_COMPAT
12601 +extern int vc_add_dlimit_x32(uint32_t, void __user *);
12602 +extern int vc_rem_dlimit_x32(uint32_t, void __user *);
12604 +extern int vc_set_dlimit_x32(uint32_t, void __user *);
12605 +extern int vc_get_dlimit_x32(uint32_t, void __user *);
12607 +#endif /* CONFIG_COMPAT */
12609 +#endif /* __KERNEL__ */
12610 +#endif /* _VX_DLIMIT_CMD_H */
12611 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/global.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/global.h
12612 --- linux-3.0-rc5/include/linux/vserver/global.h 1970-01-01 01:00:00.000000000 +0100
12613 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/global.h 2011-06-10 22:11:24.000000000 +0200
12615 +#ifndef _VX_GLOBAL_H
12616 +#define _VX_GLOBAL_H
12619 +extern atomic_t vx_global_ctotal;
12620 +extern atomic_t vx_global_cactive;
12622 +extern atomic_t nx_global_ctotal;
12623 +extern atomic_t nx_global_cactive;
12625 +extern atomic_t vs_global_nsproxy;
12626 +extern atomic_t vs_global_fs;
12627 +extern atomic_t vs_global_mnt_ns;
12628 +extern atomic_t vs_global_uts_ns;
12629 +extern atomic_t vs_global_user_ns;
12630 +extern atomic_t vs_global_pid_ns;
12633 +#endif /* _VX_GLOBAL_H */
12634 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/history.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/history.h
12635 --- linux-3.0-rc5/include/linux/vserver/history.h 1970-01-01 01:00:00.000000000 +0100
12636 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/history.h 2011-06-10 22:11:24.000000000 +0200
12638 +#ifndef _VX_HISTORY_H
12639 +#define _VX_HISTORY_H
12644 + VXH_THROW_OOPS = 1,
12648 + VXH_INIT_VX_INFO,
12651 + VXH_CLAIM_VX_INFO,
12652 + VXH_RELEASE_VX_INFO,
12653 + VXH_ALLOC_VX_INFO,
12654 + VXH_DEALLOC_VX_INFO,
12655 + VXH_HASH_VX_INFO,
12656 + VXH_UNHASH_VX_INFO,
12658 + VXH_LOOKUP_VX_INFO,
12659 + VXH_CREATE_VX_INFO,
12662 +struct _vxhe_vxi {
12663 + struct vx_info *ptr;
12669 +struct _vxhe_set_clr {
12673 +struct _vxhe_loc_lookup {
12677 +struct _vx_hist_entry {
12679 + unsigned short seq;
12680 + unsigned short type;
12681 + struct _vxhe_vxi vxi;
12683 + struct _vxhe_set_clr sc;
12684 + struct _vxhe_loc_lookup ll;
12688 +#ifdef CONFIG_VSERVER_HISTORY
12690 +extern unsigned volatile int vxh_active;
12692 +struct _vx_hist_entry *vxh_advance(void *loc);
12696 +void __vxh_copy_vxi(struct _vx_hist_entry *entry, struct vx_info *vxi)
12698 + entry->vxi.ptr = vxi;
12700 + entry->vxi.usecnt = atomic_read(&vxi->vx_usecnt);
12701 + entry->vxi.tasks = atomic_read(&vxi->vx_tasks);
12702 + entry->vxi.xid = vxi->vx_id;
12707 +#define __HERE__ current_text_addr()
12709 +#define __VXH_BODY(__type, __data, __here) \
12710 + struct _vx_hist_entry *entry; \
12712 + preempt_disable(); \
12713 + entry = vxh_advance(__here); \
12715 + entry->type = __type; \
12716 + preempt_enable();
12719 + /* pass vxi only */
12721 +#define __VXH_SMPL \
12722 + __vxh_copy_vxi(entry, vxi)
12725 +void __vxh_smpl(struct vx_info *vxi, int __type, void *__here)
12727 + __VXH_BODY(__type, __VXH_SMPL, __here)
12730 + /* pass vxi and data (void *) */
12732 +#define __VXH_DATA \
12733 + __vxh_copy_vxi(entry, vxi); \
12734 + entry->sc.data = data
12737 +void __vxh_data(struct vx_info *vxi, void *data,
12738 + int __type, void *__here)
12740 + __VXH_BODY(__type, __VXH_DATA, __here)
12743 + /* pass vxi and arg (long) */
12745 +#define __VXH_LONG \
12746 + __vxh_copy_vxi(entry, vxi); \
12747 + entry->ll.arg = arg
12750 +void __vxh_long(struct vx_info *vxi, long arg,
12751 + int __type, void *__here)
12753 + __VXH_BODY(__type, __VXH_LONG, __here)
12758 +void __vxh_throw_oops(void *__here)
12760 + __VXH_BODY(VXH_THROW_OOPS, {}, __here);
12761 + /* prevent further acquisition */
12766 +#define vxh_throw_oops() __vxh_throw_oops(__HERE__);
12768 +#define __vxh_get_vx_info(v, h) __vxh_smpl(v, VXH_GET_VX_INFO, h);
12769 +#define __vxh_put_vx_info(v, h) __vxh_smpl(v, VXH_PUT_VX_INFO, h);
12771 +#define __vxh_init_vx_info(v, d, h) \
12772 + __vxh_data(v, d, VXH_INIT_VX_INFO, h);
12773 +#define __vxh_set_vx_info(v, d, h) \
12774 + __vxh_data(v, d, VXH_SET_VX_INFO, h);
12775 +#define __vxh_clr_vx_info(v, d, h) \
12776 + __vxh_data(v, d, VXH_CLR_VX_INFO, h);
12778 +#define __vxh_claim_vx_info(v, d, h) \
12779 + __vxh_data(v, d, VXH_CLAIM_VX_INFO, h);
12780 +#define __vxh_release_vx_info(v, d, h) \
12781 + __vxh_data(v, d, VXH_RELEASE_VX_INFO, h);
12783 +#define vxh_alloc_vx_info(v) \
12784 + __vxh_smpl(v, VXH_ALLOC_VX_INFO, __HERE__);
12785 +#define vxh_dealloc_vx_info(v) \
12786 + __vxh_smpl(v, VXH_DEALLOC_VX_INFO, __HERE__);
12788 +#define vxh_hash_vx_info(v) \
12789 + __vxh_smpl(v, VXH_HASH_VX_INFO, __HERE__);
12790 +#define vxh_unhash_vx_info(v) \
12791 + __vxh_smpl(v, VXH_UNHASH_VX_INFO, __HERE__);
12793 +#define vxh_loc_vx_info(v, l) \
12794 + __vxh_long(v, l, VXH_LOC_VX_INFO, __HERE__);
12795 +#define vxh_lookup_vx_info(v, l) \
12796 + __vxh_long(v, l, VXH_LOOKUP_VX_INFO, __HERE__);
12797 +#define vxh_create_vx_info(v, l) \
12798 + __vxh_long(v, l, VXH_CREATE_VX_INFO, __HERE__);
12800 +extern void vxh_dump_history(void);
12803 +#else /* CONFIG_VSERVER_HISTORY */
12805 +#define __HERE__ 0
12807 +#define vxh_throw_oops() do { } while (0)
12809 +#define __vxh_get_vx_info(v, h) do { } while (0)
12810 +#define __vxh_put_vx_info(v, h) do { } while (0)
12812 +#define __vxh_init_vx_info(v, d, h) do { } while (0)
12813 +#define __vxh_set_vx_info(v, d, h) do { } while (0)
12814 +#define __vxh_clr_vx_info(v, d, h) do { } while (0)
12816 +#define __vxh_claim_vx_info(v, d, h) do { } while (0)
12817 +#define __vxh_release_vx_info(v, d, h) do { } while (0)
12819 +#define vxh_alloc_vx_info(v) do { } while (0)
12820 +#define vxh_dealloc_vx_info(v) do { } while (0)
12822 +#define vxh_hash_vx_info(v) do { } while (0)
12823 +#define vxh_unhash_vx_info(v) do { } while (0)
12825 +#define vxh_loc_vx_info(v, l) do { } while (0)
12826 +#define vxh_lookup_vx_info(v, l) do { } while (0)
12827 +#define vxh_create_vx_info(v, l) do { } while (0)
12829 +#define vxh_dump_history() do { } while (0)
12832 +#endif /* CONFIG_VSERVER_HISTORY */
12834 +#endif /* _VX_HISTORY_H */
12835 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/inode.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/inode.h
12836 --- linux-3.0-rc5/include/linux/vserver/inode.h 1970-01-01 01:00:00.000000000 +0100
12837 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/inode.h 2011-06-10 22:11:24.000000000 +0200
12839 +#ifndef _VX_INODE_H
12840 +#define _VX_INODE_H
12843 +#define IATTR_TAG 0x01000000
12845 +#define IATTR_ADMIN 0x00000001
12846 +#define IATTR_WATCH 0x00000002
12847 +#define IATTR_HIDE 0x00000004
12848 +#define IATTR_FLAGS 0x00000007
12850 +#define IATTR_BARRIER 0x00010000
12851 +#define IATTR_IXUNLINK 0x00020000
12852 +#define IATTR_IMMUTABLE 0x00040000
12853 +#define IATTR_COW 0x00080000
12858 +#ifdef CONFIG_VSERVER_PROC_SECURE
12859 +#define IATTR_PROC_DEFAULT ( IATTR_ADMIN | IATTR_HIDE )
12860 +#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
12862 +#define IATTR_PROC_DEFAULT ( IATTR_ADMIN )
12863 +#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
12866 +#define vx_hide_check(c, m) (((m) & IATTR_HIDE) ? vx_check(c, m) : 1)
12868 +#endif /* __KERNEL__ */
12870 +/* inode ioctls */
12872 +#define FIOC_GETXFLG _IOR('x', 5, long)
12873 +#define FIOC_SETXFLG _IOW('x', 6, long)
12875 +#else /* _VX_INODE_H */
12876 +#warning duplicate inclusion
12877 +#endif /* _VX_INODE_H */
12878 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/inode_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/inode_cmd.h
12879 --- linux-3.0-rc5/include/linux/vserver/inode_cmd.h 1970-01-01 01:00:00.000000000 +0100
12880 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/inode_cmd.h 2011-06-10 22:11:24.000000000 +0200
12882 +#ifndef _VX_INODE_CMD_H
12883 +#define _VX_INODE_CMD_H
12886 +/* inode vserver commands */
12888 +#define VCMD_get_iattr VC_CMD(INODE, 1, 1)
12889 +#define VCMD_set_iattr VC_CMD(INODE, 2, 1)
12891 +#define VCMD_fget_iattr VC_CMD(INODE, 3, 0)
12892 +#define VCMD_fset_iattr VC_CMD(INODE, 4, 0)
12894 +struct vcmd_ctx_iattr_v1 {
12895 + const char __user *name;
12901 +struct vcmd_ctx_fiattr_v0 {
12911 +#ifdef CONFIG_COMPAT
12913 +#include <asm/compat.h>
12915 +struct vcmd_ctx_iattr_v1_x32 {
12916 + compat_uptr_t name_ptr;
12922 +#endif /* CONFIG_COMPAT */
12924 +#include <linux/compiler.h>
12926 +extern int vc_get_iattr(void __user *);
12927 +extern int vc_set_iattr(void __user *);
12929 +extern int vc_fget_iattr(uint32_t, void __user *);
12930 +extern int vc_fset_iattr(uint32_t, void __user *);
12932 +#ifdef CONFIG_COMPAT
12934 +extern int vc_get_iattr_x32(void __user *);
12935 +extern int vc_set_iattr_x32(void __user *);
12937 +#endif /* CONFIG_COMPAT */
12939 +#endif /* __KERNEL__ */
12940 +#endif /* _VX_INODE_CMD_H */
12941 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/limit.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit.h
12942 --- linux-3.0-rc5/include/linux/vserver/limit.h 1970-01-01 01:00:00.000000000 +0100
12943 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit.h 2011-06-10 22:11:24.000000000 +0200
12945 +#ifndef _VX_LIMIT_H
12946 +#define _VX_LIMIT_H
12948 +#define VLIMIT_NSOCK 16
12949 +#define VLIMIT_OPENFD 17
12950 +#define VLIMIT_ANON 18
12951 +#define VLIMIT_SHMEM 19
12952 +#define VLIMIT_SEMARY 20
12953 +#define VLIMIT_NSEMS 21
12954 +#define VLIMIT_DENTRY 22
12955 +#define VLIMIT_MAPPED 23
12960 +#define VLIM_NOCHECK ((1L << VLIMIT_DENTRY) | (1L << RLIMIT_RSS))
12962 +/* keep in sync with CRLIM_INFINITY */
12964 +#define VLIM_INFINITY (~0ULL)
12966 +#include <asm/atomic.h>
12967 +#include <asm/resource.h>
12969 +#ifndef RLIM_INFINITY
12970 +#warning RLIM_INFINITY is undefined
12973 +#define __rlim_val(l, r, v) ((l)->res[r].v)
12975 +#define __rlim_soft(l, r) __rlim_val(l, r, soft)
12976 +#define __rlim_hard(l, r) __rlim_val(l, r, hard)
12978 +#define __rlim_rcur(l, r) __rlim_val(l, r, rcur)
12979 +#define __rlim_rmin(l, r) __rlim_val(l, r, rmin)
12980 +#define __rlim_rmax(l, r) __rlim_val(l, r, rmax)
12982 +#define __rlim_lhit(l, r) __rlim_val(l, r, lhit)
12983 +#define __rlim_hit(l, r) atomic_inc(&__rlim_lhit(l, r))
12985 +typedef atomic_long_t rlim_atomic_t;
12986 +typedef unsigned long rlim_t;
12988 +#define __rlim_get(l, r) atomic_long_read(&__rlim_rcur(l, r))
12989 +#define __rlim_set(l, r, v) atomic_long_set(&__rlim_rcur(l, r), v)
12990 +#define __rlim_inc(l, r) atomic_long_inc(&__rlim_rcur(l, r))
12991 +#define __rlim_dec(l, r) atomic_long_dec(&__rlim_rcur(l, r))
12992 +#define __rlim_add(l, r, v) atomic_long_add(v, &__rlim_rcur(l, r))
12993 +#define __rlim_sub(l, r, v) atomic_long_sub(v, &__rlim_rcur(l, r))
12996 +#if (RLIM_INFINITY == VLIM_INFINITY)
12997 +#define VX_VLIM(r) ((long long)(long)(r))
12998 +#define VX_RLIM(v) ((rlim_t)(v))
13000 +#define VX_VLIM(r) (((r) == RLIM_INFINITY) \
13001 + ? VLIM_INFINITY : (long long)(r))
13002 +#define VX_RLIM(v) (((v) == VLIM_INFINITY) \
13003 + ? RLIM_INFINITY : (rlim_t)(v))
13008 +void vx_vsi_meminfo(struct sysinfo *);
13009 +void vx_vsi_swapinfo(struct sysinfo *);
13010 +long vx_vsi_cached(struct sysinfo *);
13012 +#define NUM_LIMITS 24
13014 +#endif /* __KERNEL__ */
13015 +#endif /* _VX_LIMIT_H */
13016 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/limit_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit_cmd.h
13017 --- linux-3.0-rc5/include/linux/vserver/limit_cmd.h 1970-01-01 01:00:00.000000000 +0100
13018 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit_cmd.h 2011-06-10 22:11:24.000000000 +0200
13020 +#ifndef _VX_LIMIT_CMD_H
13021 +#define _VX_LIMIT_CMD_H
13024 +/* rlimit vserver commands */
13026 +#define VCMD_get_rlimit VC_CMD(RLIMIT, 1, 0)
13027 +#define VCMD_set_rlimit VC_CMD(RLIMIT, 2, 0)
13028 +#define VCMD_get_rlimit_mask VC_CMD(RLIMIT, 3, 0)
13029 +#define VCMD_reset_hits VC_CMD(RLIMIT, 7, 0)
13030 +#define VCMD_reset_minmax VC_CMD(RLIMIT, 9, 0)
13032 +struct vcmd_ctx_rlimit_v0 {
13034 + uint64_t minimum;
13035 + uint64_t softlimit;
13036 + uint64_t maximum;
13039 +struct vcmd_ctx_rlimit_mask_v0 {
13040 + uint32_t minimum;
13041 + uint32_t softlimit;
13042 + uint32_t maximum;
13045 +#define VCMD_rlimit_stat VC_CMD(VSTAT, 1, 0)
13047 +struct vcmd_rlimit_stat_v0 {
13051 + uint64_t minimum;
13052 + uint64_t maximum;
13055 +#define CRLIM_UNSET (0ULL)
13056 +#define CRLIM_INFINITY (~0ULL)
13057 +#define CRLIM_KEEP (~1ULL)
13061 +#ifdef CONFIG_IA32_EMULATION
13063 +struct vcmd_ctx_rlimit_v0_x32 {
13065 + uint64_t minimum;
13066 + uint64_t softlimit;
13067 + uint64_t maximum;
13068 +} __attribute__ ((packed));
13070 +#endif /* CONFIG_IA32_EMULATION */
13072 +#include <linux/compiler.h>
13074 +extern int vc_get_rlimit_mask(uint32_t, void __user *);
13075 +extern int vc_get_rlimit(struct vx_info *, void __user *);
13076 +extern int vc_set_rlimit(struct vx_info *, void __user *);
13077 +extern int vc_reset_hits(struct vx_info *, void __user *);
13078 +extern int vc_reset_minmax(struct vx_info *, void __user *);
13080 +extern int vc_rlimit_stat(struct vx_info *, void __user *);
13082 +#ifdef CONFIG_IA32_EMULATION
13084 +extern int vc_get_rlimit_x32(struct vx_info *, void __user *);
13085 +extern int vc_set_rlimit_x32(struct vx_info *, void __user *);
13087 +#endif /* CONFIG_IA32_EMULATION */
13089 +#endif /* __KERNEL__ */
13090 +#endif /* _VX_LIMIT_CMD_H */
13091 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/limit_def.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit_def.h
13092 --- linux-3.0-rc5/include/linux/vserver/limit_def.h 1970-01-01 01:00:00.000000000 +0100
13093 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit_def.h 2011-06-10 22:11:24.000000000 +0200
13095 +#ifndef _VX_LIMIT_DEF_H
13096 +#define _VX_LIMIT_DEF_H
13098 +#include <asm/atomic.h>
13099 +#include <asm/resource.h>
13101 +#include "limit.h"
13104 +struct _vx_res_limit {
13105 + rlim_t soft; /* Context soft limit */
13106 + rlim_t hard; /* Context hard limit */
13108 + rlim_atomic_t rcur; /* Current value */
13109 + rlim_t rmin; /* Context minimum */
13110 + rlim_t rmax; /* Context maximum */
13112 + atomic_t lhit; /* Limit hits */
13115 +/* context sub struct */
13117 +struct _vx_limit {
13118 + struct _vx_res_limit res[NUM_LIMITS];
13121 +#ifdef CONFIG_VSERVER_DEBUG
13123 +static inline void __dump_vx_limit(struct _vx_limit *limit)
13127 + printk("\t_vx_limit:");
13128 + for (i = 0; i < NUM_LIMITS; i++) {
13129 + printk("\t [%2d] = %8lu %8lu/%8lu, %8ld/%8ld, %8d\n",
13130 + i, (unsigned long)__rlim_get(limit, i),
13131 + (unsigned long)__rlim_rmin(limit, i),
13132 + (unsigned long)__rlim_rmax(limit, i),
13133 + (long)__rlim_soft(limit, i),
13134 + (long)__rlim_hard(limit, i),
13135 + atomic_read(&__rlim_lhit(limit, i)));
13141 +#endif /* _VX_LIMIT_DEF_H */
13142 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/limit_int.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit_int.h
13143 --- linux-3.0-rc5/include/linux/vserver/limit_int.h 1970-01-01 01:00:00.000000000 +0100
13144 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/limit_int.h 2011-06-10 22:11:24.000000000 +0200
13146 +#ifndef _VX_LIMIT_INT_H
13147 +#define _VX_LIMIT_INT_H
13149 +#include "context.h"
13153 +#define VXD_RCRES_COND(r) VXD_CBIT(cres, r)
13154 +#define VXD_RLIMIT_COND(r) VXD_CBIT(limit, r)
13156 +extern const char *vlimit_name[NUM_LIMITS];
13158 +static inline void __vx_acc_cres(struct vx_info *vxi,
13159 + int res, int dir, void *_data, char *_file, int _line)
13161 + if (VXD_RCRES_COND(res))
13162 + vxlprintk(1, "vx_acc_cres[%5d,%s,%2d]: %5ld%s (%p)",
13163 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
13164 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
13165 + (dir > 0) ? "++" : "--", _data, _file, _line);
13170 + __rlim_inc(&vxi->limit, res);
13172 + __rlim_dec(&vxi->limit, res);
13175 +static inline void __vx_add_cres(struct vx_info *vxi,
13176 + int res, int amount, void *_data, char *_file, int _line)
13178 + if (VXD_RCRES_COND(res))
13179 + vxlprintk(1, "vx_add_cres[%5d,%s,%2d]: %5ld += %5d (%p)",
13180 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
13181 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
13182 + amount, _data, _file, _line);
13187 + __rlim_add(&vxi->limit, res, amount);
13191 +int __vx_cres_adjust_max(struct _vx_limit *limit, int res, rlim_t value)
13193 + int cond = (value > __rlim_rmax(limit, res));
13196 + __rlim_rmax(limit, res) = value;
13201 +int __vx_cres_adjust_min(struct _vx_limit *limit, int res, rlim_t value)
13203 + int cond = (value < __rlim_rmin(limit, res));
13206 + __rlim_rmin(limit, res) = value;
13211 +void __vx_cres_fixup(struct _vx_limit *limit, int res, rlim_t value)
13213 + if (!__vx_cres_adjust_max(limit, res, value))
13214 + __vx_cres_adjust_min(limit, res, value);
13219 + +1 ... no limit hit
13220 + -1 ... over soft limit
13221 + 0 ... over hard limit */
13223 +static inline int __vx_cres_avail(struct vx_info *vxi,
13224 + int res, int num, char *_file, int _line)
13226 + struct _vx_limit *limit;
13229 + if (VXD_RLIMIT_COND(res))
13230 + vxlprintk(1, "vx_cres_avail[%5d,%s,%2d]: %5ld/%5ld > %5ld + %5d",
13231 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
13232 + (vxi ? (long)__rlim_soft(&vxi->limit, res) : -1),
13233 + (vxi ? (long)__rlim_hard(&vxi->limit, res) : -1),
13234 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
13235 + num, _file, _line);
13239 + limit = &vxi->limit;
13240 + value = __rlim_get(limit, res);
13242 + if (!__vx_cres_adjust_max(limit, res, value))
13243 + __vx_cres_adjust_min(limit, res, value);
13248 + if (__rlim_soft(limit, res) == RLIM_INFINITY)
13250 + if (value + num <= __rlim_soft(limit, res))
13253 + if (__rlim_hard(limit, res) == RLIM_INFINITY)
13255 + if (value + num <= __rlim_hard(limit, res))
13258 + __rlim_hit(limit, res);
13263 +static const int VLA_RSS[] = { RLIMIT_RSS, VLIMIT_ANON, VLIMIT_MAPPED, 0 };
13266 +rlim_t __vx_cres_array_sum(struct _vx_limit *limit, const int *array)
13268 + rlim_t value, sum = 0;
13271 + while ((res = *array++)) {
13272 + value = __rlim_get(limit, res);
13273 + __vx_cres_fixup(limit, res, value);
13280 +rlim_t __vx_cres_array_fixup(struct _vx_limit *limit, const int *array)
13282 + rlim_t value = __vx_cres_array_sum(limit, array + 1);
13283 + int res = *array;
13285 + if (value == __rlim_get(limit, res))
13288 + __rlim_set(limit, res, value);
13289 + /* now adjust min/max */
13290 + if (!__vx_cres_adjust_max(limit, res, value))
13291 + __vx_cres_adjust_min(limit, res, value);
13296 +static inline int __vx_cres_array_avail(struct vx_info *vxi,
13297 + const int *array, int num, char *_file, int _line)
13299 + struct _vx_limit *limit;
13300 + rlim_t value = 0;
13308 + limit = &vxi->limit;
13310 + value = __vx_cres_array_sum(limit, array + 1);
13312 + __rlim_set(limit, res, value);
13313 + __vx_cres_fixup(limit, res, value);
13315 + return __vx_cres_avail(vxi, res, num, _file, _line);
13319 +static inline void vx_limit_fixup(struct _vx_limit *limit, int id)
13324 + /* complex resources first */
13325 + if ((id < 0) || (id == RLIMIT_RSS))
13326 + __vx_cres_array_fixup(limit, VLA_RSS);
13328 + for (res = 0; res < NUM_LIMITS; res++) {
13329 + if ((id > 0) && (res != id))
13332 + value = __rlim_get(limit, res);
13333 + __vx_cres_fixup(limit, res, value);
13335 + /* not supposed to happen, maybe warn? */
13336 + if (__rlim_rmax(limit, res) > __rlim_hard(limit, res))
13337 + __rlim_rmax(limit, res) = __rlim_hard(limit, res);
13342 +#endif /* __KERNEL__ */
13343 +#endif /* _VX_LIMIT_INT_H */
13344 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/monitor.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/monitor.h
13345 --- linux-3.0-rc5/include/linux/vserver/monitor.h 1970-01-01 01:00:00.000000000 +0100
13346 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/monitor.h 2011-06-10 22:11:24.000000000 +0200
13348 +#ifndef _VX_MONITOR_H
13349 +#define _VX_MONITOR_H
13351 +#include <linux/types.h>
13358 + VXM_UPDATE = 0x20,
13362 + VXM_RQINFO_1 = 0x24,
13365 + VXM_ACTIVATE = 0x40,
13372 + VXM_MIGRATE = 0x48,
13375 + /* all other bits are flags */
13376 + VXM_SCHED = 0x80,
13379 +struct _vxm_update_1 {
13380 + uint32_t tokens_max;
13381 + uint32_t fill_rate;
13382 + uint32_t interval;
13385 +struct _vxm_update_2 {
13386 + uint32_t tokens_min;
13387 + uint32_t fill_rate;
13388 + uint32_t interval;
13391 +struct _vxm_rqinfo_1 {
13392 + uint16_t running;
13396 + uint32_t idle_tokens;
13399 +struct _vxm_rqinfo_2 {
13400 + uint32_t norm_time;
13401 + uint32_t idle_time;
13402 + uint32_t idle_skip;
13405 +struct _vxm_sched {
13407 + uint32_t norm_time;
13408 + uint32_t idle_time;
13411 +struct _vxm_task {
13416 +struct _vxm_event {
13425 + struct _vxm_task tsk;
13429 +struct _vx_mon_entry {
13433 + struct _vxm_event ev;
13434 + struct _vxm_sched sd;
13435 + struct _vxm_update_1 u1;
13436 + struct _vxm_update_2 u2;
13437 + struct _vxm_rqinfo_1 q1;
13438 + struct _vxm_rqinfo_2 q2;
13443 +#endif /* _VX_MONITOR_H */
13444 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/network.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/network.h
13445 --- linux-3.0-rc5/include/linux/vserver/network.h 1970-01-01 01:00:00.000000000 +0100
13446 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/network.h 2011-06-10 22:11:24.000000000 +0200
13448 +#ifndef _VX_NETWORK_H
13449 +#define _VX_NETWORK_H
13451 +#include <linux/types.h>
13454 +#define MAX_N_CONTEXT 65535 /* Arbitrary limit */
13457 +/* network flags */
13459 +#define NXF_INFO_PRIVATE 0x00000008
13461 +#define NXF_SINGLE_IP 0x00000100
13462 +#define NXF_LBACK_REMAP 0x00000200
13463 +#define NXF_LBACK_ALLOW 0x00000400
13465 +#define NXF_HIDE_NETIF 0x02000000
13466 +#define NXF_HIDE_LBACK 0x04000000
13468 +#define NXF_STATE_SETUP (1ULL << 32)
13469 +#define NXF_STATE_ADMIN (1ULL << 34)
13471 +#define NXF_SC_HELPER (1ULL << 36)
13472 +#define NXF_PERSISTENT (1ULL << 38)
13474 +#define NXF_ONE_TIME (0x0005ULL << 32)
13477 +#define NXF_INIT_SET (__nxf_init_set())
13479 +static inline uint64_t __nxf_init_set(void) {
13480 + return NXF_STATE_ADMIN
13481 +#ifdef CONFIG_VSERVER_AUTO_LBACK
13482 + | NXF_LBACK_REMAP
13485 +#ifdef CONFIG_VSERVER_AUTO_SINGLE
13488 + | NXF_HIDE_NETIF;
13492 +/* network caps */
13494 +#define NXC_TUN_CREATE 0x00000001
13496 +#define NXC_RAW_ICMP 0x00000100
13499 +/* address types */
13501 +#define NXA_TYPE_IPV4 0x0001
13502 +#define NXA_TYPE_IPV6 0x0002
13504 +#define NXA_TYPE_NONE 0x0000
13505 +#define NXA_TYPE_ANY 0x00FF
13507 +#define NXA_TYPE_ADDR 0x0010
13508 +#define NXA_TYPE_MASK 0x0020
13509 +#define NXA_TYPE_RANGE 0x0040
13511 +#define NXA_MASK_ALL (NXA_TYPE_ADDR | NXA_TYPE_MASK | NXA_TYPE_RANGE)
13513 +#define NXA_MOD_BCAST 0x0100
13514 +#define NXA_MOD_LBACK 0x0200
13516 +#define NXA_LOOPBACK 0x1000
13518 +#define NXA_MASK_BIND (NXA_MASK_ALL | NXA_MOD_BCAST | NXA_MOD_LBACK)
13519 +#define NXA_MASK_SHOW (NXA_MASK_ALL | NXA_LOOPBACK)
13523 +#include <linux/list.h>
13524 +#include <linux/spinlock.h>
13525 +#include <linux/rcupdate.h>
13526 +#include <linux/in.h>
13527 +#include <linux/in6.h>
13528 +#include <asm/atomic.h>
13530 +struct nx_addr_v4 {
13531 + struct nx_addr_v4 *next;
13532 + struct in_addr ip[2];
13533 + struct in_addr mask;
13538 +struct nx_addr_v6 {
13539 + struct nx_addr_v6 *next;
13540 + struct in6_addr ip;
13541 + struct in6_addr mask;
13548 + struct hlist_node nx_hlist; /* linked list of nxinfos */
13549 + nid_t nx_id; /* vnet id */
13550 + atomic_t nx_usecnt; /* usage count */
13551 + atomic_t nx_tasks; /* tasks count */
13552 + int nx_state; /* context state */
13554 + uint64_t nx_flags; /* network flag word */
13555 + uint64_t nx_ncaps; /* network capabilities */
13557 + struct in_addr v4_lback; /* Loopback address */
13558 + struct in_addr v4_bcast; /* Broadcast address */
13559 + struct nx_addr_v4 v4; /* First/Single ipv4 address */
13560 +#ifdef CONFIG_IPV6
13561 + struct nx_addr_v6 v6; /* First/Single ipv6 address */
13563 + char nx_name[65]; /* network context name */
13567 +/* status flags */
13569 +#define NXS_HASHED 0x0001
13570 +#define NXS_SHUTDOWN 0x0100
13571 +#define NXS_RELEASED 0x8000
13573 +extern struct nx_info *lookup_nx_info(int);
13575 +extern int get_nid_list(int, unsigned int *, int);
13576 +extern int nid_is_hashed(nid_t);
13578 +extern int nx_migrate_task(struct task_struct *, struct nx_info *);
13580 +extern long vs_net_change(struct nx_info *, unsigned int);
13585 +#define NX_IPV4(n) ((n)->v4.type != NXA_TYPE_NONE)
13586 +#ifdef CONFIG_IPV6
13587 +#define NX_IPV6(n) ((n)->v6.type != NXA_TYPE_NONE)
13589 +#define NX_IPV6(n) (0)
13592 +#endif /* __KERNEL__ */
13593 +#endif /* _VX_NETWORK_H */
13594 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/network_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/network_cmd.h
13595 --- linux-3.0-rc5/include/linux/vserver/network_cmd.h 1970-01-01 01:00:00.000000000 +0100
13596 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/network_cmd.h 2011-06-10 22:11:24.000000000 +0200
13598 +#ifndef _VX_NETWORK_CMD_H
13599 +#define _VX_NETWORK_CMD_H
13602 +/* vinfo commands */
13604 +#define VCMD_task_nid VC_CMD(VINFO, 2, 0)
13607 +extern int vc_task_nid(uint32_t);
13609 +#endif /* __KERNEL__ */
13611 +#define VCMD_nx_info VC_CMD(VINFO, 6, 0)
13613 +struct vcmd_nx_info_v0 {
13615 + /* more to come */
13619 +extern int vc_nx_info(struct nx_info *, void __user *);
13621 +#endif /* __KERNEL__ */
13623 +#include <linux/in.h>
13624 +#include <linux/in6.h>
13626 +#define VCMD_net_create_v0 VC_CMD(VNET, 1, 0)
13627 +#define VCMD_net_create VC_CMD(VNET, 1, 1)
13629 +struct vcmd_net_create {
13630 + uint64_t flagword;
13633 +#define VCMD_net_migrate VC_CMD(NETMIG, 1, 0)
13635 +#define VCMD_net_add VC_CMD(NETALT, 1, 0)
13636 +#define VCMD_net_remove VC_CMD(NETALT, 2, 0)
13638 +struct vcmd_net_addr_v0 {
13641 + struct in_addr ip[4];
13642 + struct in_addr mask[4];
13645 +#define VCMD_net_add_ipv4_v1 VC_CMD(NETALT, 1, 1)
13646 +#define VCMD_net_rem_ipv4_v1 VC_CMD(NETALT, 2, 1)
13648 +struct vcmd_net_addr_ipv4_v1 {
13651 + struct in_addr ip;
13652 + struct in_addr mask;
13655 +#define VCMD_net_add_ipv4 VC_CMD(NETALT, 1, 2)
13656 +#define VCMD_net_rem_ipv4 VC_CMD(NETALT, 2, 2)
13658 +struct vcmd_net_addr_ipv4_v2 {
13661 + struct in_addr ip;
13662 + struct in_addr ip2;
13663 + struct in_addr mask;
13666 +#define VCMD_net_add_ipv6 VC_CMD(NETALT, 3, 1)
13667 +#define VCMD_net_remove_ipv6 VC_CMD(NETALT, 4, 1)
13669 +struct vcmd_net_addr_ipv6_v1 {
13673 + struct in6_addr ip;
13674 + struct in6_addr mask;
13677 +#define VCMD_add_match_ipv4 VC_CMD(NETALT, 5, 0)
13678 +#define VCMD_get_match_ipv4 VC_CMD(NETALT, 6, 0)
13680 +struct vcmd_match_ipv4_v0 {
13685 + struct in_addr ip;
13686 + struct in_addr ip2;
13687 + struct in_addr mask;
13690 +#define VCMD_add_match_ipv6 VC_CMD(NETALT, 7, 0)
13691 +#define VCMD_get_match_ipv6 VC_CMD(NETALT, 8, 0)
13693 +struct vcmd_match_ipv6_v0 {
13698 + struct in6_addr ip;
13699 + struct in6_addr ip2;
13700 + struct in6_addr mask;
13705 +extern int vc_net_create(uint32_t, void __user *);
13706 +extern int vc_net_migrate(struct nx_info *, void __user *);
13708 +extern int vc_net_add(struct nx_info *, void __user *);
13709 +extern int vc_net_remove(struct nx_info *, void __user *);
13711 +extern int vc_net_add_ipv4_v1(struct nx_info *, void __user *);
13712 +extern int vc_net_add_ipv4(struct nx_info *, void __user *);
13714 +extern int vc_net_rem_ipv4_v1(struct nx_info *, void __user *);
13715 +extern int vc_net_rem_ipv4(struct nx_info *, void __user *);
13717 +extern int vc_net_add_ipv6(struct nx_info *, void __user *);
13718 +extern int vc_net_remove_ipv6(struct nx_info *, void __user *);
13720 +extern int vc_add_match_ipv4(struct nx_info *, void __user *);
13721 +extern int vc_get_match_ipv4(struct nx_info *, void __user *);
13723 +extern int vc_add_match_ipv6(struct nx_info *, void __user *);
13724 +extern int vc_get_match_ipv6(struct nx_info *, void __user *);
13726 +#endif /* __KERNEL__ */
13729 +/* flag commands */
13731 +#define VCMD_get_nflags VC_CMD(FLAGS, 5, 0)
13732 +#define VCMD_set_nflags VC_CMD(FLAGS, 6, 0)
13734 +struct vcmd_net_flags_v0 {
13735 + uint64_t flagword;
13740 +extern int vc_get_nflags(struct nx_info *, void __user *);
13741 +extern int vc_set_nflags(struct nx_info *, void __user *);
13743 +#endif /* __KERNEL__ */
13746 +/* network caps commands */
13748 +#define VCMD_get_ncaps VC_CMD(FLAGS, 7, 0)
13749 +#define VCMD_set_ncaps VC_CMD(FLAGS, 8, 0)
13751 +struct vcmd_net_caps_v0 {
13757 +extern int vc_get_ncaps(struct nx_info *, void __user *);
13758 +extern int vc_set_ncaps(struct nx_info *, void __user *);
13760 +#endif /* __KERNEL__ */
13761 +#endif /* _VX_CONTEXT_CMD_H */
13762 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/percpu.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/percpu.h
13763 --- linux-3.0-rc5/include/linux/vserver/percpu.h 1970-01-01 01:00:00.000000000 +0100
13764 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/percpu.h 2011-06-10 22:11:24.000000000 +0200
13766 +#ifndef _VX_PERCPU_H
13767 +#define _VX_PERCPU_H
13769 +#include "cvirt_def.h"
13770 +#include "sched_def.h"
13772 +struct _vx_percpu {
13773 + struct _vx_cvirt_pc cvirt;
13774 + struct _vx_sched_pc sched;
13777 +#define PERCPU_PERCTX (sizeof(struct _vx_percpu))
13779 +#endif /* _VX_PERCPU_H */
13780 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/pid.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/pid.h
13781 --- linux-3.0-rc5/include/linux/vserver/pid.h 1970-01-01 01:00:00.000000000 +0100
13782 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/pid.h 2011-06-10 22:11:24.000000000 +0200
13784 +#ifndef _VSERVER_PID_H
13785 +#define _VSERVER_PID_H
13787 +/* pid faking stuff */
13789 +#define vx_info_map_pid(v, p) \
13790 + __vx_info_map_pid((v), (p), __func__, __FILE__, __LINE__)
13791 +#define vx_info_map_tgid(v,p) vx_info_map_pid(v,p)
13792 +#define vx_map_pid(p) vx_info_map_pid(current_vx_info(), p)
13793 +#define vx_map_tgid(p) vx_map_pid(p)
13795 +static inline int __vx_info_map_pid(struct vx_info *vxi, int pid,
13796 + const char *func, const char *file, int line)
13798 + if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
13799 + vxfprintk(VXD_CBIT(cvirt, 2),
13800 + "vx_map_tgid: %p/%llx: %d -> %d",
13801 + vxi, (long long)vxi->vx_flags, pid,
13802 + (pid && pid == vxi->vx_initpid) ? 1 : pid,
13803 + func, file, line);
13806 + if (pid == vxi->vx_initpid)
13812 +#define vx_info_rmap_pid(v, p) \
13813 + __vx_info_rmap_pid((v), (p), __func__, __FILE__, __LINE__)
13814 +#define vx_rmap_pid(p) vx_info_rmap_pid(current_vx_info(), p)
13815 +#define vx_rmap_tgid(p) vx_rmap_pid(p)
13817 +static inline int __vx_info_rmap_pid(struct vx_info *vxi, int pid,
13818 + const char *func, const char *file, int line)
13820 + if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
13821 + vxfprintk(VXD_CBIT(cvirt, 2),
13822 + "vx_rmap_tgid: %p/%llx: %d -> %d",
13823 + vxi, (long long)vxi->vx_flags, pid,
13824 + (pid == 1) ? vxi->vx_initpid : pid,
13825 + func, file, line);
13826 + if ((pid == 1) && vxi->vx_initpid)
13827 + return vxi->vx_initpid;
13828 + if (pid == vxi->vx_initpid)
13835 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/sched.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/sched.h
13836 --- linux-3.0-rc5/include/linux/vserver/sched.h 1970-01-01 01:00:00.000000000 +0100
13837 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/sched.h 2011-06-10 22:11:24.000000000 +0200
13839 +#ifndef _VX_SCHED_H
13840 +#define _VX_SCHED_H
13847 +void vx_vsi_uptime(struct timespec *, struct timespec *);
13852 +void vx_update_load(struct vx_info *);
13855 +void vx_update_sched_param(struct _vx_sched *sched,
13856 + struct _vx_sched_pc *sched_pc);
13858 +#endif /* __KERNEL__ */
13859 +#else /* _VX_SCHED_H */
13860 +#warning duplicate inclusion
13861 +#endif /* _VX_SCHED_H */
13862 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/sched_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/sched_cmd.h
13863 --- linux-3.0-rc5/include/linux/vserver/sched_cmd.h 1970-01-01 01:00:00.000000000 +0100
13864 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/sched_cmd.h 2011-06-10 22:11:24.000000000 +0200
13866 +#ifndef _VX_SCHED_CMD_H
13867 +#define _VX_SCHED_CMD_H
13870 +struct vcmd_prio_bias {
13872 + int32_t prio_bias;
13875 +#define VCMD_set_prio_bias VC_CMD(SCHED, 4, 0)
13876 +#define VCMD_get_prio_bias VC_CMD(SCHED, 5, 0)
13880 +#include <linux/compiler.h>
13882 +extern int vc_set_prio_bias(struct vx_info *, void __user *);
13883 +extern int vc_get_prio_bias(struct vx_info *, void __user *);
13885 +#endif /* __KERNEL__ */
13886 +#endif /* _VX_SCHED_CMD_H */
13887 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/sched_def.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/sched_def.h
13888 --- linux-3.0-rc5/include/linux/vserver/sched_def.h 1970-01-01 01:00:00.000000000 +0100
13889 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/sched_def.h 2011-06-10 22:11:24.000000000 +0200
13891 +#ifndef _VX_SCHED_DEF_H
13892 +#define _VX_SCHED_DEF_H
13894 +#include <linux/spinlock.h>
13895 +#include <linux/jiffies.h>
13896 +#include <linux/cpumask.h>
13897 +#include <asm/atomic.h>
13898 +#include <asm/param.h>
13901 +/* context sub struct */
13903 +struct _vx_sched {
13904 + int prio_bias; /* bias offset for priority */
13906 + cpumask_t update; /* CPUs which should update */
13909 +struct _vx_sched_pc {
13910 + int prio_bias; /* bias offset for priority */
13912 + uint64_t user_ticks; /* token tick events */
13913 + uint64_t sys_ticks; /* token tick events */
13914 + uint64_t hold_ticks; /* token ticks paused */
13918 +#ifdef CONFIG_VSERVER_DEBUG
13920 +static inline void __dump_vx_sched(struct _vx_sched *sched)
13922 + printk("\t_vx_sched:\n");
13923 + printk("\t priority = %4d\n", sched->prio_bias);
13928 +#endif /* _VX_SCHED_DEF_H */
13929 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/signal.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/signal.h
13930 --- linux-3.0-rc5/include/linux/vserver/signal.h 1970-01-01 01:00:00.000000000 +0100
13931 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/signal.h 2011-06-10 22:11:24.000000000 +0200
13933 +#ifndef _VX_SIGNAL_H
13934 +#define _VX_SIGNAL_H
13941 +int vx_info_kill(struct vx_info *, int, int);
13943 +#endif /* __KERNEL__ */
13944 +#else /* _VX_SIGNAL_H */
13945 +#warning duplicate inclusion
13946 +#endif /* _VX_SIGNAL_H */
13947 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/signal_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/signal_cmd.h
13948 --- linux-3.0-rc5/include/linux/vserver/signal_cmd.h 1970-01-01 01:00:00.000000000 +0100
13949 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/signal_cmd.h 2011-06-10 22:11:24.000000000 +0200
13951 +#ifndef _VX_SIGNAL_CMD_H
13952 +#define _VX_SIGNAL_CMD_H
13955 +/* signalling vserver commands */
13957 +#define VCMD_ctx_kill VC_CMD(PROCTRL, 1, 0)
13958 +#define VCMD_wait_exit VC_CMD(EVENT, 99, 0)
13960 +struct vcmd_ctx_kill_v0 {
13965 +struct vcmd_wait_exit_v0 {
13966 + int32_t reboot_cmd;
13967 + int32_t exit_code;
13972 +extern int vc_ctx_kill(struct vx_info *, void __user *);
13973 +extern int vc_wait_exit(struct vx_info *, void __user *);
13975 +#endif /* __KERNEL__ */
13977 +/* process alteration commands */
13979 +#define VCMD_get_pflags VC_CMD(PROCALT, 5, 0)
13980 +#define VCMD_set_pflags VC_CMD(PROCALT, 6, 0)
13982 +struct vcmd_pflags_v0 {
13983 + uint32_t flagword;
13989 +extern int vc_get_pflags(uint32_t pid, void __user *);
13990 +extern int vc_set_pflags(uint32_t pid, void __user *);
13992 +#endif /* __KERNEL__ */
13993 +#endif /* _VX_SIGNAL_CMD_H */
13994 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/space.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/space.h
13995 --- linux-3.0-rc5/include/linux/vserver/space.h 1970-01-01 01:00:00.000000000 +0100
13996 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/space.h 2011-06-10 22:11:24.000000000 +0200
13998 +#ifndef _VX_SPACE_H
13999 +#define _VX_SPACE_H
14001 +#include <linux/types.h>
14005 +int vx_set_space(struct vx_info *vxi, unsigned long mask, unsigned index);
14007 +#else /* _VX_SPACE_H */
14008 +#warning duplicate inclusion
14009 +#endif /* _VX_SPACE_H */
14010 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/space_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/space_cmd.h
14011 --- linux-3.0-rc5/include/linux/vserver/space_cmd.h 1970-01-01 01:00:00.000000000 +0100
14012 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/space_cmd.h 2011-06-10 22:11:24.000000000 +0200
14014 +#ifndef _VX_SPACE_CMD_H
14015 +#define _VX_SPACE_CMD_H
14018 +#define VCMD_enter_space_v0 VC_CMD(PROCALT, 1, 0)
14019 +#define VCMD_enter_space_v1 VC_CMD(PROCALT, 1, 1)
14020 +#define VCMD_enter_space VC_CMD(PROCALT, 1, 2)
14022 +#define VCMD_set_space_v0 VC_CMD(PROCALT, 3, 0)
14023 +#define VCMD_set_space_v1 VC_CMD(PROCALT, 3, 1)
14024 +#define VCMD_set_space VC_CMD(PROCALT, 3, 2)
14026 +#define VCMD_get_space_mask_v0 VC_CMD(PROCALT, 4, 0)
14028 +#define VCMD_get_space_mask VC_CMD(VSPACE, 0, 1)
14029 +#define VCMD_get_space_default VC_CMD(VSPACE, 1, 0)
14032 +struct vcmd_space_mask_v1 {
14036 +struct vcmd_space_mask_v2 {
14044 +extern int vc_enter_space_v1(struct vx_info *, void __user *);
14045 +extern int vc_set_space_v1(struct vx_info *, void __user *);
14046 +extern int vc_enter_space(struct vx_info *, void __user *);
14047 +extern int vc_set_space(struct vx_info *, void __user *);
14048 +extern int vc_get_space_mask(void __user *, int);
14050 +#endif /* __KERNEL__ */
14051 +#endif /* _VX_SPACE_CMD_H */
14052 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/switch.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/switch.h
14053 --- linux-3.0-rc5/include/linux/vserver/switch.h 1970-01-01 01:00:00.000000000 +0100
14054 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/switch.h 2011-06-10 22:11:24.000000000 +0200
14056 +#ifndef _VX_SWITCH_H
14057 +#define _VX_SWITCH_H
14059 +#include <linux/types.h>
14062 +#define VC_CATEGORY(c) (((c) >> 24) & 0x3F)
14063 +#define VC_COMMAND(c) (((c) >> 16) & 0xFF)
14064 +#define VC_VERSION(c) ((c) & 0xFFF)
14066 +#define VC_CMD(c, i, v) ((((VC_CAT_ ## c) & 0x3F) << 24) \
14067 + | (((i) & 0xFF) << 16) | ((v) & 0xFFF))
14071 + Syscall Matrix V2.8
14073 + |VERSION|CREATE |MODIFY |MIGRATE|CONTROL|EXPERIM| |SPECIAL|SPECIAL|
14074 + |STATS |DESTROY|ALTER |CHANGE |LIMIT |TEST | | | |
14075 + |INFO |SETUP | |MOVE | | | | | |
14076 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14077 + SYSTEM |VERSION|VSETUP |VHOST | | | | |DEVICE | |
14078 + HOST | 00| 01| 02| 03| 04| 05| | 06| 07|
14079 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14080 + CPU | |VPROC |PROCALT|PROCMIG|PROCTRL| | |SCHED. | |
14081 + PROCESS| 08| 09| 10| 11| 12| 13| | 14| 15|
14082 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14083 + MEMORY | | | | |MEMCTRL| | |SWAP | |
14084 + | 16| 17| 18| 19| 20| 21| | 22| 23|
14085 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14086 + NETWORK| |VNET |NETALT |NETMIG |NETCTL | | |SERIAL | |
14087 + | 24| 25| 26| 27| 28| 29| | 30| 31|
14088 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14089 + DISK | | | |TAGMIG |DLIMIT | | |INODE | |
14090 + VFS | 32| 33| 34| 35| 36| 37| | 38| 39|
14091 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14092 + OTHER |VSTAT | | | | | | |VINFO | |
14093 + | 40| 41| 42| 43| 44| 45| | 46| 47|
14094 + =======+=======+=======+=======+=======+=======+=======+ +=======+=======+
14095 + SPECIAL|EVENT | | | |FLAGS | | |VSPACE | |
14096 + | 48| 49| 50| 51| 52| 53| | 54| 55|
14097 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14098 + SPECIAL|DEBUG | | | |RLIMIT |SYSCALL| | |COMPAT |
14099 + | 56| 57| 58| 59| 60|TEST 61| | 62| 63|
14100 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14104 +#define VC_CAT_VERSION 0
14106 +#define VC_CAT_VSETUP 1
14107 +#define VC_CAT_VHOST 2
14109 +#define VC_CAT_DEVICE 6
14111 +#define VC_CAT_VPROC 9
14112 +#define VC_CAT_PROCALT 10
14113 +#define VC_CAT_PROCMIG 11
14114 +#define VC_CAT_PROCTRL 12
14116 +#define VC_CAT_SCHED 14
14117 +#define VC_CAT_MEMCTRL 20
14119 +#define VC_CAT_VNET 25
14120 +#define VC_CAT_NETALT 26
14121 +#define VC_CAT_NETMIG 27
14122 +#define VC_CAT_NETCTRL 28
14124 +#define VC_CAT_TAGMIG 35
14125 +#define VC_CAT_DLIMIT 36
14126 +#define VC_CAT_INODE 38
14128 +#define VC_CAT_VSTAT 40
14129 +#define VC_CAT_VINFO 46
14130 +#define VC_CAT_EVENT 48
14132 +#define VC_CAT_FLAGS 52
14133 +#define VC_CAT_VSPACE 54
14134 +#define VC_CAT_DEBUG 56
14135 +#define VC_CAT_RLIMIT 60
14137 +#define VC_CAT_SYSTEST 61
14138 +#define VC_CAT_COMPAT 63
14140 +/* query version */
14142 +#define VCMD_get_version VC_CMD(VERSION, 0, 0)
14143 +#define VCMD_get_vci VC_CMD(VERSION, 1, 0)
14148 +#include <linux/errno.h>
14150 +#endif /* __KERNEL__ */
14152 +#endif /* _VX_SWITCH_H */
14154 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/tag.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/tag.h
14155 --- linux-3.0-rc5/include/linux/vserver/tag.h 1970-01-01 01:00:00.000000000 +0100
14156 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/tag.h 2011-06-10 22:11:24.000000000 +0200
14161 +#include <linux/types.h>
14164 +#define DX_TAG(in) (IS_TAGGED(in))
14167 +#ifdef CONFIG_TAG_NFSD
14168 +#define DX_TAG_NFSD 1
14170 +#define DX_TAG_NFSD 0
14174 +#ifdef CONFIG_TAGGING_NONE
14176 +#define MAX_UID 0xFFFFFFFF
14177 +#define MAX_GID 0xFFFFFFFF
14179 +#define INOTAG_TAG(cond, uid, gid, tag) (0)
14181 +#define TAGINO_UID(cond, uid, tag) (uid)
14182 +#define TAGINO_GID(cond, gid, tag) (gid)
14187 +#ifdef CONFIG_TAGGING_GID16
14189 +#define MAX_UID 0xFFFFFFFF
14190 +#define MAX_GID 0x0000FFFF
14192 +#define INOTAG_TAG(cond, uid, gid, tag) \
14193 + ((cond) ? (((gid) >> 16) & 0xFFFF) : 0)
14195 +#define TAGINO_UID(cond, uid, tag) (uid)
14196 +#define TAGINO_GID(cond, gid, tag) \
14197 + ((cond) ? (((gid) & 0xFFFF) | ((tag) << 16)) : (gid))
14202 +#ifdef CONFIG_TAGGING_ID24
14204 +#define MAX_UID 0x00FFFFFF
14205 +#define MAX_GID 0x00FFFFFF
14207 +#define INOTAG_TAG(cond, uid, gid, tag) \
14208 + ((cond) ? ((((uid) >> 16) & 0xFF00) | (((gid) >> 24) & 0xFF)) : 0)
14210 +#define TAGINO_UID(cond, uid, tag) \
14211 + ((cond) ? (((uid) & 0xFFFFFF) | (((tag) & 0xFF00) << 16)) : (uid))
14212 +#define TAGINO_GID(cond, gid, tag) \
14213 + ((cond) ? (((gid) & 0xFFFFFF) | (((tag) & 0x00FF) << 24)) : (gid))
14218 +#ifdef CONFIG_TAGGING_UID16
14220 +#define MAX_UID 0x0000FFFF
14221 +#define MAX_GID 0xFFFFFFFF
14223 +#define INOTAG_TAG(cond, uid, gid, tag) \
14224 + ((cond) ? (((uid) >> 16) & 0xFFFF) : 0)
14226 +#define TAGINO_UID(cond, uid, tag) \
14227 + ((cond) ? (((uid) & 0xFFFF) | ((tag) << 16)) : (uid))
14228 +#define TAGINO_GID(cond, gid, tag) (gid)
14233 +#ifdef CONFIG_TAGGING_INTERN
14235 +#define MAX_UID 0xFFFFFFFF
14236 +#define MAX_GID 0xFFFFFFFF
14238 +#define INOTAG_TAG(cond, uid, gid, tag) \
14239 + ((cond) ? (tag) : 0)
14241 +#define TAGINO_UID(cond, uid, tag) (uid)
14242 +#define TAGINO_GID(cond, gid, tag) (gid)
14247 +#ifndef CONFIG_TAGGING_NONE
14248 +#define dx_current_fstag(sb) \
14249 + ((sb)->s_flags & MS_TAGGED ? dx_current_tag() : 0)
14251 +#define dx_current_fstag(sb) (0)
14254 +#ifndef CONFIG_TAGGING_INTERN
14255 +#define TAGINO_TAG(cond, tag) (0)
14257 +#define TAGINO_TAG(cond, tag) ((cond) ? (tag) : 0)
14260 +#define INOTAG_UID(cond, uid, gid) \
14261 + ((cond) ? ((uid) & MAX_UID) : (uid))
14262 +#define INOTAG_GID(cond, uid, gid) \
14263 + ((cond) ? ((gid) & MAX_GID) : (gid))
14266 +static inline uid_t dx_map_uid(uid_t uid)
14268 + if ((uid > MAX_UID) && (uid != -1))
14270 + return (uid & MAX_UID);
14273 +static inline gid_t dx_map_gid(gid_t gid)
14275 + if ((gid > MAX_GID) && (gid != -1))
14277 + return (gid & MAX_GID);
14285 +#define dx_notagcheck(sb) ((sb) && ((sb)->s_flags & MS_NOTAGCHECK))
14287 +int dx_parse_tag(char *string, tag_t *tag, int remove, int *mnt_flags,
14288 + unsigned long *flags);
14290 +#ifdef CONFIG_PROPAGATE
14292 +void __dx_propagate_tag(struct nameidata *nd, struct inode *inode);
14294 +#define dx_propagate_tag(n, i) __dx_propagate_tag(n, i)
14297 +#define dx_propagate_tag(n, i) do { } while (0)
14300 +#endif /* _DX_TAG_H */
14301 diff -NurpP --minimal linux-3.0-rc5/include/linux/vserver/tag_cmd.h linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/tag_cmd.h
14302 --- linux-3.0-rc5/include/linux/vserver/tag_cmd.h 1970-01-01 01:00:00.000000000 +0100
14303 +++ linux-3.0-rc5-vs2.3.1-pre3/include/linux/vserver/tag_cmd.h 2011-06-10 22:11:24.000000000 +0200
14305 +#ifndef _VX_TAG_CMD_H
14306 +#define _VX_TAG_CMD_H
14309 +/* vinfo commands */
14311 +#define VCMD_task_tag VC_CMD(VINFO, 3, 0)
14314 +extern int vc_task_tag(uint32_t);
14316 +#endif /* __KERNEL__ */
14318 +/* context commands */
14320 +#define VCMD_tag_migrate VC_CMD(TAGMIG, 1, 0)
14323 +extern int vc_tag_migrate(uint32_t);
14325 +#endif /* __KERNEL__ */
14326 +#endif /* _VX_TAG_CMD_H */
14327 diff -NurpP --minimal linux-3.0-rc5/include/net/addrconf.h linux-3.0-rc5-vs2.3.1-pre3/include/net/addrconf.h
14328 --- linux-3.0-rc5/include/net/addrconf.h 2011-07-01 11:14:22.000000000 +0200
14329 +++ linux-3.0-rc5-vs2.3.1-pre3/include/net/addrconf.h 2011-06-10 22:11:24.000000000 +0200
14330 @@ -80,7 +80,8 @@ extern int ipv6_dev_get_saddr(struct n
14331 struct net_device *dev,
14332 const struct in6_addr *daddr,
14333 unsigned int srcprefs,
14334 - struct in6_addr *saddr);
14335 + struct in6_addr *saddr,
14336 + struct nx_info *nxi);
14337 extern int ipv6_get_lladdr(struct net_device *dev,
14338 struct in6_addr *addr,
14339 unsigned char banned_flags);
14340 diff -NurpP --minimal linux-3.0-rc5/include/net/af_unix.h linux-3.0-rc5-vs2.3.1-pre3/include/net/af_unix.h
14341 --- linux-3.0-rc5/include/net/af_unix.h 2011-07-01 11:14:22.000000000 +0200
14342 +++ linux-3.0-rc5-vs2.3.1-pre3/include/net/af_unix.h 2011-06-10 22:11:24.000000000 +0200
14344 #include <linux/socket.h>
14345 #include <linux/un.h>
14346 #include <linux/mutex.h>
14347 +#include <linux/vs_base.h>
14348 #include <net/sock.h>
14350 extern void unix_inflight(struct file *fp);
14351 diff -NurpP --minimal linux-3.0-rc5/include/net/inet_timewait_sock.h linux-3.0-rc5-vs2.3.1-pre3/include/net/inet_timewait_sock.h
14352 --- linux-3.0-rc5/include/net/inet_timewait_sock.h 2011-03-15 18:07:40.000000000 +0100
14353 +++ linux-3.0-rc5-vs2.3.1-pre3/include/net/inet_timewait_sock.h 2011-06-10 22:11:24.000000000 +0200
14354 @@ -113,6 +113,10 @@ struct inet_timewait_sock {
14355 #define tw_net __tw_common.skc_net
14356 #define tw_daddr __tw_common.skc_daddr
14357 #define tw_rcv_saddr __tw_common.skc_rcv_saddr
14358 +#define tw_xid __tw_common.skc_xid
14359 +#define tw_vx_info __tw_common.skc_vx_info
14360 +#define tw_nid __tw_common.skc_nid
14361 +#define tw_nx_info __tw_common.skc_nx_info
14363 volatile unsigned char tw_substate;
14364 unsigned char tw_rcv_wscale;
14365 diff -NurpP --minimal linux-3.0-rc5/include/net/ip6_route.h linux-3.0-rc5-vs2.3.1-pre3/include/net/ip6_route.h
14366 --- linux-3.0-rc5/include/net/ip6_route.h 2011-07-01 11:14:22.000000000 +0200
14367 +++ linux-3.0-rc5-vs2.3.1-pre3/include/net/ip6_route.h 2011-06-16 14:16:51.000000000 +0200
14368 @@ -86,7 +86,8 @@ extern int ip6_route_get_saddr(struct
14369 struct rt6_info *rt,
14370 const struct in6_addr *daddr,
14371 unsigned int prefs,
14372 - struct in6_addr *saddr);
14373 + struct in6_addr *saddr,
14374 + struct nx_info *nxi);
14376 extern struct rt6_info *rt6_lookup(struct net *net,
14377 const struct in6_addr *daddr,
14378 diff -NurpP --minimal linux-3.0-rc5/include/net/route.h linux-3.0-rc5-vs2.3.1-pre3/include/net/route.h
14379 --- linux-3.0-rc5/include/net/route.h 2011-07-01 11:14:22.000000000 +0200
14380 +++ linux-3.0-rc5-vs2.3.1-pre3/include/net/route.h 2011-06-13 18:20:44.000000000 +0200
14381 @@ -202,6 +202,9 @@ static inline void ip_rt_put(struct rtab
14382 dst_release(&rt->dst);
14385 +#include <linux/vs_base.h>
14386 +#include <linux/vs_inet.h>
14388 #define IPTOS_RT_MASK (IPTOS_TOS_MASK & ~3)
14390 extern const __u8 ip_tos2prio[16];
14391 @@ -253,6 +256,9 @@ static inline void ip_route_connect_init
14392 protocol, flow_flags, dst, src, dport, sport);
14395 +extern struct rtable *ip_v4_find_src(struct net *net, struct nx_info *,
14396 + struct flowi4 *);
14398 static inline struct rtable *ip_route_connect(struct flowi4 *fl4,
14399 __be32 dst, __be32 src, u32 tos,
14400 int oif, u8 protocol,
14401 @@ -261,11 +267,24 @@ static inline struct rtable *ip_route_co
14403 struct net *net = sock_net(sk);
14405 + struct nx_info *nx_info = current_nx_info();
14407 ip_route_connect_init(fl4, dst, src, tos, oif, protocol,
14408 sport, dport, sk, can_sleep);
14410 - if (!dst || !src) {
14412 + nx_info = sk->sk_nx_info;
14414 + vxdprintk(VXD_CBIT(net, 4),
14415 + "ip_route_connect(%p) %p,%p;%lx",
14416 + sk, nx_info, sk->sk_socket,
14417 + (sk->sk_socket?sk->sk_socket->flags:0));
14419 + rt = ip_v4_find_src(net, nx_info, fl4);
14423 + if (!fl4->daddr || !fl4->saddr) {
14424 rt = __ip_route_output_key(net, fl4);
14427 diff -NurpP --minimal linux-3.0-rc5/include/net/sock.h linux-3.0-rc5-vs2.3.1-pre3/include/net/sock.h
14428 --- linux-3.0-rc5/include/net/sock.h 2011-07-01 11:14:22.000000000 +0200
14429 +++ linux-3.0-rc5-vs2.3.1-pre3/include/net/sock.h 2011-07-01 11:35:35.000000000 +0200
14430 @@ -149,6 +149,10 @@ struct sock_common {
14431 #ifdef CONFIG_NET_NS
14432 struct net *skc_net;
14435 + struct vx_info *skc_vx_info;
14437 + struct nx_info *skc_nx_info;
14439 * fields between dontcopy_begin/dontcopy_end
14440 * are not copied in sock_copy()
14441 @@ -256,6 +260,10 @@ struct sock {
14442 #define sk_bind_node __sk_common.skc_bind_node
14443 #define sk_prot __sk_common.skc_prot
14444 #define sk_net __sk_common.skc_net
14445 +#define sk_xid __sk_common.skc_xid
14446 +#define sk_vx_info __sk_common.skc_vx_info
14447 +#define sk_nid __sk_common.skc_nid
14448 +#define sk_nx_info __sk_common.skc_nx_info
14449 socket_lock_t sk_lock;
14450 struct sk_buff_head sk_receive_queue;
14452 diff -NurpP --minimal linux-3.0-rc5/init/Kconfig linux-3.0-rc5-vs2.3.1-pre3/init/Kconfig
14453 --- linux-3.0-rc5/init/Kconfig 2011-07-01 11:14:22.000000000 +0200
14454 +++ linux-3.0-rc5-vs2.3.1-pre3/init/Kconfig 2011-06-22 12:39:15.000000000 +0200
14455 @@ -574,6 +574,7 @@ config HAVE_UNSTABLE_SCHED_CLOCK
14457 boolean "Control Group support"
14461 This option adds support for grouping sets of processes together, for
14462 use with process control subsystems such as Cpusets, CFS, memory
14463 diff -NurpP --minimal linux-3.0-rc5/init/main.c linux-3.0-rc5-vs2.3.1-pre3/init/main.c
14464 --- linux-3.0-rc5/init/main.c 2011-07-01 11:14:22.000000000 +0200
14465 +++ linux-3.0-rc5-vs2.3.1-pre3/init/main.c 2011-06-22 12:39:15.000000000 +0200
14467 #include <linux/shmem_fs.h>
14468 #include <linux/slab.h>
14469 #include <linux/perf_event.h>
14470 +#include <linux/vserver/percpu.h>
14472 #include <asm/io.h>
14473 #include <asm/bugs.h>
14474 diff -NurpP --minimal linux-3.0-rc5/ipc/mqueue.c linux-3.0-rc5-vs2.3.1-pre3/ipc/mqueue.c
14475 --- linux-3.0-rc5/ipc/mqueue.c 2011-03-15 18:07:41.000000000 +0100
14476 +++ linux-3.0-rc5-vs2.3.1-pre3/ipc/mqueue.c 2011-06-10 22:11:24.000000000 +0200
14478 #include <linux/pid.h>
14479 #include <linux/ipc_namespace.h>
14480 #include <linux/slab.h>
14481 +#include <linux/vs_context.h>
14482 +#include <linux/vs_limit.h>
14484 #include <net/sock.h>
14486 @@ -66,6 +68,7 @@ struct mqueue_inode_info {
14487 struct sigevent notify;
14488 struct pid* notify_owner;
14489 struct user_struct *user; /* user who created, for accounting */
14490 + struct vx_info *vxi;
14491 struct sock *notify_sock;
14492 struct sk_buff *notify_cookie;
14494 @@ -126,6 +129,7 @@ static struct inode *mqueue_get_inode(st
14495 if (S_ISREG(mode)) {
14496 struct mqueue_inode_info *info;
14497 struct task_struct *p = current;
14498 + struct vx_info *vxi = p->vx_info;
14499 unsigned long mq_bytes, mq_msg_tblsz;
14501 inode->i_fop = &mqueue_file_operations;
14502 @@ -139,6 +143,7 @@ static struct inode *mqueue_get_inode(st
14503 info->notify_owner = NULL;
14505 info->user = NULL; /* set when all is ok */
14506 + info->vxi = NULL;
14507 memset(&info->attr, 0, sizeof(info->attr));
14508 info->attr.mq_maxmsg = ipc_ns->mq_msg_max;
14509 info->attr.mq_msgsize = ipc_ns->mq_msgsize_max;
14510 @@ -157,16 +162,19 @@ static struct inode *mqueue_get_inode(st
14511 spin_lock(&mq_lock);
14512 if (u->mq_bytes + mq_bytes < u->mq_bytes ||
14513 u->mq_bytes + mq_bytes >
14514 - task_rlimit(p, RLIMIT_MSGQUEUE)) {
14515 + task_rlimit(p, RLIMIT_MSGQUEUE) ||
14516 + !vx_ipcmsg_avail(vxi, mq_bytes)) {
14517 spin_unlock(&mq_lock);
14518 /* mqueue_evict_inode() releases info->messages */
14521 u->mq_bytes += mq_bytes;
14522 + vx_ipcmsg_add(vxi, u, mq_bytes);
14523 spin_unlock(&mq_lock);
14526 info->user = get_uid(u);
14527 + info->vxi = get_vx_info(vxi);
14528 } else if (S_ISDIR(mode)) {
14530 /* Some things misbehave if size == 0 on a directory */
14531 @@ -275,8 +283,11 @@ static void mqueue_evict_inode(struct in
14532 + info->attr.mq_msgsize);
14535 + struct vx_info *vxi = info->vxi;
14537 spin_lock(&mq_lock);
14538 user->mq_bytes -= mq_bytes;
14539 + vx_ipcmsg_sub(vxi, user, mq_bytes);
14541 * get_ns_from_inode() ensures that the
14542 * (ipc_ns = sb->s_fs_info) is either a valid ipc_ns
14543 @@ -286,6 +297,7 @@ static void mqueue_evict_inode(struct in
14545 ipc_ns->mq_queues_count--;
14546 spin_unlock(&mq_lock);
14547 + put_vx_info(vxi);
14551 diff -NurpP --minimal linux-3.0-rc5/ipc/msg.c linux-3.0-rc5-vs2.3.1-pre3/ipc/msg.c
14552 --- linux-3.0-rc5/ipc/msg.c 2011-05-22 16:17:59.000000000 +0200
14553 +++ linux-3.0-rc5-vs2.3.1-pre3/ipc/msg.c 2011-06-10 22:11:24.000000000 +0200
14555 #include <linux/rwsem.h>
14556 #include <linux/nsproxy.h>
14557 #include <linux/ipc_namespace.h>
14558 +#include <linux/vs_base.h>
14560 #include <asm/current.h>
14561 #include <asm/uaccess.h>
14562 @@ -190,6 +191,7 @@ static int newque(struct ipc_namespace *
14564 msq->q_perm.mode = msgflg & S_IRWXUGO;
14565 msq->q_perm.key = key;
14566 + msq->q_perm.xid = vx_current_xid();
14568 msq->q_perm.security = NULL;
14569 retval = security_msg_queue_alloc(msq);
14570 diff -NurpP --minimal linux-3.0-rc5/ipc/namespace.c linux-3.0-rc5-vs2.3.1-pre3/ipc/namespace.c
14571 --- linux-3.0-rc5/ipc/namespace.c 2011-07-01 11:14:22.000000000 +0200
14572 +++ linux-3.0-rc5-vs2.3.1-pre3/ipc/namespace.c 2011-06-13 14:09:44.000000000 +0200
14573 @@ -13,11 +13,12 @@
14574 #include <linux/mount.h>
14575 #include <linux/user_namespace.h>
14576 #include <linux/proc_fs.h>
14577 +#include <linux/vs_base.h>
14578 +#include <linux/vserver/global.h>
14582 -static struct ipc_namespace *create_ipc_ns(struct task_struct *tsk,
14583 - struct ipc_namespace *old_ns)
14584 +static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns)
14586 struct ipc_namespace *ns;
14588 @@ -46,19 +47,18 @@ static struct ipc_namespace *create_ipc_
14589 ipcns_notify(IPCNS_CREATED);
14590 register_ipcns_notifier(ns);
14592 - ns->user_ns = get_user_ns(task_cred_xxx(tsk, user)->user_ns);
14593 + ns->user_ns = get_user_ns(user_ns);
14598 struct ipc_namespace *copy_ipcs(unsigned long flags,
14599 - struct task_struct *tsk)
14600 + struct ipc_namespace *old_ns,
14601 + struct user_namespace *user_ns)
14603 - struct ipc_namespace *ns = tsk->nsproxy->ipc_ns;
14605 if (!(flags & CLONE_NEWIPC))
14606 - return get_ipc_ns(ns);
14607 - return create_ipc_ns(tsk, ns);
14608 + return get_ipc_ns(old_ns);
14609 + return create_ipc_ns(user_ns);
14613 diff -NurpP --minimal linux-3.0-rc5/ipc/sem.c linux-3.0-rc5-vs2.3.1-pre3/ipc/sem.c
14614 --- linux-3.0-rc5/ipc/sem.c 2011-05-22 16:17:59.000000000 +0200
14615 +++ linux-3.0-rc5-vs2.3.1-pre3/ipc/sem.c 2011-06-10 22:11:24.000000000 +0200
14617 #include <linux/rwsem.h>
14618 #include <linux/nsproxy.h>
14619 #include <linux/ipc_namespace.h>
14620 +#include <linux/vs_base.h>
14621 +#include <linux/vs_limit.h>
14623 #include <asm/uaccess.h>
14625 @@ -260,6 +262,7 @@ static int newary(struct ipc_namespace *
14627 sma->sem_perm.mode = (semflg & S_IRWXUGO);
14628 sma->sem_perm.key = key;
14629 + sma->sem_perm.xid = vx_current_xid();
14631 sma->sem_perm.security = NULL;
14632 retval = security_sem_alloc(sma);
14633 @@ -275,6 +278,9 @@ static int newary(struct ipc_namespace *
14636 ns->used_sems += nsems;
14637 + /* FIXME: obsoleted? */
14638 + vx_semary_inc(sma);
14639 + vx_nsems_add(sma, nsems);
14641 sma->sem_base = (struct sem *) &sma[1];
14643 @@ -730,6 +736,9 @@ static void freeary(struct ipc_namespace
14645 wake_up_sem_queue_do(&tasks);
14646 ns->used_sems -= sma->sem_nsems;
14647 + /* FIXME: obsoleted? */
14648 + vx_nsems_sub(sma, sma->sem_nsems);
14649 + vx_semary_dec(sma);
14650 security_sem_free(sma);
14651 ipc_rcu_putref(sma);
14653 diff -NurpP --minimal linux-3.0-rc5/ipc/shm.c linux-3.0-rc5-vs2.3.1-pre3/ipc/shm.c
14654 --- linux-3.0-rc5/ipc/shm.c 2011-07-01 11:14:22.000000000 +0200
14655 +++ linux-3.0-rc5-vs2.3.1-pre3/ipc/shm.c 2011-06-10 22:11:24.000000000 +0200
14657 #include <linux/nsproxy.h>
14658 #include <linux/mount.h>
14659 #include <linux/ipc_namespace.h>
14660 +#include <linux/vs_context.h>
14661 +#include <linux/vs_limit.h>
14663 #include <asm/uaccess.h>
14665 @@ -173,7 +175,12 @@ static void shm_open(struct vm_area_stru
14667 static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp)
14669 - ns->shm_tot -= (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
14670 + struct vx_info *vxi = lookup_vx_info(shp->shm_perm.xid);
14671 + int numpages = (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
14673 + vx_ipcshm_sub(vxi, shp, numpages);
14674 + ns->shm_tot -= numpages;
14678 if (!is_file_hugepages(shp->shm_file))
14679 @@ -183,6 +190,7 @@ static void shm_destroy(struct ipc_names
14681 fput (shp->shm_file);
14682 security_shm_free(shp);
14683 + put_vx_info(vxi);
14684 ipc_rcu_putref(shp);
14687 @@ -355,11 +363,15 @@ static int newseg(struct ipc_namespace *
14688 if (ns->shm_tot + numpages > ns->shm_ctlall)
14691 + if (!vx_ipcshm_avail(current_vx_info(), numpages))
14694 shp = ipc_rcu_alloc(sizeof(*shp));
14698 shp->shm_perm.key = key;
14699 + shp->shm_perm.xid = vx_current_xid();
14700 shp->shm_perm.mode = (shmflg & S_IRWXUGO);
14701 shp->mlock_user = NULL;
14703 @@ -413,6 +425,7 @@ static int newseg(struct ipc_namespace *
14704 ns->shm_tot += numpages;
14705 error = shp->shm_perm.id;
14707 + vx_ipcshm_add(current_vx_info(), key, numpages);
14711 diff -NurpP --minimal linux-3.0-rc5/kernel/Makefile linux-3.0-rc5-vs2.3.1-pre3/kernel/Makefile
14712 --- linux-3.0-rc5/kernel/Makefile 2011-07-01 11:14:22.000000000 +0200
14713 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/Makefile 2011-06-10 22:11:24.000000000 +0200
14714 @@ -24,6 +24,7 @@ CFLAGS_REMOVE_sched_clock.o = -pg
14715 CFLAGS_REMOVE_irq_work.o = -pg
14719 obj-$(CONFIG_FREEZER) += freezer.o
14720 obj-$(CONFIG_PROFILING) += profile.o
14721 obj-$(CONFIG_SYSCTL_SYSCALL_CHECK) += sysctl_check.o
14722 diff -NurpP --minimal linux-3.0-rc5/kernel/capability.c linux-3.0-rc5-vs2.3.1-pre3/kernel/capability.c
14723 --- linux-3.0-rc5/kernel/capability.c 2011-07-01 11:14:22.000000000 +0200
14724 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/capability.c 2011-06-10 22:21:49.000000000 +0200
14726 #include <linux/syscalls.h>
14727 #include <linux/pid_namespace.h>
14728 #include <linux/user_namespace.h>
14729 +#include <linux/vs_context.h>
14730 #include <asm/uaccess.h>
14733 @@ -116,6 +117,7 @@ static int cap_validate_magic(cap_user_h
14739 * The only thing that can change the capabilities of the current
14740 * process is the current process. As such, we can't be in this code
14741 @@ -340,6 +342,8 @@ bool has_capability_noaudit(struct task_
14745 +#include <linux/vserver/base.h>
14748 * capable - Determine if the current task has a superior capability in effect
14749 * @cap: The capability to be tested for
14750 @@ -369,6 +373,9 @@ EXPORT_SYMBOL(capable);
14752 bool ns_capable(struct user_namespace *ns, int cap)
14754 + /* here for now so we don't require task locking */
14755 + if (vs_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap))
14757 if (unlikely(!cap_valid(cap))) {
14758 printk(KERN_CRIT "capable() called with invalid cap=%u\n", cap);
14760 diff -NurpP --minimal linux-3.0-rc5/kernel/compat.c linux-3.0-rc5-vs2.3.1-pre3/kernel/compat.c
14761 --- linux-3.0-rc5/kernel/compat.c 2011-07-01 11:14:22.000000000 +0200
14762 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/compat.c 2011-06-10 22:11:24.000000000 +0200
14763 @@ -970,7 +970,7 @@ asmlinkage long compat_sys_stime(compat_
14767 - do_settimeofday(&tv);
14768 + vx_settimeofday(&tv);
14772 diff -NurpP --minimal linux-3.0-rc5/kernel/cred.c linux-3.0-rc5-vs2.3.1-pre3/kernel/cred.c
14773 --- linux-3.0-rc5/kernel/cred.c 2011-07-01 11:14:22.000000000 +0200
14774 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/cred.c 2011-06-10 22:11:24.000000000 +0200
14775 @@ -61,31 +61,6 @@ struct cred init_cred = {
14779 -static inline void set_cred_subscribers(struct cred *cred, int n)
14781 -#ifdef CONFIG_DEBUG_CREDENTIALS
14782 - atomic_set(&cred->subscribers, n);
14786 -static inline int read_cred_subscribers(const struct cred *cred)
14788 -#ifdef CONFIG_DEBUG_CREDENTIALS
14789 - return atomic_read(&cred->subscribers);
14795 -static inline void alter_cred_subscribers(const struct cred *_cred, int n)
14797 -#ifdef CONFIG_DEBUG_CREDENTIALS
14798 - struct cred *cred = (struct cred *) _cred;
14800 - atomic_add(n, &cred->subscribers);
14805 * Dispose of the shared task group credentials
14807 @@ -281,21 +256,16 @@ error:
14809 * Call commit_creds() or abort_creds() to clean up.
14811 -struct cred *prepare_creds(void)
14812 +struct cred *__prepare_creds(const struct cred *old)
14814 - struct task_struct *task = current;
14815 - const struct cred *old;
14818 - validate_process_creds();
14820 new = kmem_cache_alloc(cred_jar, GFP_KERNEL);
14824 kdebug("prepare_creds() alloc %p", new);
14826 - old = task->cred;
14827 memcpy(new, old, sizeof(struct cred));
14829 atomic_set(&new->usage, 1);
14830 @@ -322,6 +292,13 @@ error:
14835 +struct cred *prepare_creds(void)
14837 + validate_process_creds();
14839 + return __prepare_creds(current->cred);
14841 EXPORT_SYMBOL(prepare_creds);
14844 diff -NurpP --minimal linux-3.0-rc5/kernel/exit.c linux-3.0-rc5-vs2.3.1-pre3/kernel/exit.c
14845 --- linux-3.0-rc5/kernel/exit.c 2011-07-01 11:14:22.000000000 +0200
14846 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/exit.c 2011-06-22 12:39:15.000000000 +0200
14848 #include <linux/fs_struct.h>
14849 #include <linux/init_task.h>
14850 #include <linux/perf_event.h>
14851 +#include <linux/vs_limit.h>
14852 +#include <linux/vs_context.h>
14853 +#include <linux/vs_network.h>
14854 +#include <linux/vs_pid.h>
14855 #include <trace/events/sched.h>
14856 #include <linux/hw_breakpoint.h>
14857 #include <linux/oom.h>
14858 @@ -494,9 +498,11 @@ static void close_files(struct files_str
14859 filp_close(file, files);
14862 + vx_openfd_dec(i);
14870 @@ -1047,11 +1053,16 @@ NORET_TYPE void do_exit(long code)
14872 validate_creds_for_do_exit(tsk);
14874 + /* needs to stay after exit_notify() */
14875 + exit_vx_info(tsk, code);
14876 + exit_nx_info(tsk);
14880 /* causes final put_task_struct in finish_task_switch(). */
14881 tsk->state = TASK_DEAD;
14883 + printk("bad task: %p [%lx]\n", current, current->state);
14885 /* Avoid "noreturn function does return". */
14887 diff -NurpP --minimal linux-3.0-rc5/kernel/fork.c linux-3.0-rc5-vs2.3.1-pre3/kernel/fork.c
14888 --- linux-3.0-rc5/kernel/fork.c 2011-07-01 11:14:22.000000000 +0200
14889 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/fork.c 2011-06-10 22:21:02.000000000 +0200
14891 #include <linux/user-return-notifier.h>
14892 #include <linux/oom.h>
14893 #include <linux/khugepaged.h>
14894 +#include <linux/vs_context.h>
14895 +#include <linux/vs_network.h>
14896 +#include <linux/vs_limit.h>
14897 +#include <linux/vs_memory.h>
14899 #include <asm/pgtable.h>
14900 #include <asm/pgalloc.h>
14901 @@ -167,6 +171,8 @@ void free_task(struct task_struct *tsk)
14902 account_kernel_stack(tsk->stack, -1);
14903 free_thread_info(tsk->stack);
14904 rt_mutex_debug_task_free(tsk);
14905 + clr_vx_info(&tsk->vx_info);
14906 + clr_nx_info(&tsk->nx_info);
14907 ftrace_graph_exit_task(tsk);
14908 free_task_struct(tsk);
14910 @@ -505,6 +511,7 @@ static struct mm_struct * mm_init(struct
14911 if (likely(!mm_alloc_pgd(mm))) {
14913 mmu_notifier_mm_init(mm);
14914 + set_vx_info(&mm->mm_vx_info, p->vx_info);
14918 @@ -542,6 +549,7 @@ void __mmdrop(struct mm_struct *mm)
14919 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
14920 VM_BUG_ON(mm->pmd_huge_pte);
14922 + clr_vx_info(&mm->mm_vx_info);
14925 EXPORT_SYMBOL_GPL(__mmdrop);
14926 @@ -729,6 +737,7 @@ struct mm_struct *dup_mm(struct task_str
14929 memcpy(mm, oldmm, sizeof(*mm));
14930 + mm->mm_vx_info = NULL;
14931 mm_init_cpumask(mm);
14933 /* Initializing for Swap token stuff */
14934 @@ -772,6 +781,7 @@ fail_nocontext:
14935 * If init_new_context() failed, we cannot use mmput() to free the mm
14936 * because it calls destroy_context()
14938 + clr_vx_info(&mm->mm_vx_info);
14942 @@ -1057,6 +1067,8 @@ static struct task_struct *copy_process(
14944 struct task_struct *p;
14945 int cgroup_callbacks_done = 0;
14946 + struct vx_info *vxi;
14947 + struct nx_info *nxi;
14949 if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS))
14950 return ERR_PTR(-EINVAL);
14951 @@ -1103,7 +1115,12 @@ static struct task_struct *copy_process(
14952 DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled);
14953 DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
14955 + init_vx_info(&p->vx_info, current_vx_info());
14956 + init_nx_info(&p->nx_info, current_nx_info());
14959 + if (!vx_nproc_avail(1))
14960 + goto bad_fork_free;
14961 if (atomic_read(&p->real_cred->user->processes) >=
14962 task_rlimit(p, RLIMIT_NPROC)) {
14963 if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&
14964 @@ -1360,6 +1377,18 @@ static struct task_struct *copy_process(
14967 spin_unlock(¤t->sighand->siglock);
14969 + /* p is copy of current */
14970 + vxi = p->vx_info;
14972 + claim_vx_info(vxi, p);
14973 + atomic_inc(&vxi->cvirt.nr_threads);
14974 + atomic_inc(&vxi->cvirt.total_forks);
14977 + nxi = p->nx_info;
14979 + claim_nx_info(nxi, p);
14980 write_unlock_irq(&tasklist_lock);
14981 proc_fork_connector(p);
14982 cgroup_post_fork(p);
14983 diff -NurpP --minimal linux-3.0-rc5/kernel/kthread.c linux-3.0-rc5-vs2.3.1-pre3/kernel/kthread.c
14984 --- linux-3.0-rc5/kernel/kthread.c 2011-07-01 11:14:22.000000000 +0200
14985 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/kthread.c 2011-06-10 22:11:24.000000000 +0200
14987 #include <linux/mutex.h>
14988 #include <linux/slab.h>
14989 #include <linux/freezer.h>
14990 +#include <linux/vs_pid.h>
14991 #include <trace/events/sched.h>
14993 static DEFINE_SPINLOCK(kthread_create_lock);
14994 diff -NurpP --minimal linux-3.0-rc5/kernel/nsproxy.c linux-3.0-rc5-vs2.3.1-pre3/kernel/nsproxy.c
14995 --- linux-3.0-rc5/kernel/nsproxy.c 2011-07-01 11:14:23.000000000 +0200
14996 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/nsproxy.c 2011-06-13 14:09:44.000000000 +0200
14998 #include <linux/mnt_namespace.h>
14999 #include <linux/utsname.h>
15000 #include <linux/pid_namespace.h>
15001 +#include <linux/vserver/global.h>
15002 +#include <linux/vserver/debug.h>
15003 #include <net/net_namespace.h>
15004 #include <linux/ipc_namespace.h>
15005 #include <linux/proc_fs.h>
15006 @@ -46,8 +48,11 @@ static inline struct nsproxy *create_nsp
15007 struct nsproxy *nsproxy;
15009 nsproxy = kmem_cache_alloc(nsproxy_cachep, GFP_KERNEL);
15012 atomic_set(&nsproxy->count, 1);
15013 + atomic_inc(&vs_global_nsproxy);
15015 + vxdprintk(VXD_CBIT(space, 2), "create_nsproxy = %p[1]", nsproxy);
15019 @@ -56,8 +61,11 @@ static inline struct nsproxy *create_nsp
15020 * Return the newly created nsproxy. Do not attach this to the task,
15021 * leave it to the caller to do proper locking and attach it to task.
15023 -static struct nsproxy *create_new_namespaces(unsigned long flags,
15024 - struct task_struct *tsk, struct fs_struct *new_fs)
15025 +static struct nsproxy *unshare_namespaces(unsigned long flags,
15026 + struct nsproxy *orig,
15027 + struct fs_struct *new_fs,
15028 + struct user_namespace *new_user,
15029 + struct pid_namespace *new_pid)
15031 struct nsproxy *new_nsp;
15033 @@ -66,31 +74,31 @@ static struct nsproxy *create_new_namesp
15035 return ERR_PTR(-ENOMEM);
15037 - new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
15038 + new_nsp->mnt_ns = copy_mnt_ns(flags, orig->mnt_ns, new_fs);
15039 if (IS_ERR(new_nsp->mnt_ns)) {
15040 err = PTR_ERR(new_nsp->mnt_ns);
15044 - new_nsp->uts_ns = copy_utsname(flags, tsk);
15045 + new_nsp->uts_ns = copy_utsname(flags, orig->uts_ns, new_user);
15046 if (IS_ERR(new_nsp->uts_ns)) {
15047 err = PTR_ERR(new_nsp->uts_ns);
15051 - new_nsp->ipc_ns = copy_ipcs(flags, tsk);
15052 + new_nsp->ipc_ns = copy_ipcs(flags, orig->ipc_ns, new_user);
15053 if (IS_ERR(new_nsp->ipc_ns)) {
15054 err = PTR_ERR(new_nsp->ipc_ns);
15058 - new_nsp->pid_ns = copy_pid_ns(flags, task_active_pid_ns(tsk));
15059 + new_nsp->pid_ns = copy_pid_ns(flags, new_pid);
15060 if (IS_ERR(new_nsp->pid_ns)) {
15061 err = PTR_ERR(new_nsp->pid_ns);
15065 - new_nsp->net_ns = copy_net_ns(flags, tsk->nsproxy->net_ns);
15066 + new_nsp->net_ns = copy_net_ns(flags, orig->net_ns);
15067 if (IS_ERR(new_nsp->net_ns)) {
15068 err = PTR_ERR(new_nsp->net_ns);
15070 @@ -115,6 +123,40 @@ out_ns:
15071 return ERR_PTR(err);
15074 +static struct nsproxy *create_new_namespaces(unsigned long flags,
15075 + struct task_struct *tsk, struct fs_struct *new_fs)
15077 + return unshare_namespaces(flags, tsk->nsproxy,
15078 + new_fs, task_cred_xxx(tsk, user)->user_ns,
15079 + task_active_pid_ns(tsk));
15083 + * copies the nsproxy, setting refcount to 1, and grabbing a
15084 + * reference to all contained namespaces.
15086 +struct nsproxy *copy_nsproxy(struct nsproxy *orig)
15088 + struct nsproxy *ns = create_nsproxy();
15091 + memcpy(ns, orig, sizeof(struct nsproxy));
15092 + atomic_set(&ns->count, 1);
15095 + get_mnt_ns(ns->mnt_ns);
15097 + get_uts_ns(ns->uts_ns);
15099 + get_ipc_ns(ns->ipc_ns);
15101 + get_pid_ns(ns->pid_ns);
15103 + get_net(ns->net_ns);
15109 * called from clone. This now handles copy for nsproxy and all
15110 * namespaces therein.
15111 @@ -122,9 +164,12 @@ out_ns:
15112 int copy_namespaces(unsigned long flags, struct task_struct *tsk)
15114 struct nsproxy *old_ns = tsk->nsproxy;
15115 - struct nsproxy *new_ns;
15116 + struct nsproxy *new_ns = NULL;
15119 + vxdprintk(VXD_CBIT(space, 7), "copy_namespaces(0x%08lx,%p[%p])",
15120 + flags, tsk, old_ns);
15125 @@ -134,7 +179,7 @@ int copy_namespaces(unsigned long flags,
15126 CLONE_NEWPID | CLONE_NEWNET)))
15129 - if (!capable(CAP_SYS_ADMIN)) {
15130 + if (!vx_can_unshare(CAP_SYS_ADMIN, flags)) {
15134 @@ -161,6 +206,9 @@ int copy_namespaces(unsigned long flags,
15137 put_nsproxy(old_ns);
15138 + vxdprintk(VXD_CBIT(space, 3),
15139 + "copy_namespaces(0x%08lx,%p[%p]) = %d [%p]",
15140 + flags, tsk, old_ns, err, new_ns);
15144 @@ -174,7 +222,9 @@ void free_nsproxy(struct nsproxy *ns)
15145 put_ipc_ns(ns->ipc_ns);
15147 put_pid_ns(ns->pid_ns);
15148 - put_net(ns->net_ns);
15150 + put_net(ns->net_ns);
15151 + atomic_dec(&vs_global_nsproxy);
15152 kmem_cache_free(nsproxy_cachep, ns);
15155 @@ -187,11 +237,15 @@ int unshare_nsproxy_namespaces(unsigned
15159 + vxdprintk(VXD_CBIT(space, 4),
15160 + "unshare_nsproxy_namespaces(0x%08lx,[%p])",
15161 + unshare_flags, current->nsproxy);
15163 if (!(unshare_flags & (CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC |
15167 - if (!capable(CAP_SYS_ADMIN))
15168 + if (!vx_can_unshare(CAP_SYS_ADMIN, unshare_flags))
15171 *new_nsp = create_new_namespaces(unshare_flags, current,
15172 diff -NurpP --minimal linux-3.0-rc5/kernel/pid.c linux-3.0-rc5-vs2.3.1-pre3/kernel/pid.c
15173 --- linux-3.0-rc5/kernel/pid.c 2011-05-22 16:17:59.000000000 +0200
15174 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/pid.c 2011-06-10 22:11:24.000000000 +0200
15176 #include <linux/pid_namespace.h>
15177 #include <linux/init_task.h>
15178 #include <linux/syscalls.h>
15179 +#include <linux/vs_pid.h>
15181 #define pid_hashfn(nr, ns) \
15182 hash_long((unsigned long)nr + (unsigned long)ns, pidhash_shift)
15183 @@ -342,7 +343,7 @@ EXPORT_SYMBOL_GPL(find_pid_ns);
15185 struct pid *find_vpid(int nr)
15187 - return find_pid_ns(nr, current->nsproxy->pid_ns);
15188 + return find_pid_ns(vx_rmap_pid(nr), current->nsproxy->pid_ns);
15190 EXPORT_SYMBOL_GPL(find_vpid);
15192 @@ -402,6 +403,9 @@ void transfer_pid(struct task_struct *ol
15193 struct task_struct *pid_task(struct pid *pid, enum pid_type type)
15195 struct task_struct *result = NULL;
15197 + if (type == PIDTYPE_REALPID)
15198 + type = PIDTYPE_PID;
15200 struct hlist_node *first;
15201 first = rcu_dereference_check(hlist_first_rcu(&pid->tasks[type]),
15202 @@ -420,7 +424,7 @@ EXPORT_SYMBOL(pid_task);
15203 struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns)
15205 rcu_lockdep_assert(rcu_read_lock_held());
15206 - return pid_task(find_pid_ns(nr, ns), PIDTYPE_PID);
15207 + return pid_task(find_pid_ns(vx_rmap_pid(nr), ns), PIDTYPE_PID);
15210 struct task_struct *find_task_by_vpid(pid_t vnr)
15211 @@ -464,7 +468,7 @@ struct pid *find_get_pid(pid_t nr)
15213 EXPORT_SYMBOL_GPL(find_get_pid);
15215 -pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns)
15216 +pid_t pid_unmapped_nr_ns(struct pid *pid, struct pid_namespace *ns)
15220 @@ -477,6 +481,11 @@ pid_t pid_nr_ns(struct pid *pid, struct
15224 +pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns)
15226 + return vx_map_pid(pid_unmapped_nr_ns(pid, ns));
15229 pid_t pid_vnr(struct pid *pid)
15231 return pid_nr_ns(pid, current->nsproxy->pid_ns);
15232 diff -NurpP --minimal linux-3.0-rc5/kernel/pid_namespace.c linux-3.0-rc5-vs2.3.1-pre3/kernel/pid_namespace.c
15233 --- linux-3.0-rc5/kernel/pid_namespace.c 2011-05-22 16:17:59.000000000 +0200
15234 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/pid_namespace.c 2011-06-10 22:17:45.000000000 +0200
15236 #include <linux/acct.h>
15237 #include <linux/slab.h>
15238 #include <linux/proc_fs.h>
15239 +#include <linux/vserver/global.h>
15241 #define BITS_PER_PAGE (PAGE_SIZE*8)
15243 @@ -88,6 +89,7 @@ static struct pid_namespace *create_pid_
15246 kref_init(&ns->kref);
15247 + atomic_inc(&vs_global_pid_ns);
15249 ns->parent = get_pid_ns(parent_pid_ns);
15251 @@ -119,6 +121,7 @@ static void destroy_pid_namespace(struct
15253 for (i = 0; i < PIDMAP_ENTRIES; i++)
15254 kfree(ns->pidmap[i].page);
15255 + atomic_dec(&vs_global_pid_ns);
15256 kmem_cache_free(pid_ns_cachep, ns);
15259 diff -NurpP --minimal linux-3.0-rc5/kernel/posix-timers.c linux-3.0-rc5-vs2.3.1-pre3/kernel/posix-timers.c
15260 --- linux-3.0-rc5/kernel/posix-timers.c 2011-07-01 11:14:23.000000000 +0200
15261 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/posix-timers.c 2011-06-10 22:11:24.000000000 +0200
15263 #include <linux/wait.h>
15264 #include <linux/workqueue.h>
15265 #include <linux/module.h>
15266 +#include <linux/vs_context.h>
15269 * Management arrays for POSIX timers. Timers are kept in slab memory
15270 @@ -340,6 +341,7 @@ int posix_timer_event(struct k_itimer *t
15272 struct task_struct *task;
15273 int shared, ret = -1;
15276 * FIXME: if ->sigq is queued we can race with
15277 * dequeue_signal()->do_schedule_next_timer().
15278 @@ -356,10 +358,18 @@ int posix_timer_event(struct k_itimer *t
15280 task = pid_task(timr->it_pid, PIDTYPE_PID);
15282 + struct vx_info_save vxis;
15283 + struct vx_info *vxi;
15285 + vxi = get_vx_info(task->vx_info);
15286 + enter_vx_info(vxi, &vxis);
15287 shared = !(timr->it_sigev_notify & SIGEV_THREAD_ID);
15288 ret = send_sigqueue(timr->sigq, task, shared);
15289 + leave_vx_info(&vxis);
15290 + put_vx_info(vxi);
15294 /* If we failed to send the signal the timer stops. */
15297 diff -NurpP --minimal linux-3.0-rc5/kernel/printk.c linux-3.0-rc5-vs2.3.1-pre3/kernel/printk.c
15298 --- linux-3.0-rc5/kernel/printk.c 2011-07-01 11:14:23.000000000 +0200
15299 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/printk.c 2011-06-10 22:11:24.000000000 +0200
15301 #include <linux/cpu.h>
15302 #include <linux/notifier.h>
15303 #include <linux/rculist.h>
15304 +#include <linux/vs_cvirt.h>
15306 #include <asm/uaccess.h>
15308 @@ -314,7 +315,7 @@ static int check_syslog_permissions(int
15311 if (syslog_action_restricted(type)) {
15312 - if (capable(CAP_SYSLOG))
15313 + if (vx_capable(CAP_SYSLOG, VXC_SYSLOG))
15315 /* For historical reasons, accept CAP_SYS_ADMIN too, with a warning */
15316 if (capable(CAP_SYS_ADMIN)) {
15317 @@ -342,12 +343,9 @@ int do_syslog(int type, char __user *buf
15322 - case SYSLOG_ACTION_CLOSE: /* Close log */
15324 - case SYSLOG_ACTION_OPEN: /* Open log */
15326 - case SYSLOG_ACTION_READ: /* Read from log */
15327 + if ((type == SYSLOG_ACTION_READ) ||
15328 + (type == SYSLOG_ACTION_READ_ALL) ||
15329 + (type == SYSLOG_ACTION_READ_CLEAR)) {
15331 if (!buf || len < 0)
15333 @@ -358,6 +356,16 @@ int do_syslog(int type, char __user *buf
15338 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
15339 + return vx_do_syslog(type, buf, len);
15342 + case SYSLOG_ACTION_CLOSE: /* Close log */
15344 + case SYSLOG_ACTION_OPEN: /* Open log */
15346 + case SYSLOG_ACTION_READ: /* Read from log */
15347 error = wait_event_interruptible(log_wait,
15348 (log_start - log_end));
15350 @@ -384,16 +392,6 @@ int do_syslog(int type, char __user *buf
15352 /* Read last kernel messages */
15353 case SYSLOG_ACTION_READ_ALL:
15355 - if (!buf || len < 0)
15360 - if (!access_ok(VERIFY_WRITE, buf, len)) {
15365 if (count > log_buf_len)
15366 count = log_buf_len;
15367 diff -NurpP --minimal linux-3.0-rc5/kernel/ptrace.c linux-3.0-rc5-vs2.3.1-pre3/kernel/ptrace.c
15368 --- linux-3.0-rc5/kernel/ptrace.c 2011-07-01 11:14:23.000000000 +0200
15369 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/ptrace.c 2011-06-10 22:11:24.000000000 +0200
15371 #include <linux/syscalls.h>
15372 #include <linux/uaccess.h>
15373 #include <linux/regset.h>
15374 +#include <linux/vs_context.h>
15375 #include <linux/hw_breakpoint.h>
15378 @@ -169,6 +170,11 @@ ok:
15379 dumpable = get_dumpable(task->mm);
15380 if (!dumpable && !task_ns_capable(task, CAP_SYS_PTRACE))
15382 + if (!vx_check(task->xid, VS_ADMIN_P|VS_WATCH_P|VS_IDENT))
15384 + if (!vx_check(task->xid, VS_IDENT) &&
15385 + !task_vx_flags(task, VXF_STATE_ADMIN, 0))
15388 return security_ptrace_access_check(task, mode);
15390 diff -NurpP --minimal linux-3.0-rc5/kernel/sched.c linux-3.0-rc5-vs2.3.1-pre3/kernel/sched.c
15391 --- linux-3.0-rc5/kernel/sched.c 2011-07-01 11:14:23.000000000 +0200
15392 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/sched.c 2011-06-15 02:40:14.000000000 +0200
15394 #include <linux/ctype.h>
15395 #include <linux/ftrace.h>
15396 #include <linux/slab.h>
15397 +#include <linux/vs_sched.h>
15398 +#include <linux/vs_cvirt.h>
15400 #include <asm/tlb.h>
15401 #include <asm/irq_regs.h>
15402 @@ -3429,9 +3431,17 @@ static void calc_global_nohz(unsigned lo
15404 void get_avenrun(unsigned long *loads, unsigned long offset, int shift)
15406 - loads[0] = (avenrun[0] + offset) << shift;
15407 - loads[1] = (avenrun[1] + offset) << shift;
15408 - loads[2] = (avenrun[2] + offset) << shift;
15409 + if (vx_flags(VXF_VIRT_LOAD, 0)) {
15410 + struct vx_info *vxi = current_vx_info();
15412 + loads[0] = (vxi->cvirt.load[0] + offset) << shift;
15413 + loads[1] = (vxi->cvirt.load[1] + offset) << shift;
15414 + loads[2] = (vxi->cvirt.load[2] + offset) << shift;
15416 + loads[0] = (avenrun[0] + offset) << shift;
15417 + loads[1] = (avenrun[1] + offset) << shift;
15418 + loads[2] = (avenrun[2] + offset) << shift;
15423 @@ -3714,16 +3724,19 @@ void account_user_time(struct task_struc
15424 cputime_t cputime_scaled)
15426 struct cpu_usage_stat *cpustat = &kstat_this_cpu.cpustat;
15427 + struct vx_info *vxi = p->vx_info; /* p is _always_ current */
15429 + int nice = (TASK_NICE(p) > 0);
15431 /* Add user time to process. */
15432 p->utime = cputime_add(p->utime, cputime);
15433 p->utimescaled = cputime_add(p->utimescaled, cputime_scaled);
15434 + vx_account_user(vxi, cputime, nice);
15435 account_group_user_time(p, cputime);
15437 /* Add user time to cpustat. */
15438 tmp = cputime_to_cputime64(cputime);
15439 - if (TASK_NICE(p) > 0)
15441 cpustat->nice = cputime64_add(cpustat->nice, tmp);
15443 cpustat->user = cputime64_add(cpustat->user, tmp);
15444 @@ -3775,10 +3788,12 @@ void __account_system_time(struct task_s
15445 cputime_t cputime_scaled, cputime64_t *target_cputime64)
15447 cputime64_t tmp = cputime_to_cputime64(cputime);
15448 + struct vx_info *vxi = p->vx_info; /* p is _always_ current */
15450 /* Add system time to process. */
15451 p->stime = cputime_add(p->stime, cputime);
15452 p->stimescaled = cputime_add(p->stimescaled, cputime_scaled);
15453 + vx_account_system(vxi, cputime, 0 /* do we have idle time? */);
15454 account_group_system_time(p, cputime);
15456 /* Add system time to cpustat. */
15457 @@ -4936,7 +4951,7 @@ SYSCALL_DEFINE1(nice, int, increment)
15460 if (increment < 0 && !can_nice(current, nice))
15462 + return vx_flags(VXF_IGNEG_NICE, 0) ? 0 : -EPERM;
15464 retval = security_task_setnice(current, nice);
15466 diff -NurpP --minimal linux-3.0-rc5/kernel/sched_fair.c linux-3.0-rc5-vs2.3.1-pre3/kernel/sched_fair.c
15467 --- linux-3.0-rc5/kernel/sched_fair.c 2011-07-01 11:14:23.000000000 +0200
15468 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/sched_fair.c 2011-06-10 22:11:24.000000000 +0200
15469 @@ -998,6 +998,8 @@ enqueue_entity(struct cfs_rq *cfs_rq, st
15470 __enqueue_entity(cfs_rq, se);
15473 + if (entity_is_task(se))
15474 + vx_activate_task(task_of(se));
15475 if (cfs_rq->nr_running == 1)
15476 list_add_leaf_cfs_rq(cfs_rq);
15478 @@ -1074,6 +1076,8 @@ dequeue_entity(struct cfs_rq *cfs_rq, st
15479 if (se != cfs_rq->curr)
15480 __dequeue_entity(cfs_rq, se);
15482 + if (entity_is_task(se))
15483 + vx_deactivate_task(task_of(se));
15484 update_cfs_load(cfs_rq, 0);
15485 account_entity_dequeue(cfs_rq, se);
15487 diff -NurpP --minimal linux-3.0-rc5/kernel/signal.c linux-3.0-rc5-vs2.3.1-pre3/kernel/signal.c
15488 --- linux-3.0-rc5/kernel/signal.c 2011-07-01 11:14:23.000000000 +0200
15489 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/signal.c 2011-06-22 12:39:16.000000000 +0200
15491 #include <linux/freezer.h>
15492 #include <linux/pid_namespace.h>
15493 #include <linux/nsproxy.h>
15494 +#include <linux/vs_context.h>
15495 +#include <linux/vs_pid.h>
15496 #define CREATE_TRACE_POINTS
15497 #include <trace/events/signal.h>
15499 @@ -744,9 +746,18 @@ static int check_kill_permission(int sig
15503 + vxdprintk(VXD_CBIT(misc, 7),
15504 + "check_kill_permission(%d,%p,%p[#%u,%u])",
15505 + sig, info, t, vx_task_xid(t), t->pid);
15507 if (!valid_signal(sig))
15510 +/* FIXME: needed? if so, why?
15511 + if ((info != SEND_SIG_NOINFO) &&
15512 + (is_si_special(info) || !si_fromuser(info)))
15515 if (!si_fromuser(info))
15518 @@ -770,6 +781,20 @@ static int check_kill_permission(int sig
15523 + if (t->pid == 1 && current->xid)
15527 + /* FIXME: we shouldn't return ESRCH ever, to avoid
15528 + loops, maybe ENOENT or EACCES? */
15529 + if (!vx_check(vx_task_xid(t), VS_WATCH_P | VS_IDENT)) {
15530 + vxdprintk(current->xid || VXD_CBIT(misc, 7),
15531 + "signal %d[%p] xid mismatch %p[#%u,%u] xid=#%u",
15532 + sig, info, t, vx_task_xid(t), t->pid, current->xid);
15536 return security_task_kill(t, info, sig, 0);
15539 @@ -1239,7 +1264,7 @@ int kill_pid_info(int sig, struct siginf
15542 p = pid_task(pid, PIDTYPE_PID);
15544 + if (p && vx_check(vx_task_xid(p), VS_IDENT)) {
15545 error = group_send_sig_info(sig, info, p);
15546 if (unlikely(error == -ESRCH))
15548 @@ -1278,7 +1303,7 @@ int kill_pid_info_as_uid(int sig, struct
15551 p = pid_task(pid, PIDTYPE_PID);
15553 + if (!p || !vx_check(vx_task_xid(p), VS_IDENT)) {
15557 @@ -1333,8 +1358,10 @@ static int kill_something_info(int sig,
15558 struct task_struct * p;
15560 for_each_process(p) {
15561 - if (task_pid_vnr(p) > 1 &&
15562 - !same_thread_group(p, current)) {
15563 + if (vx_check(vx_task_xid(p), VS_ADMIN|VS_IDENT) &&
15564 + task_pid_vnr(p) > 1 &&
15565 + !same_thread_group(p, current) &&
15566 + !vx_current_initpid(p->pid)) {
15567 int err = group_send_sig_info(sig, info, p);
15570 @@ -2133,6 +2160,11 @@ relock:
15571 !sig_kernel_only(signr))
15574 + /* virtual init is protected against user signals */
15575 + if ((info->si_code == SI_USER) &&
15576 + vx_current_initpid(current->pid))
15579 if (sig_kernel_stop(signr)) {
15581 * The default action is to stop all threads in
15582 diff -NurpP --minimal linux-3.0-rc5/kernel/softirq.c linux-3.0-rc5-vs2.3.1-pre3/kernel/softirq.c
15583 --- linux-3.0-rc5/kernel/softirq.c 2011-07-01 11:14:23.000000000 +0200
15584 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/softirq.c 2011-06-22 12:39:16.000000000 +0200
15586 #include <linux/ftrace.h>
15587 #include <linux/smp.h>
15588 #include <linux/tick.h>
15589 +#include <linux/vs_context.h>
15591 #define CREATE_TRACE_POINTS
15592 #include <trace/events/irq.h>
15593 diff -NurpP --minimal linux-3.0-rc5/kernel/sys.c linux-3.0-rc5-vs2.3.1-pre3/kernel/sys.c
15594 --- linux-3.0-rc5/kernel/sys.c 2011-07-01 11:14:23.000000000 +0200
15595 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/sys.c 2011-06-10 22:11:24.000000000 +0200
15597 #include <linux/syscalls.h>
15598 #include <linux/kprobes.h>
15599 #include <linux/user_namespace.h>
15600 +#include <linux/vs_pid.h>
15602 #include <linux/kmsg_dump.h>
15604 @@ -151,7 +152,10 @@ static int set_one_prio(struct task_stru
15607 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
15609 + if (vx_flags(VXF_IGNEG_NICE, 0))
15615 no_nice = security_task_setnice(p, niceval);
15616 @@ -201,6 +205,8 @@ SYSCALL_DEFINE3(setpriority, int, which,
15618 pgrp = task_pgrp(current);
15619 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
15620 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
15622 error = set_one_prio(p, niceval, error);
15623 } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
15625 @@ -264,6 +270,8 @@ SYSCALL_DEFINE2(getpriority, int, which,
15627 pgrp = task_pgrp(current);
15628 do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
15629 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
15631 niceval = 20 - task_nice(p);
15632 if (niceval > retval)
15634 @@ -383,6 +391,8 @@ EXPORT_SYMBOL_GPL(kernel_power_off);
15636 static DEFINE_MUTEX(reboot_mutex);
15638 +long vs_reboot(unsigned int, void __user *);
15641 * Reboot system call: for obvious reasons only root may call it,
15642 * and even root needs to set up some magic numbers in the registers
15643 @@ -415,6 +425,9 @@ SYSCALL_DEFINE4(reboot, int, magic1, int
15644 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
15645 cmd = LINUX_REBOOT_CMD_HALT;
15647 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
15648 + return vs_reboot(cmd, arg);
15650 mutex_lock(&reboot_mutex);
15652 case LINUX_REBOOT_CMD_RESTART:
15653 @@ -1365,7 +1378,7 @@ int do_prlimit(struct task_struct *tsk,
15654 /* Keep the capable check against init_user_ns until
15655 cgroups can contain all limits */
15656 if (new_rlim->rlim_max > rlim->rlim_max &&
15657 - !capable(CAP_SYS_RESOURCE))
15658 + !vx_capable(CAP_SYS_RESOURCE, VXC_SET_RLIMIT))
15661 retval = security_task_setrlimit(tsk->group_leader,
15662 diff -NurpP --minimal linux-3.0-rc5/kernel/sysctl.c linux-3.0-rc5-vs2.3.1-pre3/kernel/sysctl.c
15663 --- linux-3.0-rc5/kernel/sysctl.c 2011-07-01 11:14:23.000000000 +0200
15664 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/sysctl.c 2011-06-15 02:40:14.000000000 +0200
15666 #if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT)
15667 #include <linux/lockdep.h>
15669 +extern char vshelper_path[];
15670 #ifdef CONFIG_CHR_DEV_SG
15671 #include <scsi/sg.h>
15673 @@ -568,6 +569,13 @@ static struct ctl_table kern_table[] = {
15674 .proc_handler = proc_dostring,
15678 + .procname = "vshelper",
15679 + .data = &vshelper_path,
15682 + .proc_handler = &proc_dostring,
15684 #ifdef CONFIG_CHR_DEV_SG
15686 .procname = "sg-big-buff",
15687 diff -NurpP --minimal linux-3.0-rc5/kernel/sysctl_binary.c linux-3.0-rc5-vs2.3.1-pre3/kernel/sysctl_binary.c
15688 --- linux-3.0-rc5/kernel/sysctl_binary.c 2011-05-22 16:17:59.000000000 +0200
15689 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/sysctl_binary.c 2011-06-10 22:11:24.000000000 +0200
15690 @@ -73,6 +73,7 @@ static const struct bin_table bin_kern_t
15692 { CTL_INT, KERN_PANIC, "panic" },
15693 { CTL_INT, KERN_REALROOTDEV, "real-root-dev" },
15694 + { CTL_STR, KERN_VSHELPER, "vshelper" },
15696 { CTL_STR, KERN_SPARC_REBOOT, "reboot-cmd" },
15697 { CTL_INT, KERN_CTLALTDEL, "ctrl-alt-del" },
15698 diff -NurpP --minimal linux-3.0-rc5/kernel/time/timekeeping.c linux-3.0-rc5-vs2.3.1-pre3/kernel/time/timekeeping.c
15699 --- linux-3.0-rc5/kernel/time/timekeeping.c 2011-07-01 11:14:23.000000000 +0200
15700 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/time/timekeeping.c 2011-06-10 22:11:24.000000000 +0200
15701 @@ -233,6 +233,7 @@ void getnstimeofday(struct timespec *ts)
15702 } while (read_seqretry(&xtime_lock, seq));
15704 timespec_add_ns(ts, nsecs);
15705 + vx_adjust_timespec(ts);
15708 EXPORT_SYMBOL(getnstimeofday);
15709 diff -NurpP --minimal linux-3.0-rc5/kernel/time.c linux-3.0-rc5-vs2.3.1-pre3/kernel/time.c
15710 --- linux-3.0-rc5/kernel/time.c 2011-05-22 16:17:59.000000000 +0200
15711 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/time.c 2011-06-10 22:11:24.000000000 +0200
15712 @@ -92,7 +92,7 @@ SYSCALL_DEFINE1(stime, time_t __user *,
15716 - do_settimeofday(&tv);
15717 + vx_settimeofday(&tv);
15721 @@ -177,7 +177,7 @@ int do_sys_settimeofday(const struct tim
15722 /* SMP safe, again the code in arch/foo/time.c should
15723 * globally block out interrupts when it runs.
15725 - return do_settimeofday(tv);
15726 + return vx_settimeofday(tv);
15730 diff -NurpP --minimal linux-3.0-rc5/kernel/timer.c linux-3.0-rc5-vs2.3.1-pre3/kernel/timer.c
15731 --- linux-3.0-rc5/kernel/timer.c 2011-07-01 11:14:23.000000000 +0200
15732 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/timer.c 2011-06-15 02:40:14.000000000 +0200
15734 #include <linux/irq_work.h>
15735 #include <linux/sched.h>
15736 #include <linux/slab.h>
15737 +#include <linux/vs_base.h>
15738 +#include <linux/vs_cvirt.h>
15739 +#include <linux/vs_pid.h>
15740 +#include <linux/vserver/sched.h>
15742 #include <asm/uaccess.h>
15743 #include <asm/unistd.h>
15744 @@ -1336,12 +1340,6 @@ SYSCALL_DEFINE1(alarm, unsigned int, sec
15751 - * The Alpha uses getxpid, getxuid, and getxgid instead. Maybe this
15752 - * should be moved into arch/i386 instead?
15756 * sys_getpid - return the thread group id of the current process
15757 @@ -1370,10 +1368,23 @@ SYSCALL_DEFINE0(getppid)
15759 pid = task_tgid_vnr(current->real_parent);
15761 + return vx_map_pid(pid);
15768 + * The Alpha uses getxpid, getxuid, and getxgid instead.
15771 +asmlinkage long do_getxpid(long *ppid)
15773 + *ppid = sys_getppid();
15774 + return sys_getpid();
15777 +#else /* _alpha_ */
15779 SYSCALL_DEFINE0(getuid)
15781 /* Only we change this so SMP safe */
15782 diff -NurpP --minimal linux-3.0-rc5/kernel/user_namespace.c linux-3.0-rc5-vs2.3.1-pre3/kernel/user_namespace.c
15783 --- linux-3.0-rc5/kernel/user_namespace.c 2011-03-15 18:07:42.000000000 +0100
15784 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/user_namespace.c 2011-06-10 22:11:24.000000000 +0200
15786 #include <linux/user_namespace.h>
15787 #include <linux/highuid.h>
15788 #include <linux/cred.h>
15789 +#include <linux/vserver/global.h>
15791 static struct kmem_cache *user_ns_cachep __read_mostly;
15793 @@ -33,6 +34,7 @@ int create_user_ns(struct cred *new)
15796 kref_init(&ns->kref);
15797 + atomic_inc(&vs_global_user_ns);
15799 for (n = 0; n < UIDHASH_SZ; ++n)
15800 INIT_HLIST_HEAD(ns->uidhash_table + n);
15801 @@ -81,6 +83,8 @@ void free_user_ns(struct kref *kref)
15802 struct user_namespace *ns =
15803 container_of(kref, struct user_namespace, kref);
15805 + /* FIXME: maybe move into destroyer? */
15806 + atomic_dec(&vs_global_user_ns);
15807 INIT_WORK(&ns->destroyer, free_user_ns_work);
15808 schedule_work(&ns->destroyer);
15810 diff -NurpP --minimal linux-3.0-rc5/kernel/utsname.c linux-3.0-rc5-vs2.3.1-pre3/kernel/utsname.c
15811 --- linux-3.0-rc5/kernel/utsname.c 2011-07-01 11:14:23.000000000 +0200
15812 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/utsname.c 2011-06-13 14:09:44.000000000 +0200
15813 @@ -16,14 +16,17 @@
15814 #include <linux/slab.h>
15815 #include <linux/user_namespace.h>
15816 #include <linux/proc_fs.h>
15817 +#include <linux/vserver/global.h>
15819 static struct uts_namespace *create_uts_ns(void)
15821 struct uts_namespace *uts_ns;
15823 uts_ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL);
15826 kref_init(&uts_ns->kref);
15827 + atomic_inc(&vs_global_uts_ns);
15832 @@ -32,8 +35,8 @@ static struct uts_namespace *create_uts_
15833 * @old_ns: namespace to clone
15834 * Return NULL on error (failure to kmalloc), new ns otherwise
15836 -static struct uts_namespace *clone_uts_ns(struct task_struct *tsk,
15837 - struct uts_namespace *old_ns)
15838 +static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns,
15839 + struct user_namespace *old_user)
15841 struct uts_namespace *ns;
15843 @@ -43,7 +46,7 @@ static struct uts_namespace *clone_uts_n
15845 down_read(&uts_sem);
15846 memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
15847 - ns->user_ns = get_user_ns(task_cred_xxx(tsk, user)->user_ns);
15848 + ns->user_ns = get_user_ns(old_user);
15852 @@ -55,9 +58,9 @@ static struct uts_namespace *clone_uts_n
15855 struct uts_namespace *copy_utsname(unsigned long flags,
15856 - struct task_struct *tsk)
15857 + struct uts_namespace *old_ns,
15858 + struct user_namespace *user_ns)
15860 - struct uts_namespace *old_ns = tsk->nsproxy->uts_ns;
15861 struct uts_namespace *new_ns;
15864 @@ -66,7 +69,7 @@ struct uts_namespace *copy_utsname(unsig
15865 if (!(flags & CLONE_NEWUTS))
15868 - new_ns = clone_uts_ns(tsk, old_ns);
15869 + new_ns = clone_uts_ns(old_ns, user_ns);
15871 put_uts_ns(old_ns);
15873 @@ -78,6 +81,7 @@ void free_uts_ns(struct kref *kref)
15875 ns = container_of(kref, struct uts_namespace, kref);
15876 put_user_ns(ns->user_ns);
15877 + atomic_dec(&vs_global_uts_ns);
15881 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/Kconfig linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/Kconfig
15882 --- linux-3.0-rc5/kernel/vserver/Kconfig 1970-01-01 01:00:00.000000000 +0100
15883 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/Kconfig 2011-06-10 22:11:24.000000000 +0200
15886 +# Linux VServer configuration
15889 +menu "Linux VServer"
15891 +config VSERVER_AUTO_LBACK
15892 + bool "Automatically Assign Loopback IP"
15895 + Automatically assign a guest specific loopback
15896 + IP and add it to the kernel network stack on
15899 +config VSERVER_AUTO_SINGLE
15900 + bool "Automatic Single IP Special Casing"
15901 + depends on EXPERIMENTAL
15904 + This allows network contexts with a single IP to
15905 + automatically remap 0.0.0.0 bindings to that IP,
15906 + avoiding further network checks and improving
15909 + (note: such guests do not allow to change the ip
15910 + on the fly and do not show loopback addresses)
15912 +config VSERVER_COWBL
15913 + bool "Enable COW Immutable Link Breaking"
15916 + This enables the COW (Copy-On-Write) link break code.
15917 + It allows you to treat unified files like normal files
15918 + when writing to them (which will implicitely break the
15919 + link and create a copy of the unified file)
15921 +config VSERVER_VTIME
15922 + bool "Enable Virtualized Guest Time"
15923 + depends on EXPERIMENTAL
15926 + This enables per guest time offsets to allow for
15927 + adjusting the system clock individually per guest.
15928 + this adds some overhead to the time functions and
15929 + therefore should not be enabled without good reason.
15931 +config VSERVER_DEVICE
15932 + bool "Enable Guest Device Mapping"
15933 + depends on EXPERIMENTAL
15936 + This enables generic device remapping.
15938 +config VSERVER_PROC_SECURE
15939 + bool "Enable Proc Security"
15940 + depends on PROC_FS
15943 + This configures ProcFS security to initially hide
15944 + non-process entries for all contexts except the main and
15945 + spectator context (i.e. for all guests), which is a secure
15948 + (note: on 1.2x the entries were visible by default)
15951 + prompt "Persistent Inode Tagging"
15952 + default TAGGING_ID24
15954 + This adds persistent context information to filesystems
15955 + mounted with the tagxid option. Tagging is a requirement
15956 + for per-context disk limits and per-context quota.
15959 +config TAGGING_NONE
15962 + do not store per-context information in inodes.
15964 +config TAGGING_UID16
15965 + bool "UID16/GID32"
15967 + reduces UID to 16 bit, but leaves GID at 32 bit.
15969 +config TAGGING_GID16
15970 + bool "UID32/GID16"
15972 + reduces GID to 16 bit, but leaves UID at 32 bit.
15974 +config TAGGING_ID24
15975 + bool "UID24/GID24"
15977 + uses the upper 8bit from UID and GID for XID tagging
15978 + which leaves 24bit for UID/GID each, which should be
15979 + more than sufficient for normal use.
15981 +config TAGGING_INTERN
15982 + bool "UID32/GID32"
15984 + this uses otherwise reserved inode fields in the on
15985 + disk representation, which limits the use to a few
15986 + filesystems (currently ext2 and ext3)
15991 + bool "Tag NFSD User Auth and Files"
15994 + Enable this if you do want the in-kernel NFS
15995 + Server to use the tagging specified above.
15996 + (will require patched clients too)
15998 +config VSERVER_PRIVACY
15999 + bool "Honor Privacy Aspects of Guests"
16002 + When enabled, most context checks will disallow
16003 + access to structures assigned to a specific context,
16004 + like ptys or loop devices.
16006 +config VSERVER_CONTEXTS
16007 + int "Maximum number of Contexts (1-65533)" if EMBEDDED
16009 + default "768" if 64BIT
16012 + This setting will optimize certain data structures
16013 + and memory allocations according to the expected
16016 + note: this is not a strict upper limit.
16018 +config VSERVER_WARN
16019 + bool "VServer Warnings"
16022 + This enables various runtime warnings, which will
16023 + notify about potential manipulation attempts or
16024 + resource shortage. It is generally considered to
16025 + be a good idea to have that enabled.
16027 +config VSERVER_WARN_DEVPTS
16028 + bool "VServer DevPTS Warnings"
16029 + depends on VSERVER_WARN
16032 + This enables DevPTS related warnings, issued when a
16033 + process inside a context tries to lookup or access
16034 + a dynamic pts from the host or a different context.
16036 +config VSERVER_DEBUG
16037 + bool "VServer Debugging Code"
16040 + Set this to yes if you want to be able to activate
16041 + debugging output at runtime. It adds a very small
16042 + overhead to all vserver related functions and
16043 + increases the kernel size by about 20k.
16045 +config VSERVER_HISTORY
16046 + bool "VServer History Tracing"
16047 + depends on VSERVER_DEBUG
16050 + Set this to yes if you want to record the history of
16051 + linux-vserver activities, so they can be replayed in
16052 + the event of a kernel panic or oops.
16054 +config VSERVER_HISTORY_SIZE
16055 + int "Per-CPU History Size (32-65536)"
16056 + depends on VSERVER_HISTORY
16060 + This allows you to specify the number of entries in
16061 + the per-CPU history buffer.
16063 +config VSERVER_LEGACY_MEM
16064 + bool "Legacy Memory Limits"
16067 + This provides fake memory limits to keep
16068 + older tools happy in the face of memory
16072 + prompt "Quotes used in debug and warn messages"
16073 + default QUOTES_ISO8859
16075 +config QUOTES_ISO8859
16076 + bool "Extended ASCII (ISO 8859) angle quotes"
16078 + This uses the extended ASCII characters \xbb
16079 + and \xab for quoting file and process names.
16081 +config QUOTES_UTF8
16082 + bool "UTF-8 angle quotes"
16084 + This uses the the UTF-8 sequences for angle
16085 + quotes to quote file and process names.
16087 +config QUOTES_ASCII
16088 + bool "ASCII single quotes"
16090 + This uses the ASCII single quote character
16091 + (\x27) to quote file and process names.
16101 + select NAMESPACES
16107 +config VSERVER_SECURITY
16109 + depends on SECURITY
16111 + select SECURITY_CAPABILITIES
16113 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/Makefile linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/Makefile
16114 --- linux-3.0-rc5/kernel/vserver/Makefile 1970-01-01 01:00:00.000000000 +0100
16115 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/Makefile 2011-06-10 22:11:24.000000000 +0200
16118 +# Makefile for the Linux vserver routines.
16122 +obj-y += vserver.o
16124 +vserver-y := switch.o context.o space.o sched.o network.o inode.o \
16125 + limit.o cvirt.o cacct.o signal.o helper.o init.o \
16128 +vserver-$(CONFIG_INET) += inet.o
16129 +vserver-$(CONFIG_PROC_FS) += proc.o
16130 +vserver-$(CONFIG_VSERVER_DEBUG) += sysctl.o debug.o
16131 +vserver-$(CONFIG_VSERVER_HISTORY) += history.o
16132 +vserver-$(CONFIG_VSERVER_MONITOR) += monitor.o
16133 +vserver-$(CONFIG_VSERVER_DEVICE) += device.o
16135 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/cacct.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cacct.c
16136 --- linux-3.0-rc5/kernel/vserver/cacct.c 1970-01-01 01:00:00.000000000 +0100
16137 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cacct.c 2011-06-10 22:11:24.000000000 +0200
16140 + * linux/kernel/vserver/cacct.c
16142 + * Virtual Server: Context Accounting
16144 + * Copyright (C) 2006-2007 Herbert Pötzl
16146 + * V0.01 added accounting stats
16150 +#include <linux/types.h>
16151 +#include <linux/vs_context.h>
16152 +#include <linux/vserver/cacct_cmd.h>
16153 +#include <linux/vserver/cacct_int.h>
16155 +#include <asm/errno.h>
16156 +#include <asm/uaccess.h>
16159 +int vc_sock_stat(struct vx_info *vxi, void __user *data)
16161 + struct vcmd_sock_stat_v0 vc_data;
16164 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
16167 + field = vc_data.field;
16168 + if ((field < 0) || (field >= VXA_SOCK_SIZE))
16171 + for (j = 0; j < 3; j++) {
16172 + vc_data.count[j] = vx_sock_count(&vxi->cacct, field, j);
16173 + vc_data.total[j] = vx_sock_total(&vxi->cacct, field, j);
16176 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
16181 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/cacct_init.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cacct_init.h
16182 --- linux-3.0-rc5/kernel/vserver/cacct_init.h 1970-01-01 01:00:00.000000000 +0100
16183 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cacct_init.h 2011-06-10 22:11:24.000000000 +0200
16187 +static inline void vx_info_init_cacct(struct _vx_cacct *cacct)
16192 + for (i = 0; i < VXA_SOCK_SIZE; i++) {
16193 + for (j = 0; j < 3; j++) {
16194 + atomic_long_set(&cacct->sock[i][j].count, 0);
16195 + atomic_long_set(&cacct->sock[i][j].total, 0);
16198 + for (i = 0; i < 8; i++)
16199 + atomic_set(&cacct->slab[i], 0);
16200 + for (i = 0; i < 5; i++)
16201 + for (j = 0; j < 4; j++)
16202 + atomic_set(&cacct->page[i][j], 0);
16205 +static inline void vx_info_exit_cacct(struct _vx_cacct *cacct)
16210 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/cacct_proc.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cacct_proc.h
16211 --- linux-3.0-rc5/kernel/vserver/cacct_proc.h 1970-01-01 01:00:00.000000000 +0100
16212 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cacct_proc.h 2011-06-10 22:11:24.000000000 +0200
16214 +#ifndef _VX_CACCT_PROC_H
16215 +#define _VX_CACCT_PROC_H
16217 +#include <linux/vserver/cacct_int.h>
16220 +#define VX_SOCKA_TOP \
16221 + "Type\t recv #/bytes\t\t send #/bytes\t\t fail #/bytes\n"
16223 +static inline int vx_info_proc_cacct(struct _vx_cacct *cacct, char *buffer)
16225 + int i, j, length = 0;
16226 + static char *type[VXA_SOCK_SIZE] = {
16227 + "UNSPEC", "UNIX", "INET", "INET6", "PACKET", "OTHER"
16230 + length += sprintf(buffer + length, VX_SOCKA_TOP);
16231 + for (i = 0; i < VXA_SOCK_SIZE; i++) {
16232 + length += sprintf(buffer + length, "%s:", type[i]);
16233 + for (j = 0; j < 3; j++) {
16234 + length += sprintf(buffer + length,
16235 + "\t%10lu/%-10lu",
16236 + vx_sock_count(cacct, i, j),
16237 + vx_sock_total(cacct, i, j));
16239 + buffer[length++] = '\n';
16242 + length += sprintf(buffer + length, "\n");
16243 + length += sprintf(buffer + length,
16244 + "slab:\t %8u %8u %8u %8u\n",
16245 + atomic_read(&cacct->slab[1]),
16246 + atomic_read(&cacct->slab[4]),
16247 + atomic_read(&cacct->slab[0]),
16248 + atomic_read(&cacct->slab[2]));
16250 + length += sprintf(buffer + length, "\n");
16251 + for (i = 0; i < 5; i++) {
16252 + length += sprintf(buffer + length,
16253 + "page[%d]: %8u %8u %8u %8u\t %8u %8u %8u %8u\n", i,
16254 + atomic_read(&cacct->page[i][0]),
16255 + atomic_read(&cacct->page[i][1]),
16256 + atomic_read(&cacct->page[i][2]),
16257 + atomic_read(&cacct->page[i][3]),
16258 + atomic_read(&cacct->page[i][4]),
16259 + atomic_read(&cacct->page[i][5]),
16260 + atomic_read(&cacct->page[i][6]),
16261 + atomic_read(&cacct->page[i][7]));
16266 +#endif /* _VX_CACCT_PROC_H */
16267 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/context.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/context.c
16268 --- linux-3.0-rc5/kernel/vserver/context.c 1970-01-01 01:00:00.000000000 +0100
16269 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/context.c 2011-06-16 14:16:51.000000000 +0200
16272 + * linux/kernel/vserver/context.c
16274 + * Virtual Server: Context Support
16276 + * Copyright (C) 2003-2010 Herbert Pötzl
16278 + * V0.01 context helper
16279 + * V0.02 vx_ctx_kill syscall command
16280 + * V0.03 replaced context_info calls
16281 + * V0.04 redesign of struct (de)alloc
16282 + * V0.05 rlimit basic implementation
16283 + * V0.06 task_xid and info commands
16284 + * V0.07 context flags and caps
16285 + * V0.08 switch to RCU based hash
16286 + * V0.09 revert to non RCU for now
16287 + * V0.10 and back to working RCU hash
16288 + * V0.11 and back to locking again
16289 + * V0.12 referenced context store
16290 + * V0.13 separate per cpu data
16291 + * V0.14 changed vcmds to vxi arg
16292 + * V0.15 added context stat
16293 + * V0.16 have __create claim() the vxi
16294 + * V0.17 removed older and legacy stuff
16295 + * V0.18 added user credentials
16299 +#include <linux/slab.h>
16300 +#include <linux/types.h>
16301 +#include <linux/security.h>
16302 +#include <linux/pid_namespace.h>
16303 +#include <linux/capability.h>
16305 +#include <linux/vserver/context.h>
16306 +#include <linux/vserver/network.h>
16307 +#include <linux/vserver/debug.h>
16308 +#include <linux/vserver/limit.h>
16309 +#include <linux/vserver/limit_int.h>
16310 +#include <linux/vserver/space.h>
16311 +#include <linux/init_task.h>
16312 +#include <linux/fs_struct.h>
16313 +#include <linux/cred.h>
16315 +#include <linux/vs_context.h>
16316 +#include <linux/vs_limit.h>
16317 +#include <linux/vs_pid.h>
16318 +#include <linux/vserver/context_cmd.h>
16320 +#include "cvirt_init.h"
16321 +#include "cacct_init.h"
16322 +#include "limit_init.h"
16323 +#include "sched_init.h"
16326 +atomic_t vx_global_ctotal = ATOMIC_INIT(0);
16327 +atomic_t vx_global_cactive = ATOMIC_INIT(0);
16330 +/* now inactive context structures */
16332 +static struct hlist_head vx_info_inactive = HLIST_HEAD_INIT;
16334 +static DEFINE_SPINLOCK(vx_info_inactive_lock);
16337 +/* __alloc_vx_info()
16339 + * allocate an initialized vx_info struct
16340 + * doesn't make it visible (hash) */
16342 +static struct vx_info *__alloc_vx_info(xid_t xid)
16344 + struct vx_info *new = NULL;
16347 + vxdprintk(VXD_CBIT(xid, 0), "alloc_vx_info(%d)*", xid);
16349 + /* would this benefit from a slab cache? */
16350 + new = kmalloc(sizeof(struct vx_info), GFP_KERNEL);
16354 + memset(new, 0, sizeof(struct vx_info));
16356 + new->ptr_pc = alloc_percpu(struct _vx_info_pc);
16357 + if (!new->ptr_pc)
16360 + new->vx_id = xid;
16361 + INIT_HLIST_NODE(&new->vx_hlist);
16362 + atomic_set(&new->vx_usecnt, 0);
16363 + atomic_set(&new->vx_tasks, 0);
16364 + new->vx_parent = NULL;
16365 + new->vx_state = 0;
16366 + init_waitqueue_head(&new->vx_wait);
16368 + /* prepare reaper */
16369 + get_task_struct(init_pid_ns.child_reaper);
16370 + new->vx_reaper = init_pid_ns.child_reaper;
16371 + new->vx_badness_bias = 0;
16373 + /* rest of init goes here */
16374 + vx_info_init_limit(&new->limit);
16375 + vx_info_init_sched(&new->sched);
16376 + vx_info_init_cvirt(&new->cvirt);
16377 + vx_info_init_cacct(&new->cacct);
16379 + /* per cpu data structures */
16380 + for_each_possible_cpu(cpu) {
16381 + vx_info_init_sched_pc(
16382 + &vx_per_cpu(new, sched_pc, cpu), cpu);
16383 + vx_info_init_cvirt_pc(
16384 + &vx_per_cpu(new, cvirt_pc, cpu), cpu);
16387 + new->vx_flags = VXF_INIT_SET;
16388 + new->vx_bcaps = CAP_FULL_SET;
16389 + new->vx_ccaps = 0;
16390 + new->vx_umask = 0;
16392 + new->reboot_cmd = 0;
16393 + new->exit_code = 0;
16395 + // preconfig spaces
16396 + for (index = 0; index < VX_SPACES; index++) {
16397 + struct _vx_space *space = &new->space[index];
16400 + spin_lock(&init_fs.lock);
16402 + spin_unlock(&init_fs.lock);
16403 + space->vx_fs = &init_fs;
16405 + /* FIXME: do we want defaults? */
16406 + // space->vx_real_cred = 0;
16407 + // space->vx_cred = 0;
16411 + vxdprintk(VXD_CBIT(xid, 0),
16412 + "alloc_vx_info(%d) = %p", xid, new);
16413 + vxh_alloc_vx_info(new);
16414 + atomic_inc(&vx_global_ctotal);
16423 +/* __dealloc_vx_info()
16425 + * final disposal of vx_info */
16427 +static void __dealloc_vx_info(struct vx_info *vxi)
16429 +#ifdef CONFIG_VSERVER_WARN
16430 + struct vx_info_save vxis;
16433 + vxdprintk(VXD_CBIT(xid, 0),
16434 + "dealloc_vx_info(%p)", vxi);
16435 + vxh_dealloc_vx_info(vxi);
16437 +#ifdef CONFIG_VSERVER_WARN
16438 + enter_vx_info(vxi, &vxis);
16439 + vx_info_exit_limit(&vxi->limit);
16440 + vx_info_exit_sched(&vxi->sched);
16441 + vx_info_exit_cvirt(&vxi->cvirt);
16442 + vx_info_exit_cacct(&vxi->cacct);
16444 + for_each_possible_cpu(cpu) {
16445 + vx_info_exit_sched_pc(
16446 + &vx_per_cpu(vxi, sched_pc, cpu), cpu);
16447 + vx_info_exit_cvirt_pc(
16448 + &vx_per_cpu(vxi, cvirt_pc, cpu), cpu);
16450 + leave_vx_info(&vxis);
16454 + vxi->vx_state |= VXS_RELEASED;
16457 + free_percpu(vxi->ptr_pc);
16460 + atomic_dec(&vx_global_ctotal);
16463 +static void __shutdown_vx_info(struct vx_info *vxi)
16465 + struct nsproxy *nsproxy;
16466 + struct fs_struct *fs;
16467 + struct cred *cred;
16472 + vxi->vx_state |= VXS_SHUTDOWN;
16473 + vs_state_change(vxi, VSC_SHUTDOWN);
16475 + for (index = 0; index < VX_SPACES; index++) {
16476 + struct _vx_space *space = &vxi->space[index];
16478 + nsproxy = xchg(&space->vx_nsproxy, NULL);
16480 + put_nsproxy(nsproxy);
16482 + fs = xchg(&space->vx_fs, NULL);
16483 + spin_lock(&fs->lock);
16484 + kill = !--fs->users;
16485 + spin_unlock(&fs->lock);
16487 + free_fs_struct(fs);
16489 + cred = (struct cred *)xchg(&space->vx_cred, NULL);
16491 + abort_creds(cred);
16495 +/* exported stuff */
16497 +void free_vx_info(struct vx_info *vxi)
16499 + unsigned long flags;
16502 + /* check for reference counts first */
16503 + BUG_ON(atomic_read(&vxi->vx_usecnt));
16504 + BUG_ON(atomic_read(&vxi->vx_tasks));
16506 + /* context must not be hashed */
16507 + BUG_ON(vx_info_state(vxi, VXS_HASHED));
16509 + /* context shutdown is mandatory */
16510 + BUG_ON(!vx_info_state(vxi, VXS_SHUTDOWN));
16512 + /* spaces check */
16513 + for (index = 0; index < VX_SPACES; index++) {
16514 + struct _vx_space *space = &vxi->space[index];
16516 + BUG_ON(space->vx_nsproxy);
16517 + BUG_ON(space->vx_fs);
16518 + // BUG_ON(space->vx_real_cred);
16519 + // BUG_ON(space->vx_cred);
16522 + spin_lock_irqsave(&vx_info_inactive_lock, flags);
16523 + hlist_del(&vxi->vx_hlist);
16524 + spin_unlock_irqrestore(&vx_info_inactive_lock, flags);
16526 + __dealloc_vx_info(vxi);
16530 +/* hash table for vx_info hash */
16532 +#define VX_HASH_SIZE 13
16534 +static struct hlist_head vx_info_hash[VX_HASH_SIZE] =
16535 + { [0 ... VX_HASH_SIZE-1] = HLIST_HEAD_INIT };
16537 +static DEFINE_SPINLOCK(vx_info_hash_lock);
16540 +static inline unsigned int __hashval(xid_t xid)
16542 + return (xid % VX_HASH_SIZE);
16547 +/* __hash_vx_info()
16549 + * add the vxi to the global hash table
16550 + * requires the hash_lock to be held */
16552 +static inline void __hash_vx_info(struct vx_info *vxi)
16554 + struct hlist_head *head;
16556 + vxd_assert_lock(&vx_info_hash_lock);
16557 + vxdprintk(VXD_CBIT(xid, 4),
16558 + "__hash_vx_info: %p[#%d]", vxi, vxi->vx_id);
16559 + vxh_hash_vx_info(vxi);
16561 + /* context must not be hashed */
16562 + BUG_ON(vx_info_state(vxi, VXS_HASHED));
16564 + vxi->vx_state |= VXS_HASHED;
16565 + head = &vx_info_hash[__hashval(vxi->vx_id)];
16566 + hlist_add_head(&vxi->vx_hlist, head);
16567 + atomic_inc(&vx_global_cactive);
16570 +/* __unhash_vx_info()
16572 + * remove the vxi from the global hash table
16573 + * requires the hash_lock to be held */
16575 +static inline void __unhash_vx_info(struct vx_info *vxi)
16577 + unsigned long flags;
16579 + vxd_assert_lock(&vx_info_hash_lock);
16580 + vxdprintk(VXD_CBIT(xid, 4),
16581 + "__unhash_vx_info: %p[#%d.%d.%d]", vxi, vxi->vx_id,
16582 + atomic_read(&vxi->vx_usecnt), atomic_read(&vxi->vx_tasks));
16583 + vxh_unhash_vx_info(vxi);
16585 + /* context must be hashed */
16586 + BUG_ON(!vx_info_state(vxi, VXS_HASHED));
16587 + /* but without tasks */
16588 + BUG_ON(atomic_read(&vxi->vx_tasks));
16590 + vxi->vx_state &= ~VXS_HASHED;
16591 + hlist_del_init(&vxi->vx_hlist);
16592 + spin_lock_irqsave(&vx_info_inactive_lock, flags);
16593 + hlist_add_head(&vxi->vx_hlist, &vx_info_inactive);
16594 + spin_unlock_irqrestore(&vx_info_inactive_lock, flags);
16595 + atomic_dec(&vx_global_cactive);
16599 +/* __lookup_vx_info()
16601 + * requires the hash_lock to be held
16602 + * doesn't increment the vx_refcnt */
16604 +static inline struct vx_info *__lookup_vx_info(xid_t xid)
16606 + struct hlist_head *head = &vx_info_hash[__hashval(xid)];
16607 + struct hlist_node *pos;
16608 + struct vx_info *vxi;
16610 + vxd_assert_lock(&vx_info_hash_lock);
16611 + hlist_for_each(pos, head) {
16612 + vxi = hlist_entry(pos, struct vx_info, vx_hlist);
16614 + if (vxi->vx_id == xid)
16619 + vxdprintk(VXD_CBIT(xid, 0),
16620 + "__lookup_vx_info(#%u): %p[#%u]",
16621 + xid, vxi, vxi ? vxi->vx_id : 0);
16622 + vxh_lookup_vx_info(vxi, xid);
16627 +/* __create_vx_info()
16629 + * create the requested context
16630 + * get(), claim() and hash it */
16632 +static struct vx_info *__create_vx_info(int id)
16634 + struct vx_info *new, *vxi = NULL;
16636 + vxdprintk(VXD_CBIT(xid, 1), "create_vx_info(%d)*", id);
16638 + if (!(new = __alloc_vx_info(id)))
16639 + return ERR_PTR(-ENOMEM);
16641 + /* required to make dynamic xids unique */
16642 + spin_lock(&vx_info_hash_lock);
16644 + /* static context requested */
16645 + if ((vxi = __lookup_vx_info(id))) {
16646 + vxdprintk(VXD_CBIT(xid, 0),
16647 + "create_vx_info(%d) = %p (already there)", id, vxi);
16648 + if (vx_info_flags(vxi, VXF_STATE_SETUP, 0))
16649 + vxi = ERR_PTR(-EBUSY);
16651 + vxi = ERR_PTR(-EEXIST);
16654 + /* new context */
16655 + vxdprintk(VXD_CBIT(xid, 0),
16656 + "create_vx_info(%d) = %p (new)", id, new);
16657 + claim_vx_info(new, NULL);
16658 + __hash_vx_info(get_vx_info(new));
16659 + vxi = new, new = NULL;
16662 + spin_unlock(&vx_info_hash_lock);
16663 + vxh_create_vx_info(IS_ERR(vxi) ? NULL : vxi, id);
16665 + __dealloc_vx_info(new);
16670 +/* exported stuff */
16673 +void unhash_vx_info(struct vx_info *vxi)
16675 + spin_lock(&vx_info_hash_lock);
16676 + __unhash_vx_info(vxi);
16677 + spin_unlock(&vx_info_hash_lock);
16678 + __shutdown_vx_info(vxi);
16679 + __wakeup_vx_info(vxi);
16683 +/* lookup_vx_info()
16685 + * search for a vx_info and get() it
16686 + * negative id means current */
16688 +struct vx_info *lookup_vx_info(int id)
16690 + struct vx_info *vxi = NULL;
16693 + vxi = get_vx_info(current_vx_info());
16694 + } else if (id > 1) {
16695 + spin_lock(&vx_info_hash_lock);
16696 + vxi = get_vx_info(__lookup_vx_info(id));
16697 + spin_unlock(&vx_info_hash_lock);
16702 +/* xid_is_hashed()
16704 + * verify that xid is still hashed */
16706 +int xid_is_hashed(xid_t xid)
16710 + spin_lock(&vx_info_hash_lock);
16711 + hashed = (__lookup_vx_info(xid) != NULL);
16712 + spin_unlock(&vx_info_hash_lock);
16716 +#ifdef CONFIG_PROC_FS
16720 + * get a subset of hashed xids for proc
16721 + * assumes size is at least one */
16723 +int get_xid_list(int index, unsigned int *xids, int size)
16725 + int hindex, nr_xids = 0;
16727 + /* only show current and children */
16728 + if (!vx_check(0, VS_ADMIN | VS_WATCH)) {
16731 + xids[nr_xids] = vx_current_xid();
16735 + for (hindex = 0; hindex < VX_HASH_SIZE; hindex++) {
16736 + struct hlist_head *head = &vx_info_hash[hindex];
16737 + struct hlist_node *pos;
16739 + spin_lock(&vx_info_hash_lock);
16740 + hlist_for_each(pos, head) {
16741 + struct vx_info *vxi;
16746 + vxi = hlist_entry(pos, struct vx_info, vx_hlist);
16747 + xids[nr_xids] = vxi->vx_id;
16748 + if (++nr_xids >= size) {
16749 + spin_unlock(&vx_info_hash_lock);
16753 + /* keep the lock time short */
16754 + spin_unlock(&vx_info_hash_lock);
16761 +#ifdef CONFIG_VSERVER_DEBUG
16763 +void dump_vx_info_inactive(int level)
16765 + struct hlist_node *entry, *next;
16767 + hlist_for_each_safe(entry, next, &vx_info_inactive) {
16768 + struct vx_info *vxi =
16769 + list_entry(entry, struct vx_info, vx_hlist);
16771 + dump_vx_info(vxi, level);
16778 +int vx_migrate_user(struct task_struct *p, struct vx_info *vxi)
16780 + struct user_struct *new_user, *old_user;
16785 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
16788 + new_user = alloc_uid(vxi->vx_id, p->uid);
16792 + old_user = p->user;
16793 + if (new_user != old_user) {
16794 + atomic_inc(&new_user->processes);
16795 + atomic_dec(&old_user->processes);
16796 + p->user = new_user;
16798 + free_uid(old_user);
16804 +void vx_mask_cap_bset(struct vx_info *vxi, struct task_struct *p)
16806 + // p->cap_effective &= vxi->vx_cap_bset;
16807 + p->cap_effective =
16808 + cap_intersect(p->cap_effective, vxi->cap_bset);
16809 + // p->cap_inheritable &= vxi->vx_cap_bset;
16810 + p->cap_inheritable =
16811 + cap_intersect(p->cap_inheritable, vxi->cap_bset);
16812 + // p->cap_permitted &= vxi->vx_cap_bset;
16813 + p->cap_permitted =
16814 + cap_intersect(p->cap_permitted, vxi->cap_bset);
16819 +#include <linux/file.h>
16820 +#include <linux/fdtable.h>
16822 +static int vx_openfd_task(struct task_struct *tsk)
16824 + struct files_struct *files = tsk->files;
16825 + struct fdtable *fdt;
16826 + const unsigned long *bptr;
16827 + int count, total;
16829 + /* no rcu_read_lock() because of spin_lock() */
16830 + spin_lock(&files->file_lock);
16831 + fdt = files_fdtable(files);
16832 + bptr = fdt->open_fds->fds_bits;
16833 + count = fdt->max_fds / (sizeof(unsigned long) * 8);
16834 + for (total = 0; count > 0; count--) {
16836 + total += hweight_long(*bptr);
16839 + spin_unlock(&files->file_lock);
16844 +/* for *space compatibility */
16846 +asmlinkage long sys_unshare(unsigned long);
16849 + * migrate task to new context
16850 + * gets vxi, puts old_vxi on change
16851 + * optionally unshares namespaces (hack)
16854 +int vx_migrate_task(struct task_struct *p, struct vx_info *vxi, int unshare)
16856 + struct vx_info *old_vxi;
16862 + vxdprintk(VXD_CBIT(xid, 5),
16863 + "vx_migrate_task(%p,%p[#%d.%d])", p, vxi,
16864 + vxi->vx_id, atomic_read(&vxi->vx_usecnt));
16866 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0) &&
16867 + !vx_info_flags(vxi, VXF_STATE_SETUP, 0))
16870 + if (vx_info_state(vxi, VXS_SHUTDOWN))
16873 + old_vxi = task_get_vx_info(p);
16874 + if (old_vxi == vxi)
16877 +// if (!(ret = vx_migrate_user(p, vxi))) {
16882 + openfd = vx_openfd_task(p);
16885 + atomic_dec(&old_vxi->cvirt.nr_threads);
16886 + atomic_dec(&old_vxi->cvirt.nr_running);
16887 + __rlim_dec(&old_vxi->limit, RLIMIT_NPROC);
16888 + /* FIXME: what about the struct files here? */
16889 + __rlim_sub(&old_vxi->limit, VLIMIT_OPENFD, openfd);
16890 + /* account for the executable */
16891 + __rlim_dec(&old_vxi->limit, VLIMIT_DENTRY);
16893 + atomic_inc(&vxi->cvirt.nr_threads);
16894 + atomic_inc(&vxi->cvirt.nr_running);
16895 + __rlim_inc(&vxi->limit, RLIMIT_NPROC);
16896 + /* FIXME: what about the struct files here? */
16897 + __rlim_add(&vxi->limit, VLIMIT_OPENFD, openfd);
16898 + /* account for the executable */
16899 + __rlim_inc(&vxi->limit, VLIMIT_DENTRY);
16902 + release_vx_info(old_vxi, p);
16903 + clr_vx_info(&p->vx_info);
16905 + claim_vx_info(vxi, p);
16906 + set_vx_info(&p->vx_info, vxi);
16907 + p->xid = vxi->vx_id;
16909 + vxdprintk(VXD_CBIT(xid, 5),
16910 + "moved task %p into vxi:%p[#%d]",
16911 + p, vxi, vxi->vx_id);
16913 + // vx_mask_cap_bset(vxi, p);
16916 + /* hack for *spaces to provide compatibility */
16918 + struct nsproxy *old_nsp, *new_nsp;
16920 + ret = unshare_nsproxy_namespaces(
16921 + CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWUSER,
16926 + old_nsp = xchg(&p->nsproxy, new_nsp);
16927 + vx_set_space(vxi,
16928 + CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWUSER, 0);
16929 + put_nsproxy(old_nsp);
16933 + put_vx_info(old_vxi);
16937 +int vx_set_reaper(struct vx_info *vxi, struct task_struct *p)
16939 + struct task_struct *old_reaper;
16944 + vxdprintk(VXD_CBIT(xid, 6),
16945 + "vx_set_reaper(%p[#%d],%p[#%d,%d])",
16946 + vxi, vxi->vx_id, p, p->xid, p->pid);
16948 + old_reaper = vxi->vx_reaper;
16949 + if (old_reaper == p)
16952 + /* set new child reaper */
16953 + get_task_struct(p);
16954 + vxi->vx_reaper = p;
16955 + put_task_struct(old_reaper);
16959 +int vx_set_init(struct vx_info *vxi, struct task_struct *p)
16964 + vxdprintk(VXD_CBIT(xid, 6),
16965 + "vx_set_init(%p[#%d],%p[#%d,%d,%d])",
16966 + vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid);
16968 + vxi->vx_flags &= ~VXF_STATE_INIT;
16969 + // vxi->vx_initpid = p->tgid;
16970 + vxi->vx_initpid = p->pid;
16974 +void vx_exit_init(struct vx_info *vxi, struct task_struct *p, int code)
16976 + vxdprintk(VXD_CBIT(xid, 6),
16977 + "vx_exit_init(%p[#%d],%p[#%d,%d,%d])",
16978 + vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid);
16980 + vxi->exit_code = code;
16981 + vxi->vx_initpid = 0;
16985 +void vx_set_persistent(struct vx_info *vxi)
16987 + vxdprintk(VXD_CBIT(xid, 6),
16988 + "vx_set_persistent(%p[#%d])", vxi, vxi->vx_id);
16990 + get_vx_info(vxi);
16991 + claim_vx_info(vxi, NULL);
16994 +void vx_clear_persistent(struct vx_info *vxi)
16996 + vxdprintk(VXD_CBIT(xid, 6),
16997 + "vx_clear_persistent(%p[#%d])", vxi, vxi->vx_id);
16999 + release_vx_info(vxi, NULL);
17000 + put_vx_info(vxi);
17003 +void vx_update_persistent(struct vx_info *vxi)
17005 + if (vx_info_flags(vxi, VXF_PERSISTENT, 0))
17006 + vx_set_persistent(vxi);
17008 + vx_clear_persistent(vxi);
17012 +/* task must be current or locked */
17014 +void exit_vx_info(struct task_struct *p, int code)
17016 + struct vx_info *vxi = p->vx_info;
17019 + atomic_dec(&vxi->cvirt.nr_threads);
17022 + vxi->exit_code = code;
17023 + release_vx_info(vxi, p);
17027 +void exit_vx_info_early(struct task_struct *p, int code)
17029 + struct vx_info *vxi = p->vx_info;
17032 + if (vxi->vx_initpid == p->pid)
17033 + vx_exit_init(vxi, p, code);
17034 + if (vxi->vx_reaper == p)
17035 + vx_set_reaper(vxi, init_pid_ns.child_reaper);
17040 +/* vserver syscall commands below here */
17042 +/* taks xid and vx_info functions */
17044 +#include <asm/uaccess.h>
17047 +int vc_task_xid(uint32_t id)
17052 + struct task_struct *tsk;
17055 + tsk = find_task_by_real_pid(id);
17056 + xid = (tsk) ? tsk->xid : -ESRCH;
17057 + rcu_read_unlock();
17059 + xid = vx_current_xid();
17064 +int vc_vx_info(struct vx_info *vxi, void __user *data)
17066 + struct vcmd_vx_info_v0 vc_data;
17068 + vc_data.xid = vxi->vx_id;
17069 + vc_data.initpid = vxi->vx_initpid;
17071 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17077 +int vc_ctx_stat(struct vx_info *vxi, void __user *data)
17079 + struct vcmd_ctx_stat_v0 vc_data;
17081 + vc_data.usecnt = atomic_read(&vxi->vx_usecnt);
17082 + vc_data.tasks = atomic_read(&vxi->vx_tasks);
17084 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17090 +/* context functions */
17092 +int vc_ctx_create(uint32_t xid, void __user *data)
17094 + struct vcmd_ctx_create vc_data = { .flagword = VXF_INIT_SET };
17095 + struct vx_info *new_vxi;
17098 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
17101 + if ((xid > MAX_S_CONTEXT) || (xid < 2))
17104 + new_vxi = __create_vx_info(xid);
17105 + if (IS_ERR(new_vxi))
17106 + return PTR_ERR(new_vxi);
17108 + /* initial flags */
17109 + new_vxi->vx_flags = vc_data.flagword;
17112 + if (vs_state_change(new_vxi, VSC_STARTUP))
17115 + ret = vx_migrate_task(current, new_vxi, (!data));
17119 + /* return context id on success */
17120 + ret = new_vxi->vx_id;
17122 + /* get a reference for persistent contexts */
17123 + if ((vc_data.flagword & VXF_PERSISTENT))
17124 + vx_set_persistent(new_vxi);
17126 + release_vx_info(new_vxi, NULL);
17127 + put_vx_info(new_vxi);
17132 +int vc_ctx_migrate(struct vx_info *vxi, void __user *data)
17134 + struct vcmd_ctx_migrate vc_data = { .flagword = 0 };
17137 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
17140 + ret = vx_migrate_task(current, vxi, 0);
17143 + if (vc_data.flagword & VXM_SET_INIT)
17144 + ret = vx_set_init(vxi, current);
17147 + if (vc_data.flagword & VXM_SET_REAPER)
17148 + ret = vx_set_reaper(vxi, current);
17153 +int vc_get_cflags(struct vx_info *vxi, void __user *data)
17155 + struct vcmd_ctx_flags_v0 vc_data;
17157 + vc_data.flagword = vxi->vx_flags;
17159 + /* special STATE flag handling */
17160 + vc_data.mask = vs_mask_flags(~0ULL, vxi->vx_flags, VXF_ONE_TIME);
17162 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17167 +int vc_set_cflags(struct vx_info *vxi, void __user *data)
17169 + struct vcmd_ctx_flags_v0 vc_data;
17170 + uint64_t mask, trigger;
17172 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17175 + /* special STATE flag handling */
17176 + mask = vs_mask_mask(vc_data.mask, vxi->vx_flags, VXF_ONE_TIME);
17177 + trigger = (mask & vxi->vx_flags) ^ (mask & vc_data.flagword);
17179 + if (vxi == current_vx_info()) {
17180 + /* if (trigger & VXF_STATE_SETUP)
17181 + vx_mask_cap_bset(vxi, current); */
17182 + if (trigger & VXF_STATE_INIT) {
17185 + ret = vx_set_init(vxi, current);
17188 + ret = vx_set_reaper(vxi, current);
17194 + vxi->vx_flags = vs_mask_flags(vxi->vx_flags,
17195 + vc_data.flagword, mask);
17196 + if (trigger & VXF_PERSISTENT)
17197 + vx_update_persistent(vxi);
17203 +static inline uint64_t caps_from_cap_t(kernel_cap_t c)
17205 + uint64_t v = c.cap[0] | ((uint64_t)c.cap[1] << 32);
17207 + // printk("caps_from_cap_t(%08x:%08x) = %016llx\n", c.cap[1], c.cap[0], v);
17211 +static inline kernel_cap_t cap_t_from_caps(uint64_t v)
17213 + kernel_cap_t c = __cap_empty_set;
17215 + c.cap[0] = v & 0xFFFFFFFF;
17216 + c.cap[1] = (v >> 32) & 0xFFFFFFFF;
17218 + // printk("cap_t_from_caps(%016llx) = %08x:%08x\n", v, c.cap[1], c.cap[0]);
17223 +static int do_get_caps(struct vx_info *vxi, uint64_t *bcaps, uint64_t *ccaps)
17226 + *bcaps = caps_from_cap_t(vxi->vx_bcaps);
17228 + *ccaps = vxi->vx_ccaps;
17233 +int vc_get_ccaps(struct vx_info *vxi, void __user *data)
17235 + struct vcmd_ctx_caps_v1 vc_data;
17238 + ret = do_get_caps(vxi, NULL, &vc_data.ccaps);
17241 + vc_data.cmask = ~0ULL;
17243 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17248 +static int do_set_caps(struct vx_info *vxi,
17249 + uint64_t bcaps, uint64_t bmask, uint64_t ccaps, uint64_t cmask)
17251 + uint64_t bcold = caps_from_cap_t(vxi->vx_bcaps);
17254 + printk("do_set_caps(%16llx, %16llx, %16llx, %16llx)\n",
17255 + bcaps, bmask, ccaps, cmask);
17257 + vxi->vx_bcaps = cap_t_from_caps(
17258 + vs_mask_flags(bcold, bcaps, bmask));
17259 + vxi->vx_ccaps = vs_mask_flags(vxi->vx_ccaps, ccaps, cmask);
17264 +int vc_set_ccaps(struct vx_info *vxi, void __user *data)
17266 + struct vcmd_ctx_caps_v1 vc_data;
17268 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17271 + return do_set_caps(vxi, 0, 0, vc_data.ccaps, vc_data.cmask);
17274 +int vc_get_bcaps(struct vx_info *vxi, void __user *data)
17276 + struct vcmd_bcaps vc_data;
17279 + ret = do_get_caps(vxi, &vc_data.bcaps, NULL);
17282 + vc_data.bmask = ~0ULL;
17284 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17289 +int vc_set_bcaps(struct vx_info *vxi, void __user *data)
17291 + struct vcmd_bcaps vc_data;
17293 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17296 + return do_set_caps(vxi, vc_data.bcaps, vc_data.bmask, 0, 0);
17300 +int vc_get_umask(struct vx_info *vxi, void __user *data)
17302 + struct vcmd_umask vc_data;
17304 + vc_data.umask = vxi->vx_umask;
17305 + vc_data.mask = ~0ULL;
17307 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17312 +int vc_set_umask(struct vx_info *vxi, void __user *data)
17314 + struct vcmd_umask vc_data;
17316 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17319 + vxi->vx_umask = vs_mask_flags(vxi->vx_umask,
17320 + vc_data.umask, vc_data.mask);
17325 +int vc_get_badness(struct vx_info *vxi, void __user *data)
17327 + struct vcmd_badness_v0 vc_data;
17329 + vc_data.bias = vxi->vx_badness_bias;
17331 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17336 +int vc_set_badness(struct vx_info *vxi, void __user *data)
17338 + struct vcmd_badness_v0 vc_data;
17340 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17343 + vxi->vx_badness_bias = vc_data.bias;
17347 +#include <linux/module.h>
17349 +EXPORT_SYMBOL_GPL(free_vx_info);
17351 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/cvirt.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cvirt.c
17352 --- linux-3.0-rc5/kernel/vserver/cvirt.c 1970-01-01 01:00:00.000000000 +0100
17353 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cvirt.c 2011-06-13 14:57:26.000000000 +0200
17356 + * linux/kernel/vserver/cvirt.c
17358 + * Virtual Server: Context Virtualization
17360 + * Copyright (C) 2004-2007 Herbert Pötzl
17362 + * V0.01 broken out from limit.c
17363 + * V0.02 added utsname stuff
17364 + * V0.03 changed vcmds to vxi arg
17368 +#include <linux/types.h>
17369 +#include <linux/utsname.h>
17370 +#include <linux/vs_cvirt.h>
17371 +#include <linux/vserver/switch.h>
17372 +#include <linux/vserver/cvirt_cmd.h>
17374 +#include <asm/uaccess.h>
17377 +void vx_vsi_uptime(struct timespec *uptime, struct timespec *idle)
17379 + struct vx_info *vxi = current_vx_info();
17381 + set_normalized_timespec(uptime,
17382 + uptime->tv_sec - vxi->cvirt.bias_uptime.tv_sec,
17383 + uptime->tv_nsec - vxi->cvirt.bias_uptime.tv_nsec);
17386 + set_normalized_timespec(idle,
17387 + idle->tv_sec - vxi->cvirt.bias_idle.tv_sec,
17388 + idle->tv_nsec - vxi->cvirt.bias_idle.tv_nsec);
17392 +uint64_t vx_idle_jiffies(void)
17394 + return init_task.utime + init_task.stime;
17399 +static inline uint32_t __update_loadavg(uint32_t load,
17400 + int wsize, int delta, int n)
17402 + unsigned long long calc, prev;
17404 + /* just set it to n */
17405 + if (unlikely(delta >= wsize))
17406 + return (n << FSHIFT);
17408 + calc = delta * n;
17410 + prev = (wsize - delta);
17413 + do_div(calc, wsize);
17418 +void vx_update_load(struct vx_info *vxi)
17420 + uint32_t now, last, delta;
17421 + unsigned int nr_running, nr_uninterruptible;
17422 + unsigned int total;
17423 + unsigned long flags;
17425 + spin_lock_irqsave(&vxi->cvirt.load_lock, flags);
17428 + last = vxi->cvirt.load_last;
17429 + delta = now - last;
17431 + if (delta < 5*HZ)
17434 + nr_running = atomic_read(&vxi->cvirt.nr_running);
17435 + nr_uninterruptible = atomic_read(&vxi->cvirt.nr_uninterruptible);
17436 + total = nr_running + nr_uninterruptible;
17438 + vxi->cvirt.load[0] = __update_loadavg(vxi->cvirt.load[0],
17439 + 60*HZ, delta, total);
17440 + vxi->cvirt.load[1] = __update_loadavg(vxi->cvirt.load[1],
17441 + 5*60*HZ, delta, total);
17442 + vxi->cvirt.load[2] = __update_loadavg(vxi->cvirt.load[2],
17443 + 15*60*HZ, delta, total);
17445 + vxi->cvirt.load_last = now;
17447 + atomic_inc(&vxi->cvirt.load_updates);
17448 + spin_unlock_irqrestore(&vxi->cvirt.load_lock, flags);
17453 + * Commands to do_syslog:
17455 + * 0 -- Close the log. Currently a NOP.
17456 + * 1 -- Open the log. Currently a NOP.
17457 + * 2 -- Read from the log.
17458 + * 3 -- Read all messages remaining in the ring buffer.
17459 + * 4 -- Read and clear all messages remaining in the ring buffer
17460 + * 5 -- Clear ring buffer.
17461 + * 6 -- Disable printk's to console
17462 + * 7 -- Enable printk's to console
17463 + * 8 -- Set level of messages printed to console
17464 + * 9 -- Return number of unread characters in the log buffer
17465 + * 10 -- Return size of the log buffer
17467 +int vx_do_syslog(int type, char __user *buf, int len)
17470 + int do_clear = 0;
17471 + struct vx_info *vxi = current_vx_info();
17472 + struct _vx_syslog *log;
17476 + log = &vxi->cvirt.syslog;
17479 + case 0: /* Close log */
17480 + case 1: /* Open log */
17482 + case 2: /* Read from log */
17483 + error = wait_event_interruptible(log->log_wait,
17484 + (log->log_start - log->log_end));
17487 + spin_lock_irq(&log->logbuf_lock);
17488 + spin_unlock_irq(&log->logbuf_lock);
17490 + case 4: /* Read/clear last kernel messages */
17492 + /* fall through */
17493 + case 3: /* Read last kernel messages */
17496 + case 5: /* Clear ring buffer */
17499 + case 6: /* Disable logging to console */
17500 + case 7: /* Enable logging to console */
17501 + case 8: /* Set level of messages printed to console */
17504 + case 9: /* Number of chars in the log buffer */
17506 + case 10: /* Size of the log buffer */
17516 +/* virtual host info names */
17518 +static char *vx_vhi_name(struct vx_info *vxi, int id)
17520 + struct nsproxy *nsproxy;
17521 + struct uts_namespace *uts;
17523 + if (id == VHIN_CONTEXT)
17524 + return vxi->vx_name;
17526 + nsproxy = vxi->space[0].vx_nsproxy;
17530 + uts = nsproxy->uts_ns;
17535 + case VHIN_SYSNAME:
17536 + return uts->name.sysname;
17537 + case VHIN_NODENAME:
17538 + return uts->name.nodename;
17539 + case VHIN_RELEASE:
17540 + return uts->name.release;
17541 + case VHIN_VERSION:
17542 + return uts->name.version;
17543 + case VHIN_MACHINE:
17544 + return uts->name.machine;
17545 + case VHIN_DOMAINNAME:
17546 + return uts->name.domainname;
17553 +int vc_set_vhi_name(struct vx_info *vxi, void __user *data)
17555 + struct vcmd_vhi_name_v0 vc_data;
17558 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17561 + name = vx_vhi_name(vxi, vc_data.field);
17565 + memcpy(name, vc_data.name, 65);
17569 +int vc_get_vhi_name(struct vx_info *vxi, void __user *data)
17571 + struct vcmd_vhi_name_v0 vc_data;
17574 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
17577 + name = vx_vhi_name(vxi, vc_data.field);
17581 + memcpy(vc_data.name, name, 65);
17582 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17588 +int vc_virt_stat(struct vx_info *vxi, void __user *data)
17590 + struct vcmd_virt_stat_v0 vc_data;
17591 + struct _vx_cvirt *cvirt = &vxi->cvirt;
17592 + struct timespec uptime;
17594 + do_posix_clock_monotonic_gettime(&uptime);
17595 + set_normalized_timespec(&uptime,
17596 + uptime.tv_sec - cvirt->bias_uptime.tv_sec,
17597 + uptime.tv_nsec - cvirt->bias_uptime.tv_nsec);
17599 + vc_data.offset = timespec_to_ns(&cvirt->bias_ts);
17600 + vc_data.uptime = timespec_to_ns(&uptime);
17601 + vc_data.nr_threads = atomic_read(&cvirt->nr_threads);
17602 + vc_data.nr_running = atomic_read(&cvirt->nr_running);
17603 + vc_data.nr_uninterruptible = atomic_read(&cvirt->nr_uninterruptible);
17604 + vc_data.nr_onhold = atomic_read(&cvirt->nr_onhold);
17605 + vc_data.nr_forks = atomic_read(&cvirt->total_forks);
17606 + vc_data.load[0] = cvirt->load[0];
17607 + vc_data.load[1] = cvirt->load[1];
17608 + vc_data.load[2] = cvirt->load[2];
17610 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
17616 +#ifdef CONFIG_VSERVER_VTIME
17618 +/* virtualized time base */
17620 +void vx_adjust_timespec(struct timespec *ts)
17622 + struct vx_info *vxi;
17624 + if (!vx_flags(VXF_VIRT_TIME, 0))
17627 + vxi = current_vx_info();
17628 + ts->tv_sec += vxi->cvirt.bias_ts.tv_sec;
17629 + ts->tv_nsec += vxi->cvirt.bias_ts.tv_nsec;
17631 + if (ts->tv_nsec >= NSEC_PER_SEC) {
17633 + ts->tv_nsec -= NSEC_PER_SEC;
17634 + } else if (ts->tv_nsec < 0) {
17636 + ts->tv_nsec += NSEC_PER_SEC;
17640 +int vx_settimeofday(const struct timespec *ts)
17642 + struct timespec ats, delta;
17643 + struct vx_info *vxi;
17645 + if (!vx_flags(VXF_VIRT_TIME, 0))
17646 + return do_settimeofday(ts);
17648 + getnstimeofday(&ats);
17649 + delta = timespec_sub(*ts, ats);
17651 + vxi = current_vx_info();
17652 + vxi->cvirt.bias_ts = timespec_add(vxi->cvirt.bias_ts, delta);
17658 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/cvirt_init.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cvirt_init.h
17659 --- linux-3.0-rc5/kernel/vserver/cvirt_init.h 1970-01-01 01:00:00.000000000 +0100
17660 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cvirt_init.h 2011-06-10 22:11:24.000000000 +0200
17664 +extern uint64_t vx_idle_jiffies(void);
17666 +static inline void vx_info_init_cvirt(struct _vx_cvirt *cvirt)
17668 + uint64_t idle_jiffies = vx_idle_jiffies();
17669 + uint64_t nsuptime;
17671 + do_posix_clock_monotonic_gettime(&cvirt->bias_uptime);
17672 + nsuptime = (unsigned long long)cvirt->bias_uptime.tv_sec
17673 + * NSEC_PER_SEC + cvirt->bias_uptime.tv_nsec;
17674 + cvirt->bias_clock = nsec_to_clock_t(nsuptime);
17675 + cvirt->bias_ts.tv_sec = 0;
17676 + cvirt->bias_ts.tv_nsec = 0;
17678 + jiffies_to_timespec(idle_jiffies, &cvirt->bias_idle);
17679 + atomic_set(&cvirt->nr_threads, 0);
17680 + atomic_set(&cvirt->nr_running, 0);
17681 + atomic_set(&cvirt->nr_uninterruptible, 0);
17682 + atomic_set(&cvirt->nr_onhold, 0);
17684 + spin_lock_init(&cvirt->load_lock);
17685 + cvirt->load_last = jiffies;
17686 + atomic_set(&cvirt->load_updates, 0);
17687 + cvirt->load[0] = 0;
17688 + cvirt->load[1] = 0;
17689 + cvirt->load[2] = 0;
17690 + atomic_set(&cvirt->total_forks, 0);
17692 + spin_lock_init(&cvirt->syslog.logbuf_lock);
17693 + init_waitqueue_head(&cvirt->syslog.log_wait);
17694 + cvirt->syslog.log_start = 0;
17695 + cvirt->syslog.log_end = 0;
17696 + cvirt->syslog.con_start = 0;
17697 + cvirt->syslog.logged_chars = 0;
17701 +void vx_info_init_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc, int cpu)
17703 + // cvirt_pc->cpustat = { 0 };
17706 +static inline void vx_info_exit_cvirt(struct _vx_cvirt *cvirt)
17708 +#ifdef CONFIG_VSERVER_WARN
17711 + vxwprintk_xid((value = atomic_read(&cvirt->nr_threads)),
17712 + "!!! cvirt: %p[nr_threads] = %d on exit.",
17714 + vxwprintk_xid((value = atomic_read(&cvirt->nr_running)),
17715 + "!!! cvirt: %p[nr_running] = %d on exit.",
17717 + vxwprintk_xid((value = atomic_read(&cvirt->nr_uninterruptible)),
17718 + "!!! cvirt: %p[nr_uninterruptible] = %d on exit.",
17720 + vxwprintk_xid((value = atomic_read(&cvirt->nr_onhold)),
17721 + "!!! cvirt: %p[nr_onhold] = %d on exit.",
17727 +void vx_info_exit_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc, int cpu)
17732 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/cvirt_proc.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cvirt_proc.h
17733 --- linux-3.0-rc5/kernel/vserver/cvirt_proc.h 1970-01-01 01:00:00.000000000 +0100
17734 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/cvirt_proc.h 2011-06-10 22:11:24.000000000 +0200
17736 +#ifndef _VX_CVIRT_PROC_H
17737 +#define _VX_CVIRT_PROC_H
17739 +#include <linux/nsproxy.h>
17740 +#include <linux/mnt_namespace.h>
17741 +#include <linux/ipc_namespace.h>
17742 +#include <linux/utsname.h>
17743 +#include <linux/ipc.h>
17747 +int vx_info_proc_nsproxy(struct nsproxy *nsproxy, char *buffer)
17749 + struct mnt_namespace *ns;
17750 + struct uts_namespace *uts;
17751 + struct ipc_namespace *ipc;
17752 + struct path path;
17753 + char *pstr, *root;
17759 + length += sprintf(buffer + length,
17760 + "NSProxy:\t%p [%p,%p,%p]\n",
17761 + nsproxy, nsproxy->mnt_ns,
17762 + nsproxy->uts_ns, nsproxy->ipc_ns);
17764 + ns = nsproxy->mnt_ns;
17768 + pstr = kmalloc(PATH_MAX, GFP_KERNEL);
17772 + path.mnt = ns->root;
17773 + path.dentry = ns->root->mnt_root;
17774 + root = d_path(&path, pstr, PATH_MAX - 2);
17775 + length += sprintf(buffer + length,
17776 + "Namespace:\t%p [#%u]\n"
17777 + "RootPath:\t%s\n",
17778 + ns, atomic_read(&ns->count),
17783 + uts = nsproxy->uts_ns;
17787 + length += sprintf(buffer + length,
17788 + "SysName:\t%.*s\n"
17789 + "NodeName:\t%.*s\n"
17790 + "Release:\t%.*s\n"
17791 + "Version:\t%.*s\n"
17792 + "Machine:\t%.*s\n"
17793 + "DomainName:\t%.*s\n",
17794 + __NEW_UTS_LEN, uts->name.sysname,
17795 + __NEW_UTS_LEN, uts->name.nodename,
17796 + __NEW_UTS_LEN, uts->name.release,
17797 + __NEW_UTS_LEN, uts->name.version,
17798 + __NEW_UTS_LEN, uts->name.machine,
17799 + __NEW_UTS_LEN, uts->name.domainname);
17802 + ipc = nsproxy->ipc_ns;
17806 + length += sprintf(buffer + length,
17807 + "SEMS:\t\t%d %d %d %d %d\n"
17808 + "MSG:\t\t%d %d %d\n"
17809 + "SHM:\t\t%lu %lu %d %d\n",
17810 + ipc->sem_ctls[0], ipc->sem_ctls[1],
17811 + ipc->sem_ctls[2], ipc->sem_ctls[3],
17813 + ipc->msg_ctlmax, ipc->msg_ctlmnb, ipc->msg_ctlmni,
17814 + (unsigned long)ipc->shm_ctlmax,
17815 + (unsigned long)ipc->shm_ctlall,
17816 + ipc->shm_ctlmni, ipc->shm_tot);
17823 +#include <linux/sched.h>
17825 +#define LOAD_INT(x) ((x) >> FSHIFT)
17826 +#define LOAD_FRAC(x) LOAD_INT(((x) & (FIXED_1 - 1)) * 100)
17829 +int vx_info_proc_cvirt(struct _vx_cvirt *cvirt, char *buffer)
17834 + length += sprintf(buffer + length,
17835 + "BiasUptime:\t%lu.%02lu\n",
17836 + (unsigned long)cvirt->bias_uptime.tv_sec,
17837 + (cvirt->bias_uptime.tv_nsec / (NSEC_PER_SEC / 100)));
17839 + a = cvirt->load[0] + (FIXED_1 / 200);
17840 + b = cvirt->load[1] + (FIXED_1 / 200);
17841 + c = cvirt->load[2] + (FIXED_1 / 200);
17842 + length += sprintf(buffer + length,
17843 + "nr_threads:\t%d\n"
17844 + "nr_running:\t%d\n"
17845 + "nr_unintr:\t%d\n"
17846 + "nr_onhold:\t%d\n"
17847 + "load_updates:\t%d\n"
17848 + "loadavg:\t%d.%02d %d.%02d %d.%02d\n"
17849 + "total_forks:\t%d\n",
17850 + atomic_read(&cvirt->nr_threads),
17851 + atomic_read(&cvirt->nr_running),
17852 + atomic_read(&cvirt->nr_uninterruptible),
17853 + atomic_read(&cvirt->nr_onhold),
17854 + atomic_read(&cvirt->load_updates),
17855 + LOAD_INT(a), LOAD_FRAC(a),
17856 + LOAD_INT(b), LOAD_FRAC(b),
17857 + LOAD_INT(c), LOAD_FRAC(c),
17858 + atomic_read(&cvirt->total_forks));
17863 +int vx_info_proc_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc,
17864 + char *buffer, int cpu)
17870 +#endif /* _VX_CVIRT_PROC_H */
17871 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/debug.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/debug.c
17872 --- linux-3.0-rc5/kernel/vserver/debug.c 1970-01-01 01:00:00.000000000 +0100
17873 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/debug.c 2011-06-10 22:11:24.000000000 +0200
17876 + * kernel/vserver/debug.c
17878 + * Copyright (C) 2005-2007 Herbert Pötzl
17880 + * V0.01 vx_info dump support
17884 +#include <linux/module.h>
17886 +#include <linux/vserver/context.h>
17889 +void dump_vx_info(struct vx_info *vxi, int level)
17891 + printk("vx_info %p[#%d, %d.%d, %4x]\n", vxi, vxi->vx_id,
17892 + atomic_read(&vxi->vx_usecnt),
17893 + atomic_read(&vxi->vx_tasks),
17896 + __dump_vx_limit(&vxi->limit);
17897 + __dump_vx_sched(&vxi->sched);
17898 + __dump_vx_cvirt(&vxi->cvirt);
17899 + __dump_vx_cacct(&vxi->cacct);
17905 +EXPORT_SYMBOL_GPL(dump_vx_info);
17907 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/device.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/device.c
17908 --- linux-3.0-rc5/kernel/vserver/device.c 1970-01-01 01:00:00.000000000 +0100
17909 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/device.c 2011-06-10 23:20:56.000000000 +0200
17912 + * linux/kernel/vserver/device.c
17914 + * Linux-VServer: Device Support
17916 + * Copyright (C) 2006 Herbert Pötzl
17917 + * Copyright (C) 2007 Daniel Hokka Zakrisson
17919 + * V0.01 device mapping basics
17920 + * V0.02 added defaults
17924 +#include <linux/slab.h>
17925 +#include <linux/rcupdate.h>
17926 +#include <linux/fs.h>
17927 +#include <linux/namei.h>
17928 +#include <linux/hash.h>
17930 +#include <asm/errno.h>
17931 +#include <asm/uaccess.h>
17932 +#include <linux/vserver/base.h>
17933 +#include <linux/vserver/debug.h>
17934 +#include <linux/vserver/context.h>
17935 +#include <linux/vserver/device.h>
17936 +#include <linux/vserver/device_cmd.h>
17939 +#define DMAP_HASH_BITS 4
17942 +struct vs_mapping {
17944 + struct hlist_node hlist;
17945 + struct list_head list;
17947 +#define dm_hlist u.hlist
17948 +#define dm_list u.list
17951 + struct vx_dmap_target target;
17955 +static struct hlist_head dmap_main_hash[1 << DMAP_HASH_BITS];
17957 +static DEFINE_SPINLOCK(dmap_main_hash_lock);
17959 +static struct vx_dmap_target dmap_defaults[2] = {
17960 + { .flags = DATTR_OPEN },
17961 + { .flags = DATTR_OPEN },
17965 +struct kmem_cache *dmap_cachep __read_mostly;
17967 +int __init dmap_cache_init(void)
17969 + dmap_cachep = kmem_cache_create("dmap_cache",
17970 + sizeof(struct vs_mapping), 0,
17971 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
17975 +__initcall(dmap_cache_init);
17978 +static inline unsigned int __hashval(dev_t dev, int bits)
17980 + return hash_long((unsigned long)dev, bits);
17984 +/* __hash_mapping()
17985 + * add the mapping to the hash table
17987 +static inline void __hash_mapping(struct vx_info *vxi, struct vs_mapping *vdm)
17989 + spinlock_t *hash_lock = &dmap_main_hash_lock;
17990 + struct hlist_head *head, *hash = dmap_main_hash;
17991 + int device = vdm->device;
17993 + spin_lock(hash_lock);
17994 + vxdprintk(VXD_CBIT(misc, 8), "__hash_mapping: %p[#%d] %08x:%08x",
17995 + vxi, vxi ? vxi->vx_id : 0, device, vdm->target.target);
17997 + head = &hash[__hashval(device, DMAP_HASH_BITS)];
17998 + hlist_add_head(&vdm->dm_hlist, head);
17999 + spin_unlock(hash_lock);
18003 +static inline int __mode_to_default(umode_t mode)
18016 +/* __set_default()
18019 +static inline void __set_default(struct vx_info *vxi, umode_t mode,
18020 + struct vx_dmap_target *vdmt)
18022 + spinlock_t *hash_lock = &dmap_main_hash_lock;
18023 + spin_lock(hash_lock);
18026 + vxi->dmap.targets[__mode_to_default(mode)] = *vdmt;
18028 + dmap_defaults[__mode_to_default(mode)] = *vdmt;
18031 + spin_unlock(hash_lock);
18033 + vxdprintk(VXD_CBIT(misc, 8), "__set_default: %p[#%u] %08x %04x",
18034 + vxi, vxi ? vxi->vx_id : 0, vdmt->target, vdmt->flags);
18038 +/* __remove_default()
18039 + * remove a default
18041 +static inline int __remove_default(struct vx_info *vxi, umode_t mode)
18043 + spinlock_t *hash_lock = &dmap_main_hash_lock;
18044 + spin_lock(hash_lock);
18047 + vxi->dmap.targets[__mode_to_default(mode)].flags = 0;
18048 + else /* remove == reset */
18049 + dmap_defaults[__mode_to_default(mode)].flags = DATTR_OPEN | mode;
18051 + spin_unlock(hash_lock);
18056 +/* __find_mapping()
18057 + * find a mapping in the hash table
18059 + * caller must hold hash_lock
18061 +static inline int __find_mapping(xid_t xid, dev_t device, umode_t mode,
18062 + struct vs_mapping **local, struct vs_mapping **global)
18064 + struct hlist_head *hash = dmap_main_hash;
18065 + struct hlist_head *head = &hash[__hashval(device, DMAP_HASH_BITS)];
18066 + struct hlist_node *pos;
18067 + struct vs_mapping *vdm;
18073 + hlist_for_each(pos, head) {
18074 + vdm = hlist_entry(pos, struct vs_mapping, dm_hlist);
18076 + if ((vdm->device == device) &&
18077 + !((vdm->target.flags ^ mode) & S_IFMT)) {
18078 + if (vdm->xid == xid) {
18081 + } else if (global && vdm->xid == 0)
18086 + if (global && *global)
18093 +/* __lookup_mapping()
18094 + * find a mapping and store the result in target and flags
18096 +static inline int __lookup_mapping(struct vx_info *vxi,
18097 + dev_t device, dev_t *target, int *flags, umode_t mode)
18099 + spinlock_t *hash_lock = &dmap_main_hash_lock;
18100 + struct vs_mapping *vdm, *global;
18101 + struct vx_dmap_target *vdmt;
18103 + xid_t xid = vxi->vx_id;
18106 + spin_lock(hash_lock);
18107 + if (__find_mapping(xid, device, mode, &vdm, &global) > 0) {
18109 + vdmt = &vdm->target;
18113 + index = __mode_to_default(mode);
18114 + if (vxi && vxi->dmap.targets[index].flags) {
18116 + vdmt = &vxi->dmap.targets[index];
18117 + } else if (global) {
18119 + vdmt = &global->target;
18123 + vdmt = &dmap_defaults[index];
18127 + if (target && (vdmt->flags & DATTR_REMAP))
18128 + *target = vdmt->target;
18130 + *target = device;
18132 + *flags = vdmt->flags;
18134 + spin_unlock(hash_lock);
18140 +/* __remove_mapping()
18141 + * remove a mapping from the hash table
18143 +static inline int __remove_mapping(struct vx_info *vxi, dev_t device,
18146 + spinlock_t *hash_lock = &dmap_main_hash_lock;
18147 + struct vs_mapping *vdm = NULL;
18150 + spin_lock(hash_lock);
18152 + ret = __find_mapping((vxi ? vxi->vx_id : 0), device, mode, &vdm,
18154 + vxdprintk(VXD_CBIT(misc, 8), "__remove_mapping: %p[#%d] %08x %04x",
18155 + vxi, vxi ? vxi->vx_id : 0, device, mode);
18158 + hlist_del(&vdm->dm_hlist);
18161 + spin_unlock(hash_lock);
18163 + kmem_cache_free(dmap_cachep, vdm);
18169 +int vs_map_device(struct vx_info *vxi,
18170 + dev_t device, dev_t *target, umode_t mode)
18172 + int ret, flags = DATTR_MASK;
18176 + *target = device;
18179 + ret = __lookup_mapping(vxi, device, target, &flags, mode);
18180 + vxdprintk(VXD_CBIT(misc, 8), "vs_map_device: %08x target: %08x flags: %04x mode: %04x mapped=%d",
18181 + device, target ? *target : 0, flags, mode, ret);
18183 + return (flags & DATTR_MASK);
18188 +static int do_set_mapping(struct vx_info *vxi,
18189 + dev_t device, dev_t target, int flags, umode_t mode)
18192 + struct vs_mapping *new;
18194 + new = kmem_cache_alloc(dmap_cachep, GFP_KERNEL);
18198 + INIT_HLIST_NODE(&new->dm_hlist);
18199 + new->device = device;
18200 + new->target.target = target;
18201 + new->target.flags = flags | mode;
18202 + new->xid = (vxi ? vxi->vx_id : 0);
18204 + vxdprintk(VXD_CBIT(misc, 8), "do_set_mapping: %08x target: %08x flags: %04x", device, target, flags);
18205 + __hash_mapping(vxi, new);
18207 + struct vx_dmap_target new = {
18208 + .target = target,
18209 + .flags = flags | mode,
18211 + __set_default(vxi, mode, &new);
18217 +static int do_unset_mapping(struct vx_info *vxi,
18218 + dev_t device, dev_t target, int flags, umode_t mode)
18220 + int ret = -EINVAL;
18223 + ret = __remove_mapping(vxi, device, mode);
18227 + ret = __remove_default(vxi, mode);
18237 +static inline int __user_device(const char __user *name, dev_t *dev,
18240 + struct nameidata nd;
18247 + ret = user_lpath(name, &nd.path);
18250 + if (nd.path.dentry->d_inode) {
18251 + *dev = nd.path.dentry->d_inode->i_rdev;
18252 + *mode = nd.path.dentry->d_inode->i_mode;
18254 + path_put(&nd.path);
18258 +static inline int __mapping_mode(dev_t device, dev_t target,
18259 + umode_t device_mode, umode_t target_mode, umode_t *mode)
18262 + *mode = device_mode & S_IFMT;
18264 + *mode = target_mode & S_IFMT;
18268 + /* if both given, device and target mode have to match */
18269 + if (device && target &&
18270 + ((device_mode ^ target_mode) & S_IFMT))
18276 +static inline int do_mapping(struct vx_info *vxi, const char __user *device_path,
18277 + const char __user *target_path, int flags, int set)
18279 + dev_t device = ~0, target = ~0;
18280 + umode_t device_mode = 0, target_mode = 0, mode;
18283 + ret = __user_device(device_path, &device, &device_mode);
18286 + ret = __user_device(target_path, &target, &target_mode);
18290 + ret = __mapping_mode(device, target,
18291 + device_mode, target_mode, &mode);
18296 + return do_set_mapping(vxi, device, target,
18299 + return do_unset_mapping(vxi, device, target,
18304 +int vc_set_mapping(struct vx_info *vxi, void __user *data)
18306 + struct vcmd_set_mapping_v0 vc_data;
18308 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18311 + return do_mapping(vxi, vc_data.device, vc_data.target,
18312 + vc_data.flags, 1);
18315 +int vc_unset_mapping(struct vx_info *vxi, void __user *data)
18317 + struct vcmd_set_mapping_v0 vc_data;
18319 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18322 + return do_mapping(vxi, vc_data.device, vc_data.target,
18323 + vc_data.flags, 0);
18327 +#ifdef CONFIG_COMPAT
18329 +int vc_set_mapping_x32(struct vx_info *vxi, void __user *data)
18331 + struct vcmd_set_mapping_v0_x32 vc_data;
18333 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18336 + return do_mapping(vxi, compat_ptr(vc_data.device_ptr),
18337 + compat_ptr(vc_data.target_ptr), vc_data.flags, 1);
18340 +int vc_unset_mapping_x32(struct vx_info *vxi, void __user *data)
18342 + struct vcmd_set_mapping_v0_x32 vc_data;
18344 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18347 + return do_mapping(vxi, compat_ptr(vc_data.device_ptr),
18348 + compat_ptr(vc_data.target_ptr), vc_data.flags, 0);
18351 +#endif /* CONFIG_COMPAT */
18354 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/dlimit.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/dlimit.c
18355 --- linux-3.0-rc5/kernel/vserver/dlimit.c 1970-01-01 01:00:00.000000000 +0100
18356 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/dlimit.c 2011-06-10 23:20:56.000000000 +0200
18359 + * linux/kernel/vserver/dlimit.c
18361 + * Virtual Server: Context Disk Limits
18363 + * Copyright (C) 2004-2009 Herbert Pötzl
18365 + * V0.01 initial version
18366 + * V0.02 compat32 splitup
18367 + * V0.03 extended interface
18371 +#include <linux/statfs.h>
18372 +#include <linux/sched.h>
18373 +#include <linux/namei.h>
18374 +#include <linux/vs_tag.h>
18375 +#include <linux/vs_dlimit.h>
18376 +#include <linux/vserver/dlimit_cmd.h>
18377 +#include <linux/slab.h>
18378 +// #include <linux/gfp.h>
18380 +#include <asm/uaccess.h>
18382 +/* __alloc_dl_info()
18384 + * allocate an initialized dl_info struct
18385 + * doesn't make it visible (hash) */
18387 +static struct dl_info *__alloc_dl_info(struct super_block *sb, tag_t tag)
18389 + struct dl_info *new = NULL;
18391 + vxdprintk(VXD_CBIT(dlim, 5),
18392 + "alloc_dl_info(%p,%d)*", sb, tag);
18394 + /* would this benefit from a slab cache? */
18395 + new = kmalloc(sizeof(struct dl_info), GFP_KERNEL);
18399 + memset(new, 0, sizeof(struct dl_info));
18400 + new->dl_tag = tag;
18402 + // INIT_RCU_HEAD(&new->dl_rcu);
18403 + INIT_HLIST_NODE(&new->dl_hlist);
18404 + spin_lock_init(&new->dl_lock);
18405 + atomic_set(&new->dl_refcnt, 0);
18406 + atomic_set(&new->dl_usecnt, 0);
18408 + /* rest of init goes here */
18410 + vxdprintk(VXD_CBIT(dlim, 4),
18411 + "alloc_dl_info(%p,%d) = %p", sb, tag, new);
18415 +/* __dealloc_dl_info()
18417 + * final disposal of dl_info */
18419 +static void __dealloc_dl_info(struct dl_info *dli)
18421 + vxdprintk(VXD_CBIT(dlim, 4),
18422 + "dealloc_dl_info(%p)", dli);
18424 + dli->dl_hlist.next = LIST_POISON1;
18425 + dli->dl_tag = -1;
18428 + BUG_ON(atomic_read(&dli->dl_usecnt));
18429 + BUG_ON(atomic_read(&dli->dl_refcnt));
18435 +/* hash table for dl_info hash */
18437 +#define DL_HASH_SIZE 13
18439 +struct hlist_head dl_info_hash[DL_HASH_SIZE];
18441 +static DEFINE_SPINLOCK(dl_info_hash_lock);
18444 +static inline unsigned int __hashval(struct super_block *sb, tag_t tag)
18446 + return ((tag ^ (unsigned long)sb) % DL_HASH_SIZE);
18451 +/* __hash_dl_info()
18453 + * add the dli to the global hash table
18454 + * requires the hash_lock to be held */
18456 +static inline void __hash_dl_info(struct dl_info *dli)
18458 + struct hlist_head *head;
18460 + vxdprintk(VXD_CBIT(dlim, 6),
18461 + "__hash_dl_info: %p[#%d]", dli, dli->dl_tag);
18462 + get_dl_info(dli);
18463 + head = &dl_info_hash[__hashval(dli->dl_sb, dli->dl_tag)];
18464 + hlist_add_head_rcu(&dli->dl_hlist, head);
18467 +/* __unhash_dl_info()
18469 + * remove the dli from the global hash table
18470 + * requires the hash_lock to be held */
18472 +static inline void __unhash_dl_info(struct dl_info *dli)
18474 + vxdprintk(VXD_CBIT(dlim, 6),
18475 + "__unhash_dl_info: %p[#%d]", dli, dli->dl_tag);
18476 + hlist_del_rcu(&dli->dl_hlist);
18477 + put_dl_info(dli);
18481 +/* __lookup_dl_info()
18483 + * requires the rcu_read_lock()
18484 + * doesn't increment the dl_refcnt */
18486 +static inline struct dl_info *__lookup_dl_info(struct super_block *sb, tag_t tag)
18488 + struct hlist_head *head = &dl_info_hash[__hashval(sb, tag)];
18489 + struct hlist_node *pos;
18490 + struct dl_info *dli;
18492 + hlist_for_each_entry_rcu(dli, pos, head, dl_hlist) {
18494 + if (dli->dl_tag == tag && dli->dl_sb == sb) {
18502 +struct dl_info *locate_dl_info(struct super_block *sb, tag_t tag)
18504 + struct dl_info *dli;
18507 + dli = get_dl_info(__lookup_dl_info(sb, tag));
18508 + vxdprintk(VXD_CBIT(dlim, 7),
18509 + "locate_dl_info(%p,#%d) = %p", sb, tag, dli);
18510 + rcu_read_unlock();
18514 +void rcu_free_dl_info(struct rcu_head *head)
18516 + struct dl_info *dli = container_of(head, struct dl_info, dl_rcu);
18517 + int usecnt, refcnt;
18519 + BUG_ON(!dli || !head);
18521 + usecnt = atomic_read(&dli->dl_usecnt);
18522 + BUG_ON(usecnt < 0);
18524 + refcnt = atomic_read(&dli->dl_refcnt);
18525 + BUG_ON(refcnt < 0);
18527 + vxdprintk(VXD_CBIT(dlim, 3),
18528 + "rcu_free_dl_info(%p)", dli);
18530 + __dealloc_dl_info(dli);
18532 + printk("!!! rcu didn't free\n");
18538 +static int do_addrem_dlimit(uint32_t id, const char __user *name,
18539 + uint32_t flags, int add)
18541 + struct path path;
18544 + ret = user_lpath(name, &path);
18546 + struct super_block *sb;
18547 + struct dl_info *dli;
18550 + if (!path.dentry->d_inode)
18551 + goto out_release;
18552 + if (!(sb = path.dentry->d_inode->i_sb))
18553 + goto out_release;
18556 + dli = __alloc_dl_info(sb, id);
18557 + spin_lock(&dl_info_hash_lock);
18560 + if (__lookup_dl_info(sb, id))
18562 + __hash_dl_info(dli);
18565 + spin_lock(&dl_info_hash_lock);
18566 + dli = __lookup_dl_info(sb, id);
18571 + __unhash_dl_info(dli);
18575 + spin_unlock(&dl_info_hash_lock);
18577 + __dealloc_dl_info(dli);
18584 +int vc_add_dlimit(uint32_t id, void __user *data)
18586 + struct vcmd_ctx_dlimit_base_v0 vc_data;
18588 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18591 + return do_addrem_dlimit(id, vc_data.name, vc_data.flags, 1);
18594 +int vc_rem_dlimit(uint32_t id, void __user *data)
18596 + struct vcmd_ctx_dlimit_base_v0 vc_data;
18598 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18601 + return do_addrem_dlimit(id, vc_data.name, vc_data.flags, 0);
18604 +#ifdef CONFIG_COMPAT
18606 +int vc_add_dlimit_x32(uint32_t id, void __user *data)
18608 + struct vcmd_ctx_dlimit_base_v0_x32 vc_data;
18610 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18613 + return do_addrem_dlimit(id,
18614 + compat_ptr(vc_data.name_ptr), vc_data.flags, 1);
18617 +int vc_rem_dlimit_x32(uint32_t id, void __user *data)
18619 + struct vcmd_ctx_dlimit_base_v0_x32 vc_data;
18621 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18624 + return do_addrem_dlimit(id,
18625 + compat_ptr(vc_data.name_ptr), vc_data.flags, 0);
18628 +#endif /* CONFIG_COMPAT */
18632 +int do_set_dlimit(uint32_t id, const char __user *name,
18633 + uint32_t space_used, uint32_t space_total,
18634 + uint32_t inodes_used, uint32_t inodes_total,
18635 + uint32_t reserved, uint32_t flags)
18637 + struct path path;
18640 + ret = user_lpath(name, &path);
18642 + struct super_block *sb;
18643 + struct dl_info *dli;
18646 + if (!path.dentry->d_inode)
18647 + goto out_release;
18648 + if (!(sb = path.dentry->d_inode->i_sb))
18649 + goto out_release;
18651 + /* sanity checks */
18652 + if ((reserved != CDLIM_KEEP &&
18653 + reserved > 100) ||
18654 + (inodes_used != CDLIM_KEEP &&
18655 + inodes_used > inodes_total) ||
18656 + (space_used != CDLIM_KEEP &&
18657 + space_used > space_total))
18658 + goto out_release;
18661 + dli = locate_dl_info(sb, id);
18663 + goto out_release;
18665 + spin_lock(&dli->dl_lock);
18667 + if (inodes_used != CDLIM_KEEP)
18668 + dli->dl_inodes_used = inodes_used;
18669 + if (inodes_total != CDLIM_KEEP)
18670 + dli->dl_inodes_total = inodes_total;
18671 + if (space_used != CDLIM_KEEP)
18672 + dli->dl_space_used = dlimit_space_32to64(
18673 + space_used, flags, DLIMS_USED);
18675 + if (space_total == CDLIM_INFINITY)
18676 + dli->dl_space_total = DLIM_INFINITY;
18677 + else if (space_total != CDLIM_KEEP)
18678 + dli->dl_space_total = dlimit_space_32to64(
18679 + space_total, flags, DLIMS_TOTAL);
18681 + if (reserved != CDLIM_KEEP)
18682 + dli->dl_nrlmult = (1 << 10) * (100 - reserved) / 100;
18684 + spin_unlock(&dli->dl_lock);
18686 + put_dl_info(dli);
18695 +int vc_set_dlimit(uint32_t id, void __user *data)
18697 + struct vcmd_ctx_dlimit_v0 vc_data;
18699 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18702 + return do_set_dlimit(id, vc_data.name,
18703 + vc_data.space_used, vc_data.space_total,
18704 + vc_data.inodes_used, vc_data.inodes_total,
18705 + vc_data.reserved, vc_data.flags);
18708 +#ifdef CONFIG_COMPAT
18710 +int vc_set_dlimit_x32(uint32_t id, void __user *data)
18712 + struct vcmd_ctx_dlimit_v0_x32 vc_data;
18714 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18717 + return do_set_dlimit(id, compat_ptr(vc_data.name_ptr),
18718 + vc_data.space_used, vc_data.space_total,
18719 + vc_data.inodes_used, vc_data.inodes_total,
18720 + vc_data.reserved, vc_data.flags);
18723 +#endif /* CONFIG_COMPAT */
18727 +int do_get_dlimit(uint32_t id, const char __user *name,
18728 + uint32_t *space_used, uint32_t *space_total,
18729 + uint32_t *inodes_used, uint32_t *inodes_total,
18730 + uint32_t *reserved, uint32_t *flags)
18732 + struct path path;
18735 + ret = user_lpath(name, &path);
18737 + struct super_block *sb;
18738 + struct dl_info *dli;
18741 + if (!path.dentry->d_inode)
18742 + goto out_release;
18743 + if (!(sb = path.dentry->d_inode->i_sb))
18744 + goto out_release;
18747 + dli = locate_dl_info(sb, id);
18749 + goto out_release;
18751 + spin_lock(&dli->dl_lock);
18752 + *inodes_used = dli->dl_inodes_used;
18753 + *inodes_total = dli->dl_inodes_total;
18755 + *space_used = dlimit_space_64to32(
18756 + dli->dl_space_used, flags, DLIMS_USED);
18758 + if (dli->dl_space_total == DLIM_INFINITY)
18759 + *space_total = CDLIM_INFINITY;
18761 + *space_total = dlimit_space_64to32(
18762 + dli->dl_space_total, flags, DLIMS_TOTAL);
18764 + *reserved = 100 - ((dli->dl_nrlmult * 100 + 512) >> 10);
18765 + spin_unlock(&dli->dl_lock);
18767 + put_dl_info(dli);
18778 +int vc_get_dlimit(uint32_t id, void __user *data)
18780 + struct vcmd_ctx_dlimit_v0 vc_data;
18783 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18786 + ret = do_get_dlimit(id, vc_data.name,
18787 + &vc_data.space_used, &vc_data.space_total,
18788 + &vc_data.inodes_used, &vc_data.inodes_total,
18789 + &vc_data.reserved, &vc_data.flags);
18793 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18798 +#ifdef CONFIG_COMPAT
18800 +int vc_get_dlimit_x32(uint32_t id, void __user *data)
18802 + struct vcmd_ctx_dlimit_v0_x32 vc_data;
18805 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18808 + ret = do_get_dlimit(id, compat_ptr(vc_data.name_ptr),
18809 + &vc_data.space_used, &vc_data.space_total,
18810 + &vc_data.inodes_used, &vc_data.inodes_total,
18811 + &vc_data.reserved, &vc_data.flags);
18815 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18820 +#endif /* CONFIG_COMPAT */
18823 +void vx_vsi_statfs(struct super_block *sb, struct kstatfs *buf)
18825 + struct dl_info *dli;
18826 + __u64 blimit, bfree, bavail;
18829 + dli = locate_dl_info(sb, dx_current_tag());
18833 + spin_lock(&dli->dl_lock);
18834 + if (dli->dl_inodes_total == (unsigned long)DLIM_INFINITY)
18837 + /* reduce max inodes available to limit */
18838 + if (buf->f_files > dli->dl_inodes_total)
18839 + buf->f_files = dli->dl_inodes_total;
18841 + ifree = dli->dl_inodes_total - dli->dl_inodes_used;
18842 + /* reduce free inodes to min */
18843 + if (ifree < buf->f_ffree)
18844 + buf->f_ffree = ifree;
18847 + if (dli->dl_space_total == DLIM_INFINITY)
18850 + blimit = dli->dl_space_total >> sb->s_blocksize_bits;
18852 + if (dli->dl_space_total < dli->dl_space_used)
18855 + bfree = (dli->dl_space_total - dli->dl_space_used)
18856 + >> sb->s_blocksize_bits;
18858 + bavail = ((dli->dl_space_total >> 10) * dli->dl_nrlmult);
18859 + if (bavail < dli->dl_space_used)
18862 + bavail = (bavail - dli->dl_space_used)
18863 + >> sb->s_blocksize_bits;
18865 + /* reduce max space available to limit */
18866 + if (buf->f_blocks > blimit)
18867 + buf->f_blocks = blimit;
18869 + /* reduce free space to min */
18870 + if (bfree < buf->f_bfree)
18871 + buf->f_bfree = bfree;
18873 + /* reduce avail space to min */
18874 + if (bavail < buf->f_bavail)
18875 + buf->f_bavail = bavail;
18878 + spin_unlock(&dli->dl_lock);
18879 + put_dl_info(dli);
18884 +#include <linux/module.h>
18886 +EXPORT_SYMBOL_GPL(locate_dl_info);
18887 +EXPORT_SYMBOL_GPL(rcu_free_dl_info);
18889 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/helper.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/helper.c
18890 --- linux-3.0-rc5/kernel/vserver/helper.c 1970-01-01 01:00:00.000000000 +0100
18891 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/helper.c 2011-06-10 22:11:24.000000000 +0200
18894 + * linux/kernel/vserver/helper.c
18896 + * Virtual Context Support
18898 + * Copyright (C) 2004-2007 Herbert Pötzl
18900 + * V0.01 basic helper
18904 +#include <linux/kmod.h>
18905 +#include <linux/reboot.h>
18906 +#include <linux/vs_context.h>
18907 +#include <linux/vs_network.h>
18908 +#include <linux/vserver/signal.h>
18911 +char vshelper_path[255] = "/sbin/vshelper";
18914 +static int do_vshelper(char *name, char *argv[], char *envp[], int sync)
18918 + if ((ret = call_usermodehelper(name, argv, envp, sync))) {
18919 + printk( KERN_WARNING
18920 + "%s: (%s %s) returned %s with %d\n",
18921 + name, argv[1], argv[2],
18922 + sync ? "sync" : "async", ret);
18924 + vxdprintk(VXD_CBIT(switch, 4),
18925 + "%s: (%s %s) returned %s with %d",
18926 + name, argv[1], argv[2], sync ? "sync" : "async", ret);
18931 + * vshelper path is set via /proc/sys
18932 + * invoked by vserver sys_reboot(), with
18933 + * the following arguments
18935 + * argv [0] = vshelper_path;
18936 + * argv [1] = action: "restart", "halt", "poweroff", ...
18937 + * argv [2] = context identifier
18939 + * envp [*] = type-specific parameters
18942 +long vs_reboot_helper(struct vx_info *vxi, int cmd, void __user *arg)
18944 + char id_buf[8], cmd_buf[16];
18945 + char uid_buf[16], pid_buf[16];
18948 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
18949 + char *envp[] = {"HOME=/", "TERM=linux",
18950 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin",
18951 + uid_buf, pid_buf, cmd_buf, 0};
18953 + if (vx_info_state(vxi, VXS_HELPER))
18955 + vxi->vx_state |= VXS_HELPER;
18957 + snprintf(id_buf, sizeof(id_buf)-1, "%d", vxi->vx_id);
18959 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
18960 + snprintf(uid_buf, sizeof(uid_buf)-1, "VS_UID=%d", current_uid());
18961 + snprintf(pid_buf, sizeof(pid_buf)-1, "VS_PID=%d", current->pid);
18964 + case LINUX_REBOOT_CMD_RESTART:
18965 + argv[1] = "restart";
18968 + case LINUX_REBOOT_CMD_HALT:
18969 + argv[1] = "halt";
18972 + case LINUX_REBOOT_CMD_POWER_OFF:
18973 + argv[1] = "poweroff";
18976 + case LINUX_REBOOT_CMD_SW_SUSPEND:
18977 + argv[1] = "swsusp";
18980 + case LINUX_REBOOT_CMD_OOM:
18985 + vxi->vx_state &= ~VXS_HELPER;
18989 + ret = do_vshelper(vshelper_path, argv, envp, 0);
18990 + vxi->vx_state &= ~VXS_HELPER;
18991 + __wakeup_vx_info(vxi);
18992 + return (ret) ? -EPERM : 0;
18996 +long vs_reboot(unsigned int cmd, void __user *arg)
18998 + struct vx_info *vxi = current_vx_info();
19001 + vxdprintk(VXD_CBIT(misc, 5),
19002 + "vs_reboot(%p[#%d],%u)",
19003 + vxi, vxi ? vxi->vx_id : 0, cmd);
19005 + ret = vs_reboot_helper(vxi, cmd, arg);
19009 + vxi->reboot_cmd = cmd;
19010 + if (vx_info_flags(vxi, VXF_REBOOT_KILL, 0)) {
19012 + case LINUX_REBOOT_CMD_RESTART:
19013 + case LINUX_REBOOT_CMD_HALT:
19014 + case LINUX_REBOOT_CMD_POWER_OFF:
19015 + vx_info_kill(vxi, 0, SIGKILL);
19016 + vx_info_kill(vxi, 1, SIGKILL);
19024 +long vs_oom_action(unsigned int cmd)
19026 + struct vx_info *vxi = current_vx_info();
19029 + vxdprintk(VXD_CBIT(misc, 5),
19030 + "vs_oom_action(%p[#%d],%u)",
19031 + vxi, vxi ? vxi->vx_id : 0, cmd);
19033 + ret = vs_reboot_helper(vxi, cmd, NULL);
19037 + vxi->reboot_cmd = cmd;
19038 + if (vx_info_flags(vxi, VXF_REBOOT_KILL, 0)) {
19039 + vx_info_kill(vxi, 0, SIGKILL);
19040 + vx_info_kill(vxi, 1, SIGKILL);
19046 + * argv [0] = vshelper_path;
19047 + * argv [1] = action: "startup", "shutdown"
19048 + * argv [2] = context identifier
19050 + * envp [*] = type-specific parameters
19053 +long vs_state_change(struct vx_info *vxi, unsigned int cmd)
19055 + char id_buf[8], cmd_buf[16];
19056 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
19057 + char *envp[] = {"HOME=/", "TERM=linux",
19058 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin", cmd_buf, 0};
19060 + if (!vx_info_flags(vxi, VXF_SC_HELPER, 0))
19063 + snprintf(id_buf, sizeof(id_buf)-1, "%d", vxi->vx_id);
19064 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
19067 + case VSC_STARTUP:
19068 + argv[1] = "startup";
19070 + case VSC_SHUTDOWN:
19071 + argv[1] = "shutdown";
19077 + return do_vshelper(vshelper_path, argv, envp, 1);
19082 + * argv [0] = vshelper_path;
19083 + * argv [1] = action: "netup", "netdown"
19084 + * argv [2] = context identifier
19086 + * envp [*] = type-specific parameters
19089 +long vs_net_change(struct nx_info *nxi, unsigned int cmd)
19091 + char id_buf[8], cmd_buf[16];
19092 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
19093 + char *envp[] = {"HOME=/", "TERM=linux",
19094 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin", cmd_buf, 0};
19096 + if (!nx_info_flags(nxi, NXF_SC_HELPER, 0))
19099 + snprintf(id_buf, sizeof(id_buf)-1, "%d", nxi->nx_id);
19100 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
19104 + argv[1] = "netup";
19106 + case VSC_NETDOWN:
19107 + argv[1] = "netdown";
19113 + return do_vshelper(vshelper_path, argv, envp, 1);
19116 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/history.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/history.c
19117 --- linux-3.0-rc5/kernel/vserver/history.c 1970-01-01 01:00:00.000000000 +0100
19118 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/history.c 2011-06-10 22:11:24.000000000 +0200
19121 + * kernel/vserver/history.c
19123 + * Virtual Context History Backtrace
19125 + * Copyright (C) 2004-2007 Herbert Pötzl
19127 + * V0.01 basic structure
19128 + * V0.02 hash/unhash and trace
19129 + * V0.03 preemption fixes
19133 +#include <linux/module.h>
19134 +#include <asm/uaccess.h>
19136 +#include <linux/vserver/context.h>
19137 +#include <linux/vserver/debug.h>
19138 +#include <linux/vserver/debug_cmd.h>
19139 +#include <linux/vserver/history.h>
19142 +#ifdef CONFIG_VSERVER_HISTORY
19143 +#define VXH_SIZE CONFIG_VSERVER_HISTORY_SIZE
19145 +#define VXH_SIZE 64
19148 +struct _vx_history {
19149 + unsigned int counter;
19151 + struct _vx_hist_entry entry[VXH_SIZE + 1];
19155 +DEFINE_PER_CPU(struct _vx_history, vx_history_buffer);
19157 +unsigned volatile int vxh_active = 1;
19159 +static atomic_t sequence = ATOMIC_INIT(0);
19164 + * requires disabled preemption */
19166 +struct _vx_hist_entry *vxh_advance(void *loc)
19168 + unsigned int cpu = smp_processor_id();
19169 + struct _vx_history *hist = &per_cpu(vx_history_buffer, cpu);
19170 + struct _vx_hist_entry *entry;
19171 + unsigned int index;
19173 + index = vxh_active ? (hist->counter++ % VXH_SIZE) : VXH_SIZE;
19174 + entry = &hist->entry[index];
19176 + entry->seq = atomic_inc_return(&sequence);
19177 + entry->loc = loc;
19181 +EXPORT_SYMBOL_GPL(vxh_advance);
19184 +#define VXH_LOC_FMTS "(#%04x,*%d):%p"
19186 +#define VXH_LOC_ARGS(e) (e)->seq, cpu, (e)->loc
19189 +#define VXH_VXI_FMTS "%p[#%d,%d.%d]"
19191 +#define VXH_VXI_ARGS(e) (e)->vxi.ptr, \
19192 + (e)->vxi.ptr ? (e)->vxi.xid : 0, \
19193 + (e)->vxi.ptr ? (e)->vxi.usecnt : 0, \
19194 + (e)->vxi.ptr ? (e)->vxi.tasks : 0
19196 +void vxh_dump_entry(struct _vx_hist_entry *e, unsigned cpu)
19198 + switch (e->type) {
19199 + case VXH_THROW_OOPS:
19200 + printk( VXH_LOC_FMTS " oops \n", VXH_LOC_ARGS(e));
19203 + case VXH_GET_VX_INFO:
19204 + case VXH_PUT_VX_INFO:
19205 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS "\n",
19207 + (e->type == VXH_GET_VX_INFO) ? "get" : "put",
19208 + VXH_VXI_ARGS(e));
19211 + case VXH_INIT_VX_INFO:
19212 + case VXH_SET_VX_INFO:
19213 + case VXH_CLR_VX_INFO:
19214 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS " @%p\n",
19216 + (e->type == VXH_INIT_VX_INFO) ? "init" :
19217 + ((e->type == VXH_SET_VX_INFO) ? "set" : "clr"),
19218 + VXH_VXI_ARGS(e), e->sc.data);
19221 + case VXH_CLAIM_VX_INFO:
19222 + case VXH_RELEASE_VX_INFO:
19223 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS " @%p\n",
19225 + (e->type == VXH_CLAIM_VX_INFO) ? "claim" : "release",
19226 + VXH_VXI_ARGS(e), e->sc.data);
19229 + case VXH_ALLOC_VX_INFO:
19230 + case VXH_DEALLOC_VX_INFO:
19231 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS "\n",
19233 + (e->type == VXH_ALLOC_VX_INFO) ? "alloc" : "dealloc",
19234 + VXH_VXI_ARGS(e));
19237 + case VXH_HASH_VX_INFO:
19238 + case VXH_UNHASH_VX_INFO:
19239 + printk( VXH_LOC_FMTS " __%s_vx_info " VXH_VXI_FMTS "\n",
19241 + (e->type == VXH_HASH_VX_INFO) ? "hash" : "unhash",
19242 + VXH_VXI_ARGS(e));
19245 + case VXH_LOC_VX_INFO:
19246 + case VXH_LOOKUP_VX_INFO:
19247 + case VXH_CREATE_VX_INFO:
19248 + printk( VXH_LOC_FMTS " __%s_vx_info [#%d] -> " VXH_VXI_FMTS "\n",
19250 + (e->type == VXH_CREATE_VX_INFO) ? "create" :
19251 + ((e->type == VXH_LOC_VX_INFO) ? "loc" : "lookup"),
19252 + e->ll.arg, VXH_VXI_ARGS(e));
19257 +static void __vxh_dump_history(void)
19259 + unsigned int i, cpu;
19261 + printk("History:\tSEQ: %8x\tNR_CPUS: %d\n",
19262 + atomic_read(&sequence), NR_CPUS);
19264 + for (i = 0; i < VXH_SIZE; i++) {
19265 + for_each_online_cpu(cpu) {
19266 + struct _vx_history *hist =
19267 + &per_cpu(vx_history_buffer, cpu);
19268 + unsigned int index = (hist->counter - i) % VXH_SIZE;
19269 + struct _vx_hist_entry *entry = &hist->entry[index];
19271 + vxh_dump_entry(entry, cpu);
19276 +void vxh_dump_history(void)
19280 + local_irq_enable();
19282 + local_irq_disable();
19284 + __vxh_dump_history();
19288 +/* vserver syscall commands below here */
19291 +int vc_dump_history(uint32_t id)
19294 + __vxh_dump_history();
19301 +int do_read_history(struct __user _vx_hist_entry *data,
19302 + int cpu, uint32_t *index, uint32_t *count)
19304 + int pos, ret = 0;
19305 + struct _vx_history *hist = &per_cpu(vx_history_buffer, cpu);
19306 + int end = hist->counter;
19307 + int start = end - VXH_SIZE + 2;
19308 + int idx = *index;
19310 + /* special case: get current pos */
19316 + /* have we lost some data? */
19320 + for (pos = 0; (pos < *count) && (idx < end); pos++, idx++) {
19321 + struct _vx_hist_entry *entry =
19322 + &hist->entry[idx % VXH_SIZE];
19324 + /* send entry to userspace */
19325 + ret = copy_to_user(&data[pos], entry, sizeof(*entry));
19329 + /* save new index and count */
19332 + return ret ? ret : (*index < end);
19335 +int vc_read_history(uint32_t id, void __user *data)
19337 + struct vcmd_read_history_v0 vc_data;
19340 + if (id >= NR_CPUS)
19343 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19346 + ret = do_read_history((struct __user _vx_hist_entry *)vc_data.data,
19347 + id, &vc_data.index, &vc_data.count);
19349 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19354 +#ifdef CONFIG_COMPAT
19356 +int vc_read_history_x32(uint32_t id, void __user *data)
19358 + struct vcmd_read_history_v0_x32 vc_data;
19361 + if (id >= NR_CPUS)
19364 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19367 + ret = do_read_history((struct __user _vx_hist_entry *)
19368 + compat_ptr(vc_data.data_ptr),
19369 + id, &vc_data.index, &vc_data.count);
19371 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19376 +#endif /* CONFIG_COMPAT */
19378 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/inet.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/inet.c
19379 --- linux-3.0-rc5/kernel/vserver/inet.c 1970-01-01 01:00:00.000000000 +0100
19380 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/inet.c 2011-06-13 18:20:44.000000000 +0200
19383 +#include <linux/in.h>
19384 +#include <linux/inetdevice.h>
19385 +#include <linux/vs_inet.h>
19386 +#include <linux/vs_inet6.h>
19387 +#include <linux/vserver/debug.h>
19388 +#include <net/route.h>
19389 +#include <net/addrconf.h>
19392 +int nx_v4_addr_conflict(struct nx_info *nxi1, struct nx_info *nxi2)
19396 + if (!nxi1 || !nxi2 || nxi1 == nxi2)
19399 + struct nx_addr_v4 *ptr;
19401 + for (ptr = &nxi1->v4; ptr; ptr = ptr->next) {
19402 + if (v4_nx_addr_in_nx_info(nxi2, ptr, -1)) {
19409 + vxdprintk(VXD_CBIT(net, 2),
19410 + "nx_v4_addr_conflict(%p,%p): %d",
19411 + nxi1, nxi2, ret);
19417 +#ifdef CONFIG_IPV6
19419 +int nx_v6_addr_conflict(struct nx_info *nxi1, struct nx_info *nxi2)
19423 + if (!nxi1 || !nxi2 || nxi1 == nxi2)
19426 + struct nx_addr_v6 *ptr;
19428 + for (ptr = &nxi1->v6; ptr; ptr = ptr->next) {
19429 + if (v6_nx_addr_in_nx_info(nxi2, ptr, -1)) {
19436 + vxdprintk(VXD_CBIT(net, 2),
19437 + "nx_v6_addr_conflict(%p,%p): %d",
19438 + nxi1, nxi2, ret);
19445 +int v4_dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
19447 + struct in_device *in_dev;
19448 + struct in_ifaddr **ifap;
19449 + struct in_ifaddr *ifa;
19454 + in_dev = in_dev_get(dev);
19458 + for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
19459 + ifap = &ifa->ifa_next) {
19460 + if (v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW)) {
19465 + in_dev_put(in_dev);
19471 +#ifdef CONFIG_IPV6
19473 +int v6_dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
19475 + struct inet6_dev *in_dev;
19476 + struct inet6_ifaddr *ifa;
19481 + in_dev = in6_dev_get(dev);
19485 + // for (ifap = &in_dev->addr_list; (ifa = *ifap) != NULL;
19486 + list_for_each_entry(ifa, &in_dev->addr_list, if_list) {
19487 + if (v6_addr_in_nx_info(nxi, &ifa->addr, -1)) {
19492 + in6_dev_put(in_dev);
19499 +int dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
19505 + if (nxi->v4.type && v4_dev_in_nx_info(dev, nxi))
19507 +#ifdef CONFIG_IPV6
19509 + if (nxi->v6.type && v6_dev_in_nx_info(dev, nxi))
19514 + vxdprintk(VXD_CBIT(net, 3),
19515 + "dev_in_nx_info(%p,%p[#%d]) = %d",
19516 + dev, nxi, nxi ? nxi->nx_id : 0, ret);
19520 +struct rtable *ip_v4_find_src(struct net *net, struct nx_info *nxi,
19521 + struct flowi4 *fl4)
19523 + struct rtable *rt;
19528 + /* FIXME: handle lback only case */
19529 + if (!NX_IPV4(nxi))
19530 + return ERR_PTR(EPERM);
19532 + vxdprintk(VXD_CBIT(net, 4),
19533 + "ip_v4_find_src(%p[#%u]) " NIPQUAD_FMT " -> " NIPQUAD_FMT,
19534 + nxi, nxi ? nxi->nx_id : 0,
19535 + NIPQUAD(fl4->saddr), NIPQUAD(fl4->daddr));
19537 + /* single IP is unconditional */
19538 + if (nx_info_flags(nxi, NXF_SINGLE_IP, 0) &&
19539 + (fl4->saddr == INADDR_ANY))
19540 + fl4->saddr = nxi->v4.ip[0].s_addr;
19542 + if (fl4->saddr == INADDR_ANY) {
19543 + struct nx_addr_v4 *ptr;
19544 + __be32 found = 0;
19546 + rt = __ip_route_output_key(net, fl4);
19547 + if (!IS_ERR(rt)) {
19548 + found = fl4->saddr;
19550 + vxdprintk(VXD_CBIT(net, 4),
19551 + "ip_v4_find_src(%p[#%u]) rok[%u]: " NIPQUAD_FMT,
19552 + nxi, nxi ? nxi->nx_id : 0, fl4->flowi4_oif, NIPQUAD(found));
19553 + if (v4_addr_in_nx_info(nxi, found, NXA_MASK_BIND))
19557 + for (ptr = &nxi->v4; ptr; ptr = ptr->next) {
19558 + __be32 primary = ptr->ip[0].s_addr;
19559 + __be32 mask = ptr->mask.s_addr;
19560 + __be32 neta = primary & mask;
19562 + vxdprintk(VXD_CBIT(net, 4), "ip_v4_find_src(%p[#%u]) chk: "
19563 + NIPQUAD_FMT "/" NIPQUAD_FMT "/" NIPQUAD_FMT,
19564 + nxi, nxi ? nxi->nx_id : 0, NIPQUAD(primary),
19565 + NIPQUAD(mask), NIPQUAD(neta));
19566 + if ((found & mask) != neta)
19569 + fl4->saddr = primary;
19570 + rt = __ip_route_output_key(net, fl4);
19571 + vxdprintk(VXD_CBIT(net, 4),
19572 + "ip_v4_find_src(%p[#%u]) rok[%u]: " NIPQUAD_FMT,
19573 + nxi, nxi ? nxi->nx_id : 0, fl4->flowi4_oif, NIPQUAD(primary));
19574 + if (!IS_ERR(rt)) {
19575 + found = fl4->saddr;
19577 + if (found == primary)
19581 + /* still no source ip? */
19582 + found = ipv4_is_loopback(fl4->daddr)
19583 + ? IPI_LOOPBACK : nxi->v4.ip[0].s_addr;
19585 + /* assign src ip to flow */
19586 + fl4->saddr = found;
19589 + if (!v4_addr_in_nx_info(nxi, fl4->saddr, NXA_MASK_BIND))
19590 + return ERR_PTR(EPERM);
19593 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0)) {
19594 + if (ipv4_is_loopback(fl4->daddr))
19595 + fl4->daddr = nxi->v4_lback.s_addr;
19596 + if (ipv4_is_loopback(fl4->saddr))
19597 + fl4->saddr = nxi->v4_lback.s_addr;
19598 + } else if (ipv4_is_loopback(fl4->daddr) &&
19599 + !nx_info_flags(nxi, NXF_LBACK_ALLOW, 0))
19600 + return ERR_PTR(EPERM);
19605 +EXPORT_SYMBOL_GPL(ip_v4_find_src);
19607 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/init.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/init.c
19608 --- linux-3.0-rc5/kernel/vserver/init.c 1970-01-01 01:00:00.000000000 +0100
19609 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/init.c 2011-06-10 22:11:24.000000000 +0200
19612 + * linux/kernel/init.c
19614 + * Virtual Server Init
19616 + * Copyright (C) 2004-2007 Herbert Pötzl
19618 + * V0.01 basic structure
19622 +#include <linux/init.h>
19624 +int vserver_register_sysctl(void);
19625 +void vserver_unregister_sysctl(void);
19628 +static int __init init_vserver(void)
19632 +#ifdef CONFIG_VSERVER_DEBUG
19633 + vserver_register_sysctl();
19639 +static void __exit exit_vserver(void)
19642 +#ifdef CONFIG_VSERVER_DEBUG
19643 + vserver_unregister_sysctl();
19648 +/* FIXME: GFP_ZONETYPES gone
19649 +long vx_slab[GFP_ZONETYPES]; */
19653 +module_init(init_vserver);
19654 +module_exit(exit_vserver);
19656 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/inode.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/inode.c
19657 --- linux-3.0-rc5/kernel/vserver/inode.c 1970-01-01 01:00:00.000000000 +0100
19658 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/inode.c 2011-06-10 22:11:24.000000000 +0200
19661 + * linux/kernel/vserver/inode.c
19663 + * Virtual Server: File System Support
19665 + * Copyright (C) 2004-2007 Herbert Pötzl
19667 + * V0.01 separated from vcontext V0.05
19668 + * V0.02 moved to tag (instead of xid)
19672 +#include <linux/tty.h>
19673 +#include <linux/proc_fs.h>
19674 +#include <linux/devpts_fs.h>
19675 +#include <linux/fs.h>
19676 +#include <linux/file.h>
19677 +#include <linux/mount.h>
19678 +#include <linux/parser.h>
19679 +#include <linux/namei.h>
19680 +#include <linux/vserver/inode.h>
19681 +#include <linux/vserver/inode_cmd.h>
19682 +#include <linux/vs_base.h>
19683 +#include <linux/vs_tag.h>
19685 +#include <asm/uaccess.h>
19688 +static int __vc_get_iattr(struct inode *in, uint32_t *tag, uint32_t *flags, uint32_t *mask)
19690 + struct proc_dir_entry *entry;
19692 + if (!in || !in->i_sb)
19695 + *flags = IATTR_TAG
19696 + | (IS_IMMUTABLE(in) ? IATTR_IMMUTABLE : 0)
19697 + | (IS_IXUNLINK(in) ? IATTR_IXUNLINK : 0)
19698 + | (IS_BARRIER(in) ? IATTR_BARRIER : 0)
19699 + | (IS_COW(in) ? IATTR_COW : 0);
19700 + *mask = IATTR_IXUNLINK | IATTR_IMMUTABLE | IATTR_COW;
19702 + if (S_ISDIR(in->i_mode))
19703 + *mask |= IATTR_BARRIER;
19705 + if (IS_TAGGED(in)) {
19706 + *tag = in->i_tag;
19707 + *mask |= IATTR_TAG;
19710 + switch (in->i_sb->s_magic) {
19711 + case PROC_SUPER_MAGIC:
19712 + entry = PROC_I(in)->pde;
19714 + /* check for specific inodes? */
19716 + *mask |= IATTR_FLAGS;
19718 + *flags |= (entry->vx_flags & IATTR_FLAGS);
19720 + *flags |= (PROC_I(in)->vx_flags & IATTR_FLAGS);
19723 + case DEVPTS_SUPER_MAGIC:
19724 + *tag = in->i_tag;
19725 + *mask |= IATTR_TAG;
19734 +int vc_get_iattr(void __user *data)
19736 + struct path path;
19737 + struct vcmd_ctx_iattr_v1 vc_data = { .tag = -1 };
19740 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19743 + ret = user_lpath(vc_data.name, &path);
19745 + ret = __vc_get_iattr(path.dentry->d_inode,
19746 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
19752 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19757 +#ifdef CONFIG_COMPAT
19759 +int vc_get_iattr_x32(void __user *data)
19761 + struct path path;
19762 + struct vcmd_ctx_iattr_v1_x32 vc_data = { .tag = -1 };
19765 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19768 + ret = user_lpath(compat_ptr(vc_data.name_ptr), &path);
19770 + ret = __vc_get_iattr(path.dentry->d_inode,
19771 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
19777 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19782 +#endif /* CONFIG_COMPAT */
19785 +int vc_fget_iattr(uint32_t fd, void __user *data)
19787 + struct file *filp;
19788 + struct vcmd_ctx_fiattr_v0 vc_data = { .tag = -1 };
19791 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19795 + if (!filp || !filp->f_dentry || !filp->f_dentry->d_inode)
19798 + ret = __vc_get_iattr(filp->f_dentry->d_inode,
19799 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
19803 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19809 +static int __vc_set_iattr(struct dentry *de, uint32_t *tag, uint32_t *flags, uint32_t *mask)
19811 + struct inode *in = de->d_inode;
19812 + int error = 0, is_proc = 0, has_tag = 0;
19813 + struct iattr attr = { 0 };
19815 + if (!in || !in->i_sb)
19818 + is_proc = (in->i_sb->s_magic == PROC_SUPER_MAGIC);
19819 + if ((*mask & IATTR_FLAGS) && !is_proc)
19822 + has_tag = IS_TAGGED(in) ||
19823 + (in->i_sb->s_magic == DEVPTS_SUPER_MAGIC);
19824 + if ((*mask & IATTR_TAG) && !has_tag)
19827 + mutex_lock(&in->i_mutex);
19828 + if (*mask & IATTR_TAG) {
19829 + attr.ia_tag = *tag;
19830 + attr.ia_valid |= ATTR_TAG;
19833 + if (*mask & IATTR_FLAGS) {
19834 + struct proc_dir_entry *entry = PROC_I(in)->pde;
19835 + unsigned int iflags = PROC_I(in)->vx_flags;
19837 + iflags = (iflags & ~(*mask & IATTR_FLAGS))
19838 + | (*flags & IATTR_FLAGS);
19839 + PROC_I(in)->vx_flags = iflags;
19841 + entry->vx_flags = iflags;
19844 + if (*mask & (IATTR_IMMUTABLE | IATTR_IXUNLINK |
19845 + IATTR_BARRIER | IATTR_COW)) {
19846 + int iflags = in->i_flags;
19847 + int vflags = in->i_vflags;
19849 + if (*mask & IATTR_IMMUTABLE) {
19850 + if (*flags & IATTR_IMMUTABLE)
19851 + iflags |= S_IMMUTABLE;
19853 + iflags &= ~S_IMMUTABLE;
19855 + if (*mask & IATTR_IXUNLINK) {
19856 + if (*flags & IATTR_IXUNLINK)
19857 + iflags |= S_IXUNLINK;
19859 + iflags &= ~S_IXUNLINK;
19861 + if (S_ISDIR(in->i_mode) && (*mask & IATTR_BARRIER)) {
19862 + if (*flags & IATTR_BARRIER)
19863 + vflags |= V_BARRIER;
19865 + vflags &= ~V_BARRIER;
19867 + if (S_ISREG(in->i_mode) && (*mask & IATTR_COW)) {
19868 + if (*flags & IATTR_COW)
19871 + vflags &= ~V_COW;
19873 + if (in->i_op && in->i_op->sync_flags) {
19874 + error = in->i_op->sync_flags(in, iflags, vflags);
19880 + if (attr.ia_valid) {
19881 + if (in->i_op && in->i_op->setattr)
19882 + error = in->i_op->setattr(de, &attr);
19884 + error = inode_change_ok(in, &attr);
19886 + setattr_copy(in, &attr);
19887 + mark_inode_dirty(in);
19893 + mutex_unlock(&in->i_mutex);
19897 +int vc_set_iattr(void __user *data)
19899 + struct path path;
19900 + struct vcmd_ctx_iattr_v1 vc_data;
19903 + if (!capable(CAP_LINUX_IMMUTABLE))
19905 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19908 + ret = user_lpath(vc_data.name, &path);
19910 + ret = __vc_set_iattr(path.dentry,
19911 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
19915 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19920 +#ifdef CONFIG_COMPAT
19922 +int vc_set_iattr_x32(void __user *data)
19924 + struct path path;
19925 + struct vcmd_ctx_iattr_v1_x32 vc_data;
19928 + if (!capable(CAP_LINUX_IMMUTABLE))
19930 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19933 + ret = user_lpath(compat_ptr(vc_data.name_ptr), &path);
19935 + ret = __vc_set_iattr(path.dentry,
19936 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
19940 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19945 +#endif /* CONFIG_COMPAT */
19947 +int vc_fset_iattr(uint32_t fd, void __user *data)
19949 + struct file *filp;
19950 + struct vcmd_ctx_fiattr_v0 vc_data;
19953 + if (!capable(CAP_LINUX_IMMUTABLE))
19955 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19959 + if (!filp || !filp->f_dentry || !filp->f_dentry->d_inode)
19962 + ret = __vc_set_iattr(filp->f_dentry, &vc_data.tag,
19963 + &vc_data.flags, &vc_data.mask);
19967 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19973 +enum { Opt_notagcheck, Opt_tag, Opt_notag, Opt_tagid, Opt_err };
19975 +static match_table_t tokens = {
19976 + {Opt_notagcheck, "notagcheck"},
19977 +#ifdef CONFIG_PROPAGATE
19978 + {Opt_notag, "notag"},
19979 + {Opt_tag, "tag"},
19980 + {Opt_tagid, "tagid=%u"},
19986 +static void __dx_parse_remove(char *string, char *opt)
19988 + char *p = strstr(string, opt);
19992 + while (*q != '\0' && *q != ',')
20001 +int dx_parse_tag(char *string, tag_t *tag, int remove, int *mnt_flags,
20002 + unsigned long *flags)
20005 + substring_t args[MAX_OPT_ARGS];
20007 + char *s, *p, *opts;
20008 +#if defined(CONFIG_PROPAGATE) || defined(CONFIG_VSERVER_WARN)
20014 + s = kstrdup(string, GFP_KERNEL | GFP_ATOMIC);
20019 + while ((p = strsep(&opts, ",")) != NULL) {
20020 + token = match_token(p, tokens, args);
20023 +#ifdef CONFIG_PROPAGATE
20028 + __dx_parse_remove(s, "tag");
20029 + *mnt_flags |= MNT_TAGID;
20030 + set |= MNT_TAGID;
20034 + __dx_parse_remove(s, "notag");
20035 + *mnt_flags |= MNT_NOTAG;
20036 + set |= MNT_NOTAG;
20039 + if (tag && !match_int(args, &option))
20042 + __dx_parse_remove(s, "tagid");
20043 + *mnt_flags |= MNT_TAGID;
20044 + set |= MNT_TAGID;
20047 + case Opt_notagcheck:
20049 + __dx_parse_remove(s, "notagcheck");
20050 + *flags |= MS_NOTAGCHECK;
20051 + set |= MS_NOTAGCHECK;
20054 + vxdprintk(VXD_CBIT(tag, 7),
20055 + "dx_parse_tag(" VS_Q("%s") "): %d:#%d",
20056 + p, token, option);
20059 + strcpy(string, s);
20064 +#ifdef CONFIG_PROPAGATE
20066 +void __dx_propagate_tag(struct nameidata *nd, struct inode *inode)
20068 + tag_t new_tag = 0;
20069 + struct vfsmount *mnt;
20074 + mnt = nd->path.mnt;
20078 + propagate = (mnt->mnt_flags & MNT_TAGID);
20080 + new_tag = mnt->mnt_tag;
20082 + vxdprintk(VXD_CBIT(tag, 7),
20083 + "dx_propagate_tag(%p[#%lu.%d]): %d,%d",
20084 + inode, inode->i_ino, inode->i_tag,
20085 + new_tag, (propagate) ? 1 : 0);
20088 + inode->i_tag = new_tag;
20091 +#include <linux/module.h>
20093 +EXPORT_SYMBOL_GPL(__dx_propagate_tag);
20095 +#endif /* CONFIG_PROPAGATE */
20097 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/limit.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/limit.c
20098 --- linux-3.0-rc5/kernel/vserver/limit.c 1970-01-01 01:00:00.000000000 +0100
20099 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/limit.c 2011-06-10 22:11:24.000000000 +0200
20102 + * linux/kernel/vserver/limit.c
20104 + * Virtual Server: Context Limits
20106 + * Copyright (C) 2004-2010 Herbert Pötzl
20108 + * V0.01 broken out from vcontext V0.05
20109 + * V0.02 changed vcmds to vxi arg
20110 + * V0.03 added memory cgroup support
20114 +#include <linux/sched.h>
20115 +#include <linux/module.h>
20116 +#include <linux/memcontrol.h>
20117 +#include <linux/res_counter.h>
20118 +#include <linux/vs_limit.h>
20119 +#include <linux/vserver/limit.h>
20120 +#include <linux/vserver/limit_cmd.h>
20122 +#include <asm/uaccess.h>
20125 +const char *vlimit_name[NUM_LIMITS] = {
20126 +#ifdef CONFIG_VSERVER_LEGACY_MEM
20127 + [RLIMIT_RSS] = "RSS",
20128 + [RLIMIT_AS] = "VM",
20129 +#endif /* CONFIG_VSERVER_LEGACY_MEM */
20130 + [RLIMIT_CPU] = "CPU",
20131 + [RLIMIT_NPROC] = "NPROC",
20132 + [RLIMIT_NOFILE] = "NOFILE",
20133 + [RLIMIT_LOCKS] = "LOCKS",
20134 + [RLIMIT_SIGPENDING] = "SIGP",
20135 + [RLIMIT_MSGQUEUE] = "MSGQ",
20137 + [VLIMIT_NSOCK] = "NSOCK",
20138 + [VLIMIT_OPENFD] = "OPENFD",
20139 + [VLIMIT_SHMEM] = "SHMEM",
20140 + [VLIMIT_DENTRY] = "DENTRY",
20143 +EXPORT_SYMBOL_GPL(vlimit_name);
20145 +#define MASK_ENTRY(x) (1 << (x))
20147 +const struct vcmd_ctx_rlimit_mask_v0 vlimit_mask = {
20150 + , /* softlimit */
20151 +#ifdef CONFIG_VSERVER_LEGACY_MEM
20152 + MASK_ENTRY( RLIMIT_RSS ) |
20153 +#endif /* CONFIG_VSERVER_LEGACY_MEM */
20156 +#ifdef CONFIG_VSERVER_LEGACY_MEM
20157 + MASK_ENTRY( RLIMIT_RSS ) |
20158 + MASK_ENTRY( RLIMIT_AS ) |
20159 +#endif /* CONFIG_VSERVER_LEGACY_MEM */
20160 + MASK_ENTRY( RLIMIT_NPROC ) |
20161 + MASK_ENTRY( RLIMIT_NOFILE ) |
20162 + MASK_ENTRY( RLIMIT_LOCKS ) |
20163 + MASK_ENTRY( RLIMIT_MSGQUEUE ) |
20165 + MASK_ENTRY( VLIMIT_NSOCK ) |
20166 + MASK_ENTRY( VLIMIT_OPENFD ) |
20167 + MASK_ENTRY( VLIMIT_SHMEM ) |
20168 + MASK_ENTRY( VLIMIT_DENTRY ) |
20171 + /* accounting only */
20172 +uint32_t account_mask =
20173 + MASK_ENTRY( VLIMIT_SEMARY ) |
20174 + MASK_ENTRY( VLIMIT_NSEMS ) |
20175 + MASK_ENTRY( VLIMIT_MAPPED ) |
20179 +static int is_valid_vlimit(int id)
20181 + uint32_t mask = vlimit_mask.minimum |
20182 + vlimit_mask.softlimit | vlimit_mask.maximum;
20183 + return mask & (1 << id);
20186 +static int is_accounted_vlimit(int id)
20188 + if (is_valid_vlimit(id))
20190 + return account_mask & (1 << id);
20194 +static inline uint64_t vc_get_soft(struct vx_info *vxi, int id)
20196 + rlim_t limit = __rlim_soft(&vxi->limit, id);
20197 + return VX_VLIM(limit);
20200 +static inline uint64_t vc_get_hard(struct vx_info *vxi, int id)
20202 + rlim_t limit = __rlim_hard(&vxi->limit, id);
20203 + return VX_VLIM(limit);
20206 +static int do_get_rlimit(struct vx_info *vxi, uint32_t id,
20207 + uint64_t *minimum, uint64_t *softlimit, uint64_t *maximum)
20209 + if (!is_valid_vlimit(id))
20213 + *minimum = CRLIM_UNSET;
20215 + *softlimit = vc_get_soft(vxi, id);
20217 + *maximum = vc_get_hard(vxi, id);
20221 +int vc_get_rlimit(struct vx_info *vxi, void __user *data)
20223 + struct vcmd_ctx_rlimit_v0 vc_data;
20226 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20229 + ret = do_get_rlimit(vxi, vc_data.id,
20230 + &vc_data.minimum, &vc_data.softlimit, &vc_data.maximum);
20234 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20239 +static int do_set_rlimit(struct vx_info *vxi, uint32_t id,
20240 + uint64_t minimum, uint64_t softlimit, uint64_t maximum)
20242 + if (!is_valid_vlimit(id))
20245 + if (maximum != CRLIM_KEEP)
20246 + __rlim_hard(&vxi->limit, id) = VX_RLIM(maximum);
20247 + if (softlimit != CRLIM_KEEP)
20248 + __rlim_soft(&vxi->limit, id) = VX_RLIM(softlimit);
20250 + /* clamp soft limit */
20251 + if (__rlim_soft(&vxi->limit, id) > __rlim_hard(&vxi->limit, id))
20252 + __rlim_soft(&vxi->limit, id) = __rlim_hard(&vxi->limit, id);
20257 +int vc_set_rlimit(struct vx_info *vxi, void __user *data)
20259 + struct vcmd_ctx_rlimit_v0 vc_data;
20261 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20264 + return do_set_rlimit(vxi, vc_data.id,
20265 + vc_data.minimum, vc_data.softlimit, vc_data.maximum);
20268 +#ifdef CONFIG_IA32_EMULATION
20270 +int vc_set_rlimit_x32(struct vx_info *vxi, void __user *data)
20272 + struct vcmd_ctx_rlimit_v0_x32 vc_data;
20274 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20277 + return do_set_rlimit(vxi, vc_data.id,
20278 + vc_data.minimum, vc_data.softlimit, vc_data.maximum);
20281 +int vc_get_rlimit_x32(struct vx_info *vxi, void __user *data)
20283 + struct vcmd_ctx_rlimit_v0_x32 vc_data;
20286 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20289 + ret = do_get_rlimit(vxi, vc_data.id,
20290 + &vc_data.minimum, &vc_data.softlimit, &vc_data.maximum);
20294 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20299 +#endif /* CONFIG_IA32_EMULATION */
20302 +int vc_get_rlimit_mask(uint32_t id, void __user *data)
20304 + if (copy_to_user(data, &vlimit_mask, sizeof(vlimit_mask)))
20310 +static inline void vx_reset_hits(struct _vx_limit *limit)
20314 + for (lim = 0; lim < NUM_LIMITS; lim++) {
20315 + atomic_set(&__rlim_lhit(limit, lim), 0);
20319 +int vc_reset_hits(struct vx_info *vxi, void __user *data)
20321 + vx_reset_hits(&vxi->limit);
20325 +static inline void vx_reset_minmax(struct _vx_limit *limit)
20330 + for (lim = 0; lim < NUM_LIMITS; lim++) {
20331 + value = __rlim_get(limit, lim);
20332 + __rlim_rmax(limit, lim) = value;
20333 + __rlim_rmin(limit, lim) = value;
20337 +int vc_reset_minmax(struct vx_info *vxi, void __user *data)
20339 + vx_reset_minmax(&vxi->limit);
20344 +int vc_rlimit_stat(struct vx_info *vxi, void __user *data)
20346 + struct vcmd_rlimit_stat_v0 vc_data;
20347 + struct _vx_limit *limit = &vxi->limit;
20350 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20354 + if (!is_accounted_vlimit(id))
20357 + vx_limit_fixup(limit, id);
20358 + vc_data.hits = atomic_read(&__rlim_lhit(limit, id));
20359 + vc_data.value = __rlim_get(limit, id);
20360 + vc_data.minimum = __rlim_rmin(limit, id);
20361 + vc_data.maximum = __rlim_rmax(limit, id);
20363 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20369 +void vx_vsi_meminfo(struct sysinfo *val)
20371 +#ifdef CONFIG_CGROUP_MEM_RES_CTLR
20372 + struct mem_cgroup *mcg = mem_cgroup_from_task(current);
20373 + u64 res_limit, res_usage;
20378 + res_limit = mem_cgroup_res_read_u64(mcg, RES_LIMIT);
20379 + res_usage = mem_cgroup_res_read_u64(mcg, RES_USAGE);
20381 + if (res_limit != RESOURCE_MAX)
20382 + val->totalram = (res_limit >> PAGE_SHIFT);
20383 + val->freeram = val->totalram - (res_usage >> PAGE_SHIFT);
20384 + val->bufferram = 0;
20385 + val->totalhigh = 0;
20386 + val->freehigh = 0;
20387 +#endif /* CONFIG_CGROUP_MEM_RES_CTLR */
20391 +void vx_vsi_swapinfo(struct sysinfo *val)
20393 +#ifdef CONFIG_CGROUP_MEM_RES_CTLR
20394 +#ifdef CONFIG_CGROUP_MEM_RES_CTLR_SWAP
20395 + struct mem_cgroup *mcg = mem_cgroup_from_task(current);
20396 + u64 res_limit, res_usage, memsw_limit, memsw_usage;
20397 + s64 swap_limit, swap_usage;
20402 + res_limit = mem_cgroup_res_read_u64(mcg, RES_LIMIT);
20403 + res_usage = mem_cgroup_res_read_u64(mcg, RES_USAGE);
20404 + memsw_limit = mem_cgroup_memsw_read_u64(mcg, RES_LIMIT);
20405 + memsw_usage = mem_cgroup_memsw_read_u64(mcg, RES_USAGE);
20407 + if (res_limit == RESOURCE_MAX)
20410 + swap_limit = memsw_limit - res_limit;
20411 + if (memsw_limit != RESOURCE_MAX)
20412 + val->totalswap = swap_limit >> PAGE_SHIFT;
20414 + swap_usage = memsw_usage - res_usage;
20415 + val->freeswap = (swap_usage < swap_limit) ?
20416 + val->totalswap - (swap_usage >> PAGE_SHIFT) : 0;
20417 +#else /* !CONFIG_CGROUP_MEM_RES_CTLR_SWAP */
20418 + val->totalswap = 0;
20419 + val->freeswap = 0;
20420 +#endif /* !CONFIG_CGROUP_MEM_RES_CTLR_SWAP */
20421 +#endif /* CONFIG_CGROUP_MEM_RES_CTLR */
20425 +long vx_vsi_cached(struct sysinfo *val)
20427 +#ifdef CONFIG_CGROUP_MEM_RES_CTLR
20428 + struct mem_cgroup *mcg = mem_cgroup_from_task(current);
20430 + return mem_cgroup_stat_read_cache(mcg);
20437 +unsigned long vx_badness(struct task_struct *task, struct mm_struct *mm)
20439 + struct vx_info *vxi = mm->mm_vx_info;
20440 + unsigned long points;
20446 + points = vxi->vx_badness_bias;
20448 + v = __vx_cres_array_fixup(&vxi->limit, VLA_RSS);
20449 + w = __rlim_soft(&vxi->limit, RLIMIT_RSS);
20450 + points += (v > w) ? (v - w) : 0;
20455 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/limit_init.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/limit_init.h
20456 --- linux-3.0-rc5/kernel/vserver/limit_init.h 1970-01-01 01:00:00.000000000 +0100
20457 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/limit_init.h 2011-06-10 22:11:24.000000000 +0200
20461 +static inline void vx_info_init_limit(struct _vx_limit *limit)
20465 + for (lim = 0; lim < NUM_LIMITS; lim++) {
20466 + __rlim_soft(limit, lim) = RLIM_INFINITY;
20467 + __rlim_hard(limit, lim) = RLIM_INFINITY;
20468 + __rlim_set(limit, lim, 0);
20469 + atomic_set(&__rlim_lhit(limit, lim), 0);
20470 + __rlim_rmin(limit, lim) = 0;
20471 + __rlim_rmax(limit, lim) = 0;
20475 +static inline void vx_info_exit_limit(struct _vx_limit *limit)
20480 + for (lim = 0; lim < NUM_LIMITS; lim++) {
20481 + if ((1 << lim) & VLIM_NOCHECK)
20483 + value = __rlim_get(limit, lim);
20484 + vxwprintk_xid(value,
20485 + "!!! limit: %p[%s,%d] = %ld on exit.",
20486 + limit, vlimit_name[lim], lim, (long)value);
20490 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/limit_proc.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/limit_proc.h
20491 --- linux-3.0-rc5/kernel/vserver/limit_proc.h 1970-01-01 01:00:00.000000000 +0100
20492 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/limit_proc.h 2011-06-10 22:11:24.000000000 +0200
20494 +#ifndef _VX_LIMIT_PROC_H
20495 +#define _VX_LIMIT_PROC_H
20497 +#include <linux/vserver/limit_int.h>
20500 +#define VX_LIMIT_FMT ":\t%8ld\t%8ld/%8ld\t%8lld/%8lld\t%6d\n"
20501 +#define VX_LIMIT_TOP \
20502 + "Limit\t current\t min/max\t\t soft/hard\t\thits\n"
20504 +#define VX_LIMIT_ARG(r) \
20505 + (unsigned long)__rlim_get(limit, r), \
20506 + (unsigned long)__rlim_rmin(limit, r), \
20507 + (unsigned long)__rlim_rmax(limit, r), \
20508 + VX_VLIM(__rlim_soft(limit, r)), \
20509 + VX_VLIM(__rlim_hard(limit, r)), \
20510 + atomic_read(&__rlim_lhit(limit, r))
20512 +static inline int vx_info_proc_limit(struct _vx_limit *limit, char *buffer)
20514 + vx_limit_fixup(limit, -1);
20515 + return sprintf(buffer, VX_LIMIT_TOP
20516 + "PROC" VX_LIMIT_FMT
20517 + "VM" VX_LIMIT_FMT
20518 + "VML" VX_LIMIT_FMT
20519 + "RSS" VX_LIMIT_FMT
20520 + "ANON" VX_LIMIT_FMT
20521 + "RMAP" VX_LIMIT_FMT
20522 + "FILES" VX_LIMIT_FMT
20523 + "OFD" VX_LIMIT_FMT
20524 + "LOCKS" VX_LIMIT_FMT
20525 + "SOCK" VX_LIMIT_FMT
20526 + "MSGQ" VX_LIMIT_FMT
20527 + "SHM" VX_LIMIT_FMT
20528 + "SEMA" VX_LIMIT_FMT
20529 + "SEMS" VX_LIMIT_FMT
20530 + "DENT" VX_LIMIT_FMT,
20531 + VX_LIMIT_ARG(RLIMIT_NPROC),
20532 + VX_LIMIT_ARG(RLIMIT_AS),
20533 + VX_LIMIT_ARG(RLIMIT_MEMLOCK),
20534 + VX_LIMIT_ARG(RLIMIT_RSS),
20535 + VX_LIMIT_ARG(VLIMIT_ANON),
20536 + VX_LIMIT_ARG(VLIMIT_MAPPED),
20537 + VX_LIMIT_ARG(RLIMIT_NOFILE),
20538 + VX_LIMIT_ARG(VLIMIT_OPENFD),
20539 + VX_LIMIT_ARG(RLIMIT_LOCKS),
20540 + VX_LIMIT_ARG(VLIMIT_NSOCK),
20541 + VX_LIMIT_ARG(RLIMIT_MSGQUEUE),
20542 + VX_LIMIT_ARG(VLIMIT_SHMEM),
20543 + VX_LIMIT_ARG(VLIMIT_SEMARY),
20544 + VX_LIMIT_ARG(VLIMIT_NSEMS),
20545 + VX_LIMIT_ARG(VLIMIT_DENTRY));
20548 +#endif /* _VX_LIMIT_PROC_H */
20551 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/network.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/network.c
20552 --- linux-3.0-rc5/kernel/vserver/network.c 1970-01-01 01:00:00.000000000 +0100
20553 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/network.c 2011-06-10 23:20:56.000000000 +0200
20556 + * linux/kernel/vserver/network.c
20558 + * Virtual Server: Network Support
20560 + * Copyright (C) 2003-2007 Herbert Pötzl
20562 + * V0.01 broken out from vcontext V0.05
20563 + * V0.02 cleaned up implementation
20564 + * V0.03 added equiv nx commands
20565 + * V0.04 switch to RCU based hash
20566 + * V0.05 and back to locking again
20567 + * V0.06 changed vcmds to nxi arg
20568 + * V0.07 have __create claim() the nxi
20572 +#include <linux/err.h>
20573 +#include <linux/slab.h>
20574 +#include <linux/rcupdate.h>
20576 +#include <linux/vs_network.h>
20577 +#include <linux/vs_pid.h>
20578 +#include <linux/vserver/network_cmd.h>
20581 +atomic_t nx_global_ctotal = ATOMIC_INIT(0);
20582 +atomic_t nx_global_cactive = ATOMIC_INIT(0);
20584 +static struct kmem_cache *nx_addr_v4_cachep = NULL;
20585 +static struct kmem_cache *nx_addr_v6_cachep = NULL;
20588 +static int __init init_network(void)
20590 + nx_addr_v4_cachep = kmem_cache_create("nx_v4_addr_cache",
20591 + sizeof(struct nx_addr_v4), 0,
20592 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
20593 + nx_addr_v6_cachep = kmem_cache_create("nx_v6_addr_cache",
20594 + sizeof(struct nx_addr_v6), 0,
20595 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
20600 +/* __alloc_nx_addr_v4() */
20602 +static inline struct nx_addr_v4 *__alloc_nx_addr_v4(void)
20604 + struct nx_addr_v4 *nxa = kmem_cache_alloc(
20605 + nx_addr_v4_cachep, GFP_KERNEL);
20607 + if (!IS_ERR(nxa))
20608 + memset(nxa, 0, sizeof(*nxa));
20612 +/* __dealloc_nx_addr_v4() */
20614 +static inline void __dealloc_nx_addr_v4(struct nx_addr_v4 *nxa)
20616 + kmem_cache_free(nx_addr_v4_cachep, nxa);
20619 +/* __dealloc_nx_addr_v4_all() */
20621 +static inline void __dealloc_nx_addr_v4_all(struct nx_addr_v4 *nxa)
20624 + struct nx_addr_v4 *next = nxa->next;
20626 + __dealloc_nx_addr_v4(nxa);
20632 +#ifdef CONFIG_IPV6
20634 +/* __alloc_nx_addr_v6() */
20636 +static inline struct nx_addr_v6 *__alloc_nx_addr_v6(void)
20638 + struct nx_addr_v6 *nxa = kmem_cache_alloc(
20639 + nx_addr_v6_cachep, GFP_KERNEL);
20641 + if (!IS_ERR(nxa))
20642 + memset(nxa, 0, sizeof(*nxa));
20646 +/* __dealloc_nx_addr_v6() */
20648 +static inline void __dealloc_nx_addr_v6(struct nx_addr_v6 *nxa)
20650 + kmem_cache_free(nx_addr_v6_cachep, nxa);
20653 +/* __dealloc_nx_addr_v6_all() */
20655 +static inline void __dealloc_nx_addr_v6_all(struct nx_addr_v6 *nxa)
20658 + struct nx_addr_v6 *next = nxa->next;
20660 + __dealloc_nx_addr_v6(nxa);
20665 +#endif /* CONFIG_IPV6 */
20667 +/* __alloc_nx_info()
20669 + * allocate an initialized nx_info struct
20670 + * doesn't make it visible (hash) */
20672 +static struct nx_info *__alloc_nx_info(nid_t nid)
20674 + struct nx_info *new = NULL;
20676 + vxdprintk(VXD_CBIT(nid, 1), "alloc_nx_info(%d)*", nid);
20678 + /* would this benefit from a slab cache? */
20679 + new = kmalloc(sizeof(struct nx_info), GFP_KERNEL);
20683 + memset(new, 0, sizeof(struct nx_info));
20684 + new->nx_id = nid;
20685 + INIT_HLIST_NODE(&new->nx_hlist);
20686 + atomic_set(&new->nx_usecnt, 0);
20687 + atomic_set(&new->nx_tasks, 0);
20688 + new->nx_state = 0;
20690 + new->nx_flags = NXF_INIT_SET;
20692 + /* rest of init goes here */
20694 + new->v4_lback.s_addr = htonl(INADDR_LOOPBACK);
20695 + new->v4_bcast.s_addr = htonl(INADDR_BROADCAST);
20697 + vxdprintk(VXD_CBIT(nid, 0),
20698 + "alloc_nx_info(%d) = %p", nid, new);
20699 + atomic_inc(&nx_global_ctotal);
20703 +/* __dealloc_nx_info()
20705 + * final disposal of nx_info */
20707 +static void __dealloc_nx_info(struct nx_info *nxi)
20709 + vxdprintk(VXD_CBIT(nid, 0),
20710 + "dealloc_nx_info(%p)", nxi);
20712 + nxi->nx_hlist.next = LIST_POISON1;
20715 + BUG_ON(atomic_read(&nxi->nx_usecnt));
20716 + BUG_ON(atomic_read(&nxi->nx_tasks));
20718 + __dealloc_nx_addr_v4_all(nxi->v4.next);
20720 + nxi->nx_state |= NXS_RELEASED;
20722 + atomic_dec(&nx_global_ctotal);
20725 +static void __shutdown_nx_info(struct nx_info *nxi)
20727 + nxi->nx_state |= NXS_SHUTDOWN;
20728 + vs_net_change(nxi, VSC_NETDOWN);
20731 +/* exported stuff */
20733 +void free_nx_info(struct nx_info *nxi)
20735 + /* context shutdown is mandatory */
20736 + BUG_ON(nxi->nx_state != NXS_SHUTDOWN);
20738 + /* context must not be hashed */
20739 + BUG_ON(nxi->nx_state & NXS_HASHED);
20741 + BUG_ON(atomic_read(&nxi->nx_usecnt));
20742 + BUG_ON(atomic_read(&nxi->nx_tasks));
20744 + __dealloc_nx_info(nxi);
20748 +void __nx_set_lback(struct nx_info *nxi)
20750 + int nid = nxi->nx_id;
20751 + __be32 lback = htonl(INADDR_LOOPBACK ^ ((nid & 0xFFFF) << 8));
20753 + nxi->v4_lback.s_addr = lback;
20756 +extern int __nx_inet_add_lback(__be32 addr);
20757 +extern int __nx_inet_del_lback(__be32 addr);
20760 +/* hash table for nx_info hash */
20762 +#define NX_HASH_SIZE 13
20764 +struct hlist_head nx_info_hash[NX_HASH_SIZE];
20766 +static DEFINE_SPINLOCK(nx_info_hash_lock);
20769 +static inline unsigned int __hashval(nid_t nid)
20771 + return (nid % NX_HASH_SIZE);
20776 +/* __hash_nx_info()
20778 + * add the nxi to the global hash table
20779 + * requires the hash_lock to be held */
20781 +static inline void __hash_nx_info(struct nx_info *nxi)
20783 + struct hlist_head *head;
20785 + vxd_assert_lock(&nx_info_hash_lock);
20786 + vxdprintk(VXD_CBIT(nid, 4),
20787 + "__hash_nx_info: %p[#%d]", nxi, nxi->nx_id);
20789 + /* context must not be hashed */
20790 + BUG_ON(nx_info_state(nxi, NXS_HASHED));
20792 + nxi->nx_state |= NXS_HASHED;
20793 + head = &nx_info_hash[__hashval(nxi->nx_id)];
20794 + hlist_add_head(&nxi->nx_hlist, head);
20795 + atomic_inc(&nx_global_cactive);
20798 +/* __unhash_nx_info()
20800 + * remove the nxi from the global hash table
20801 + * requires the hash_lock to be held */
20803 +static inline void __unhash_nx_info(struct nx_info *nxi)
20805 + vxd_assert_lock(&nx_info_hash_lock);
20806 + vxdprintk(VXD_CBIT(nid, 4),
20807 + "__unhash_nx_info: %p[#%d.%d.%d]", nxi, nxi->nx_id,
20808 + atomic_read(&nxi->nx_usecnt), atomic_read(&nxi->nx_tasks));
20810 + /* context must be hashed */
20811 + BUG_ON(!nx_info_state(nxi, NXS_HASHED));
20812 + /* but without tasks */
20813 + BUG_ON(atomic_read(&nxi->nx_tasks));
20815 + nxi->nx_state &= ~NXS_HASHED;
20816 + hlist_del(&nxi->nx_hlist);
20817 + atomic_dec(&nx_global_cactive);
20821 +/* __lookup_nx_info()
20823 + * requires the hash_lock to be held
20824 + * doesn't increment the nx_refcnt */
20826 +static inline struct nx_info *__lookup_nx_info(nid_t nid)
20828 + struct hlist_head *head = &nx_info_hash[__hashval(nid)];
20829 + struct hlist_node *pos;
20830 + struct nx_info *nxi;
20832 + vxd_assert_lock(&nx_info_hash_lock);
20833 + hlist_for_each(pos, head) {
20834 + nxi = hlist_entry(pos, struct nx_info, nx_hlist);
20836 + if (nxi->nx_id == nid)
20841 + vxdprintk(VXD_CBIT(nid, 0),
20842 + "__lookup_nx_info(#%u): %p[#%u]",
20843 + nid, nxi, nxi ? nxi->nx_id : 0);
20848 +/* __create_nx_info()
20850 + * create the requested context
20851 + * get(), claim() and hash it */
20853 +static struct nx_info *__create_nx_info(int id)
20855 + struct nx_info *new, *nxi = NULL;
20857 + vxdprintk(VXD_CBIT(nid, 1), "create_nx_info(%d)*", id);
20859 + if (!(new = __alloc_nx_info(id)))
20860 + return ERR_PTR(-ENOMEM);
20862 + /* required to make dynamic xids unique */
20863 + spin_lock(&nx_info_hash_lock);
20865 + /* static context requested */
20866 + if ((nxi = __lookup_nx_info(id))) {
20867 + vxdprintk(VXD_CBIT(nid, 0),
20868 + "create_nx_info(%d) = %p (already there)", id, nxi);
20869 + if (nx_info_flags(nxi, NXF_STATE_SETUP, 0))
20870 + nxi = ERR_PTR(-EBUSY);
20872 + nxi = ERR_PTR(-EEXIST);
20875 + /* new context */
20876 + vxdprintk(VXD_CBIT(nid, 0),
20877 + "create_nx_info(%d) = %p (new)", id, new);
20878 + claim_nx_info(new, NULL);
20879 + __nx_set_lback(new);
20880 + __hash_nx_info(get_nx_info(new));
20881 + nxi = new, new = NULL;
20884 + spin_unlock(&nx_info_hash_lock);
20886 + __dealloc_nx_info(new);
20892 +/* exported stuff */
20895 +void unhash_nx_info(struct nx_info *nxi)
20897 + __shutdown_nx_info(nxi);
20898 + spin_lock(&nx_info_hash_lock);
20899 + __unhash_nx_info(nxi);
20900 + spin_unlock(&nx_info_hash_lock);
20903 +/* lookup_nx_info()
20905 + * search for a nx_info and get() it
20906 + * negative id means current */
20908 +struct nx_info *lookup_nx_info(int id)
20910 + struct nx_info *nxi = NULL;
20913 + nxi = get_nx_info(current_nx_info());
20914 + } else if (id > 1) {
20915 + spin_lock(&nx_info_hash_lock);
20916 + nxi = get_nx_info(__lookup_nx_info(id));
20917 + spin_unlock(&nx_info_hash_lock);
20922 +/* nid_is_hashed()
20924 + * verify that nid is still hashed */
20926 +int nid_is_hashed(nid_t nid)
20930 + spin_lock(&nx_info_hash_lock);
20931 + hashed = (__lookup_nx_info(nid) != NULL);
20932 + spin_unlock(&nx_info_hash_lock);
20937 +#ifdef CONFIG_PROC_FS
20941 + * get a subset of hashed nids for proc
20942 + * assumes size is at least one */
20944 +int get_nid_list(int index, unsigned int *nids, int size)
20946 + int hindex, nr_nids = 0;
20948 + /* only show current and children */
20949 + if (!nx_check(0, VS_ADMIN | VS_WATCH)) {
20952 + nids[nr_nids] = nx_current_nid();
20956 + for (hindex = 0; hindex < NX_HASH_SIZE; hindex++) {
20957 + struct hlist_head *head = &nx_info_hash[hindex];
20958 + struct hlist_node *pos;
20960 + spin_lock(&nx_info_hash_lock);
20961 + hlist_for_each(pos, head) {
20962 + struct nx_info *nxi;
20967 + nxi = hlist_entry(pos, struct nx_info, nx_hlist);
20968 + nids[nr_nids] = nxi->nx_id;
20969 + if (++nr_nids >= size) {
20970 + spin_unlock(&nx_info_hash_lock);
20974 + /* keep the lock time short */
20975 + spin_unlock(&nx_info_hash_lock);
20984 + * migrate task to new network
20985 + * gets nxi, puts old_nxi on change
20988 +int nx_migrate_task(struct task_struct *p, struct nx_info *nxi)
20990 + struct nx_info *old_nxi;
20996 + vxdprintk(VXD_CBIT(nid, 5),
20997 + "nx_migrate_task(%p,%p[#%d.%d.%d])",
20998 + p, nxi, nxi->nx_id,
20999 + atomic_read(&nxi->nx_usecnt),
21000 + atomic_read(&nxi->nx_tasks));
21002 + if (nx_info_flags(nxi, NXF_INFO_PRIVATE, 0) &&
21003 + !nx_info_flags(nxi, NXF_STATE_SETUP, 0))
21006 + if (nx_info_state(nxi, NXS_SHUTDOWN))
21009 + /* maybe disallow this completely? */
21010 + old_nxi = task_get_nx_info(p);
21011 + if (old_nxi == nxi)
21016 + clr_nx_info(&p->nx_info);
21017 + claim_nx_info(nxi, p);
21018 + set_nx_info(&p->nx_info, nxi);
21019 + p->nid = nxi->nx_id;
21022 + vxdprintk(VXD_CBIT(nid, 5),
21023 + "moved task %p into nxi:%p[#%d]",
21024 + p, nxi, nxi->nx_id);
21027 + release_nx_info(old_nxi, p);
21030 + put_nx_info(old_nxi);
21035 +void nx_set_persistent(struct nx_info *nxi)
21037 + vxdprintk(VXD_CBIT(nid, 6),
21038 + "nx_set_persistent(%p[#%d])", nxi, nxi->nx_id);
21040 + get_nx_info(nxi);
21041 + claim_nx_info(nxi, NULL);
21044 +void nx_clear_persistent(struct nx_info *nxi)
21046 + vxdprintk(VXD_CBIT(nid, 6),
21047 + "nx_clear_persistent(%p[#%d])", nxi, nxi->nx_id);
21049 + release_nx_info(nxi, NULL);
21050 + put_nx_info(nxi);
21053 +void nx_update_persistent(struct nx_info *nxi)
21055 + if (nx_info_flags(nxi, NXF_PERSISTENT, 0))
21056 + nx_set_persistent(nxi);
21058 + nx_clear_persistent(nxi);
21061 +/* vserver syscall commands below here */
21063 +/* taks nid and nx_info functions */
21065 +#include <asm/uaccess.h>
21068 +int vc_task_nid(uint32_t id)
21073 + struct task_struct *tsk;
21076 + tsk = find_task_by_real_pid(id);
21077 + nid = (tsk) ? tsk->nid : -ESRCH;
21078 + rcu_read_unlock();
21080 + nid = nx_current_nid();
21085 +int vc_nx_info(struct nx_info *nxi, void __user *data)
21087 + struct vcmd_nx_info_v0 vc_data;
21089 + vc_data.nid = nxi->nx_id;
21091 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21097 +/* network functions */
21099 +int vc_net_create(uint32_t nid, void __user *data)
21101 + struct vcmd_net_create vc_data = { .flagword = NXF_INIT_SET };
21102 + struct nx_info *new_nxi;
21105 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21108 + if ((nid > MAX_S_CONTEXT) || (nid < 2))
21111 + new_nxi = __create_nx_info(nid);
21112 + if (IS_ERR(new_nxi))
21113 + return PTR_ERR(new_nxi);
21115 + /* initial flags */
21116 + new_nxi->nx_flags = vc_data.flagword;
21119 + if (vs_net_change(new_nxi, VSC_NETUP))
21122 + ret = nx_migrate_task(current, new_nxi);
21126 + /* return context id on success */
21127 + ret = new_nxi->nx_id;
21129 + /* get a reference for persistent contexts */
21130 + if ((vc_data.flagword & NXF_PERSISTENT))
21131 + nx_set_persistent(new_nxi);
21133 + release_nx_info(new_nxi, NULL);
21134 + put_nx_info(new_nxi);
21139 +int vc_net_migrate(struct nx_info *nxi, void __user *data)
21141 + return nx_migrate_task(current, nxi);
21146 +int do_add_v4_addr(struct nx_info *nxi, __be32 ip, __be32 ip2, __be32 mask,
21147 + uint16_t type, uint16_t flags)
21149 + struct nx_addr_v4 *nxa = &nxi->v4;
21151 + if (NX_IPV4(nxi)) {
21152 + /* locate last entry */
21153 + for (; nxa->next; nxa = nxa->next);
21154 + nxa->next = __alloc_nx_addr_v4();
21158 + return PTR_ERR(nxa);
21161 + if (nxi->v4.next)
21162 + /* remove single ip for ip list */
21163 + nxi->nx_flags &= ~NXF_SINGLE_IP;
21165 + nxa->ip[0].s_addr = ip;
21166 + nxa->ip[1].s_addr = ip2;
21167 + nxa->mask.s_addr = mask;
21168 + nxa->type = type;
21169 + nxa->flags = flags;
21173 +int do_remove_v4_addr(struct nx_info *nxi, __be32 ip, __be32 ip2, __be32 mask,
21174 + uint16_t type, uint16_t flags)
21176 + struct nx_addr_v4 *nxa = &nxi->v4;
21179 +/* case NXA_TYPE_ADDR:
21182 + case NXA_TYPE_ANY:
21183 + __dealloc_nx_addr_v4_all(xchg(&nxa->next, NULL));
21184 + memset(nxa, 0, sizeof(*nxa));
21194 +int vc_net_add(struct nx_info *nxi, void __user *data)
21196 + struct vcmd_net_addr_v0 vc_data;
21197 + int index, ret = 0;
21199 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21202 + switch (vc_data.type) {
21203 + case NXA_TYPE_IPV4:
21204 + if ((vc_data.count < 1) || (vc_data.count > 4))
21208 + while (index < vc_data.count) {
21209 + ret = do_add_v4_addr(nxi, vc_data.ip[index].s_addr, 0,
21210 + vc_data.mask[index].s_addr, NXA_TYPE_ADDR, 0);
21218 + case NXA_TYPE_IPV4|NXA_MOD_BCAST:
21219 + nxi->v4_bcast = vc_data.ip[0];
21223 + case NXA_TYPE_IPV4|NXA_MOD_LBACK:
21224 + nxi->v4_lback = vc_data.ip[0];
21235 +int vc_net_remove(struct nx_info *nxi, void __user *data)
21237 + struct vcmd_net_addr_v0 vc_data;
21239 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21242 + switch (vc_data.type) {
21243 + case NXA_TYPE_ANY:
21244 + __dealloc_nx_addr_v4_all(xchg(&nxi->v4.next, NULL));
21245 + memset(&nxi->v4, 0, sizeof(nxi->v4));
21255 +int vc_net_add_ipv4_v1(struct nx_info *nxi, void __user *data)
21257 + struct vcmd_net_addr_ipv4_v1 vc_data;
21259 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21262 + switch (vc_data.type) {
21263 + case NXA_TYPE_ADDR:
21264 + case NXA_TYPE_MASK:
21265 + return do_add_v4_addr(nxi, vc_data.ip.s_addr, 0,
21266 + vc_data.mask.s_addr, vc_data.type, vc_data.flags);
21268 + case NXA_TYPE_ADDR | NXA_MOD_BCAST:
21269 + nxi->v4_bcast = vc_data.ip;
21272 + case NXA_TYPE_ADDR | NXA_MOD_LBACK:
21273 + nxi->v4_lback = vc_data.ip;
21282 +int vc_net_add_ipv4(struct nx_info *nxi, void __user *data)
21284 + struct vcmd_net_addr_ipv4_v2 vc_data;
21286 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21289 + switch (vc_data.type) {
21290 + case NXA_TYPE_ADDR:
21291 + case NXA_TYPE_MASK:
21292 + case NXA_TYPE_RANGE:
21293 + return do_add_v4_addr(nxi, vc_data.ip.s_addr, vc_data.ip2.s_addr,
21294 + vc_data.mask.s_addr, vc_data.type, vc_data.flags);
21296 + case NXA_TYPE_ADDR | NXA_MOD_BCAST:
21297 + nxi->v4_bcast = vc_data.ip;
21300 + case NXA_TYPE_ADDR | NXA_MOD_LBACK:
21301 + nxi->v4_lback = vc_data.ip;
21310 +int vc_net_rem_ipv4_v1(struct nx_info *nxi, void __user *data)
21312 + struct vcmd_net_addr_ipv4_v1 vc_data;
21314 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21317 + return do_remove_v4_addr(nxi, vc_data.ip.s_addr, 0,
21318 + vc_data.mask.s_addr, vc_data.type, vc_data.flags);
21321 +int vc_net_rem_ipv4(struct nx_info *nxi, void __user *data)
21323 + struct vcmd_net_addr_ipv4_v2 vc_data;
21325 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21328 + return do_remove_v4_addr(nxi, vc_data.ip.s_addr, vc_data.ip2.s_addr,
21329 + vc_data.mask.s_addr, vc_data.type, vc_data.flags);
21332 +#ifdef CONFIG_IPV6
21334 +int do_add_v6_addr(struct nx_info *nxi,
21335 + struct in6_addr *ip, struct in6_addr *mask,
21336 + uint32_t prefix, uint16_t type, uint16_t flags)
21338 + struct nx_addr_v6 *nxa = &nxi->v6;
21340 + if (NX_IPV6(nxi)) {
21341 + /* locate last entry */
21342 + for (; nxa->next; nxa = nxa->next);
21343 + nxa->next = __alloc_nx_addr_v6();
21347 + return PTR_ERR(nxa);
21351 + nxa->mask = *mask;
21352 + nxa->prefix = prefix;
21353 + nxa->type = type;
21354 + nxa->flags = flags;
21359 +int vc_net_add_ipv6(struct nx_info *nxi, void __user *data)
21361 + struct vcmd_net_addr_ipv6_v1 vc_data;
21363 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21366 + switch (vc_data.type) {
21367 + case NXA_TYPE_ADDR:
21368 + memset(&vc_data.mask, ~0, sizeof(vc_data.mask));
21369 + /* fallthrough */
21370 + case NXA_TYPE_MASK:
21371 + return do_add_v6_addr(nxi, &vc_data.ip, &vc_data.mask,
21372 + vc_data.prefix, vc_data.type, vc_data.flags);
21379 +int vc_net_remove_ipv6(struct nx_info *nxi, void __user *data)
21381 + struct vcmd_net_addr_ipv6_v1 vc_data;
21383 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
21386 + switch (vc_data.type) {
21387 + case NXA_TYPE_ANY:
21388 + __dealloc_nx_addr_v6_all(xchg(&nxi->v6.next, NULL));
21389 + memset(&nxi->v6, 0, sizeof(nxi->v6));
21398 +#endif /* CONFIG_IPV6 */
21401 +int vc_get_nflags(struct nx_info *nxi, void __user *data)
21403 + struct vcmd_net_flags_v0 vc_data;
21405 + vc_data.flagword = nxi->nx_flags;
21407 + /* special STATE flag handling */
21408 + vc_data.mask = vs_mask_flags(~0ULL, nxi->nx_flags, NXF_ONE_TIME);
21410 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21415 +int vc_set_nflags(struct nx_info *nxi, void __user *data)
21417 + struct vcmd_net_flags_v0 vc_data;
21418 + uint64_t mask, trigger;
21420 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21423 + /* special STATE flag handling */
21424 + mask = vs_mask_mask(vc_data.mask, nxi->nx_flags, NXF_ONE_TIME);
21425 + trigger = (mask & nxi->nx_flags) ^ (mask & vc_data.flagword);
21427 + nxi->nx_flags = vs_mask_flags(nxi->nx_flags,
21428 + vc_data.flagword, mask);
21429 + if (trigger & NXF_PERSISTENT)
21430 + nx_update_persistent(nxi);
21435 +int vc_get_ncaps(struct nx_info *nxi, void __user *data)
21437 + struct vcmd_net_caps_v0 vc_data;
21439 + vc_data.ncaps = nxi->nx_ncaps;
21440 + vc_data.cmask = ~0ULL;
21442 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21447 +int vc_set_ncaps(struct nx_info *nxi, void __user *data)
21449 + struct vcmd_net_caps_v0 vc_data;
21451 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21454 + nxi->nx_ncaps = vs_mask_flags(nxi->nx_ncaps,
21455 + vc_data.ncaps, vc_data.cmask);
21460 +#include <linux/module.h>
21462 +module_init(init_network);
21464 +EXPORT_SYMBOL_GPL(free_nx_info);
21465 +EXPORT_SYMBOL_GPL(unhash_nx_info);
21467 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/proc.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/proc.c
21468 --- linux-3.0-rc5/kernel/vserver/proc.c 1970-01-01 01:00:00.000000000 +0100
21469 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/proc.c 2011-06-10 22:11:24.000000000 +0200
21472 + * linux/kernel/vserver/proc.c
21474 + * Virtual Context Support
21476 + * Copyright (C) 2003-2007 Herbert Pötzl
21478 + * V0.01 basic structure
21479 + * V0.02 adaptation vs1.3.0
21480 + * V0.03 proc permissions
21481 + * V0.04 locking/generic
21482 + * V0.05 next generation procfs
21483 + * V0.06 inode validation
21484 + * V0.07 generic rewrite vid
21485 + * V0.08 remove inode type
21489 +#include <linux/proc_fs.h>
21490 +#include <linux/fs_struct.h>
21491 +#include <linux/mount.h>
21492 +#include <asm/unistd.h>
21494 +#include <linux/vs_context.h>
21495 +#include <linux/vs_network.h>
21496 +#include <linux/vs_cvirt.h>
21498 +#include <linux/in.h>
21499 +#include <linux/inetdevice.h>
21500 +#include <linux/vs_inet.h>
21501 +#include <linux/vs_inet6.h>
21503 +#include <linux/vserver/global.h>
21505 +#include "cvirt_proc.h"
21506 +#include "cacct_proc.h"
21507 +#include "limit_proc.h"
21508 +#include "sched_proc.h"
21509 +#include "vci_config.h"
21512 +static inline char *print_cap_t(char *buffer, kernel_cap_t *c)
21516 + CAP_FOR_EACH_U32(__capi) {
21517 + buffer += sprintf(buffer, "%08x",
21518 + c->cap[(_KERNEL_CAPABILITY_U32S-1) - __capi]);
21524 +static struct proc_dir_entry *proc_virtual;
21526 +static struct proc_dir_entry *proc_virtnet;
21529 +/* first the actual feeds */
21532 +static int proc_vci(char *buffer)
21534 + return sprintf(buffer,
21535 + "VCIVersion:\t%04x:%04x\n"
21536 + "VCISyscall:\t%d\n"
21537 + "VCIKernel:\t%08x\n",
21538 + VCI_VERSION >> 16,
21539 + VCI_VERSION & 0xFFFF,
21541 + vci_kernel_config());
21544 +static int proc_virtual_info(char *buffer)
21546 + return proc_vci(buffer);
21549 +static int proc_virtual_status(char *buffer)
21551 + return sprintf(buffer,
21553 + "#CActive:\t%d\n"
21554 + "#NSProxy:\t%d\t%d %d %d %d %d %d\n"
21555 + "#InitTask:\t%d\t%d %d\n",
21556 + atomic_read(&vx_global_ctotal),
21557 + atomic_read(&vx_global_cactive),
21558 + atomic_read(&vs_global_nsproxy),
21559 + atomic_read(&vs_global_fs),
21560 + atomic_read(&vs_global_mnt_ns),
21561 + atomic_read(&vs_global_uts_ns),
21562 + atomic_read(&nr_ipc_ns),
21563 + atomic_read(&vs_global_user_ns),
21564 + atomic_read(&vs_global_pid_ns),
21565 + atomic_read(&init_task.usage),
21566 + atomic_read(&init_task.nsproxy->count),
21567 + init_task.fs->users);
21571 +int proc_vxi_info(struct vx_info *vxi, char *buffer)
21575 + length = sprintf(buffer,
21583 + vxi->vx_badness_bias);
21587 +int proc_vxi_status(struct vx_info *vxi, char *buffer)
21589 + char *orig = buffer;
21591 + buffer += sprintf(buffer,
21594 + "Flags:\t%016llx\n",
21595 + atomic_read(&vxi->vx_usecnt),
21596 + atomic_read(&vxi->vx_tasks),
21597 + (unsigned long long)vxi->vx_flags);
21599 + buffer += sprintf(buffer, "BCaps:\t");
21600 + buffer = print_cap_t(buffer, &vxi->vx_bcaps);
21601 + buffer += sprintf(buffer, "\n");
21603 + buffer += sprintf(buffer,
21604 + "CCaps:\t%016llx\n"
21605 + "Umask:\t%16llx\n"
21606 + "Spaces:\t%08lx %08lx\n",
21607 + (unsigned long long)vxi->vx_ccaps,
21608 + (unsigned long long)vxi->vx_umask,
21609 + vxi->space[0].vx_nsmask, vxi->space[1].vx_nsmask);
21610 + return buffer - orig;
21613 +int proc_vxi_limit(struct vx_info *vxi, char *buffer)
21615 + return vx_info_proc_limit(&vxi->limit, buffer);
21618 +int proc_vxi_sched(struct vx_info *vxi, char *buffer)
21622 + length = vx_info_proc_sched(&vxi->sched, buffer);
21623 + for_each_online_cpu(cpu) {
21624 + length += vx_info_proc_sched_pc(
21625 + &vx_per_cpu(vxi, sched_pc, cpu),
21626 + buffer + length, cpu);
21631 +int proc_vxi_nsproxy0(struct vx_info *vxi, char *buffer)
21633 + return vx_info_proc_nsproxy(vxi->space[0].vx_nsproxy, buffer);
21636 +int proc_vxi_nsproxy1(struct vx_info *vxi, char *buffer)
21638 + return vx_info_proc_nsproxy(vxi->space[1].vx_nsproxy, buffer);
21641 +int proc_vxi_cvirt(struct vx_info *vxi, char *buffer)
21645 + vx_update_load(vxi);
21646 + length = vx_info_proc_cvirt(&vxi->cvirt, buffer);
21647 + for_each_online_cpu(cpu) {
21648 + length += vx_info_proc_cvirt_pc(
21649 + &vx_per_cpu(vxi, cvirt_pc, cpu),
21650 + buffer + length, cpu);
21655 +int proc_vxi_cacct(struct vx_info *vxi, char *buffer)
21657 + return vx_info_proc_cacct(&vxi->cacct, buffer);
21661 +static int proc_virtnet_info(char *buffer)
21663 + return proc_vci(buffer);
21666 +static int proc_virtnet_status(char *buffer)
21668 + return sprintf(buffer,
21670 + "#CActive:\t%d\n",
21671 + atomic_read(&nx_global_ctotal),
21672 + atomic_read(&nx_global_cactive));
21675 +int proc_nxi_info(struct nx_info *nxi, char *buffer)
21677 + struct nx_addr_v4 *v4a;
21678 +#ifdef CONFIG_IPV6
21679 + struct nx_addr_v6 *v6a;
21683 + length = sprintf(buffer,
21686 + "Bcast:\t" NIPQUAD_FMT "\n"
21687 + "Lback:\t" NIPQUAD_FMT "\n",
21690 + NIPQUAD(nxi->v4_bcast.s_addr),
21691 + NIPQUAD(nxi->v4_lback.s_addr));
21693 + if (!NX_IPV4(nxi))
21695 + for (i = 0, v4a = &nxi->v4; v4a; i++, v4a = v4a->next)
21696 + length += sprintf(buffer + length, "%d:\t" NXAV4_FMT "\n",
21699 +#ifdef CONFIG_IPV6
21700 + if (!NX_IPV6(nxi))
21702 + for (i = 0, v6a = &nxi->v6; v6a; i++, v6a = v6a->next)
21703 + length += sprintf(buffer + length, "%d:\t" NXAV6_FMT "\n",
21710 +int proc_nxi_status(struct nx_info *nxi, char *buffer)
21714 + length = sprintf(buffer,
21717 + "Flags:\t%016llx\n"
21718 + "NCaps:\t%016llx\n",
21719 + atomic_read(&nxi->nx_usecnt),
21720 + atomic_read(&nxi->nx_tasks),
21721 + (unsigned long long)nxi->nx_flags,
21722 + (unsigned long long)nxi->nx_ncaps);
21728 +/* here the inode helpers */
21734 + struct inode_operations *iop;
21735 + struct file_operations *fop;
21736 + union proc_op op;
21739 +static struct inode *vs_proc_make_inode(struct super_block *sb, struct vs_entry *p)
21741 + struct inode *inode = new_inode(sb);
21746 + inode->i_mode = p->mode;
21748 + inode->i_op = p->iop;
21750 + inode->i_fop = p->fop;
21752 + inode->i_nlink = (p->mode & S_IFDIR) ? 2 : 1;
21753 + inode->i_flags |= S_IMMUTABLE;
21755 + inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
21757 + inode->i_uid = 0;
21758 + inode->i_gid = 0;
21759 + inode->i_tag = 0;
21764 +static struct dentry *vs_proc_instantiate(struct inode *dir,
21765 + struct dentry *dentry, int id, void *ptr)
21767 + struct vs_entry *p = ptr;
21768 + struct inode *inode = vs_proc_make_inode(dir->i_sb, p);
21769 + struct dentry *error = ERR_PTR(-EINVAL);
21774 + PROC_I(inode)->op = p->op;
21775 + PROC_I(inode)->fd = id;
21776 + d_add(dentry, inode);
21784 +typedef struct dentry *instantiate_t(struct inode *, struct dentry *, int, void *);
21787 + * Fill a directory entry.
21789 + * If possible create the dcache entry and derive our inode number and
21790 + * file type from dcache entry.
21792 + * Since all of the proc inode numbers are dynamically generated, the inode
21793 + * numbers do not exist until the inode is cache. This means creating the
21794 + * the dcache entry in readdir is necessary to keep the inode numbers
21795 + * reported by readdir in sync with the inode numbers reported
21798 +static int proc_fill_cache(struct file *filp, void *dirent, filldir_t filldir,
21799 + char *name, int len, instantiate_t instantiate, int id, void *ptr)
21801 + struct dentry *child, *dir = filp->f_dentry;
21802 + struct inode *inode;
21803 + struct qstr qname;
21805 + unsigned type = DT_UNKNOWN;
21807 + qname.name = name;
21809 + qname.hash = full_name_hash(name, len);
21811 + child = d_lookup(dir, &qname);
21813 + struct dentry *new;
21814 + new = d_alloc(dir, &qname);
21816 + child = instantiate(dir->d_inode, new, id, ptr);
21823 + if (!child || IS_ERR(child) || !child->d_inode)
21824 + goto end_instantiate;
21825 + inode = child->d_inode;
21827 + ino = inode->i_ino;
21828 + type = inode->i_mode >> 12;
21833 + ino = find_inode_number(dir, &qname);
21836 + return filldir(dirent, name, len, filp->f_pos, ino, type);
21841 +/* get and revalidate vx_info/xid */
21844 +struct vx_info *get_proc_vx_info(struct inode *inode)
21846 + return lookup_vx_info(PROC_I(inode)->fd);
21849 +static int proc_xid_revalidate(struct dentry *dentry, struct nameidata *nd)
21851 + struct inode *inode = dentry->d_inode;
21852 + xid_t xid = PROC_I(inode)->fd;
21854 + if (!xid || xid_is_hashed(xid))
21861 +/* get and revalidate nx_info/nid */
21863 +static int proc_nid_revalidate(struct dentry *dentry, struct nameidata *nd)
21865 + struct inode *inode = dentry->d_inode;
21866 + nid_t nid = PROC_I(inode)->fd;
21868 + if (!nid || nid_is_hashed(nid))
21876 +#define PROC_BLOCK_SIZE (PAGE_SIZE - 1024)
21878 +static ssize_t proc_vs_info_read(struct file *file, char __user *buf,
21879 + size_t count, loff_t *ppos)
21881 + struct inode *inode = file->f_dentry->d_inode;
21882 + unsigned long page;
21883 + ssize_t length = 0;
21885 + if (count > PROC_BLOCK_SIZE)
21886 + count = PROC_BLOCK_SIZE;
21888 + /* fade that out as soon as stable */
21889 + WARN_ON(PROC_I(inode)->fd);
21891 + if (!(page = __get_free_page(GFP_KERNEL)))
21894 + BUG_ON(!PROC_I(inode)->op.proc_vs_read);
21895 + length = PROC_I(inode)->op.proc_vs_read((char *)page);
21898 + length = simple_read_from_buffer(buf, count, ppos,
21899 + (char *)page, length);
21905 +static ssize_t proc_vx_info_read(struct file *file, char __user *buf,
21906 + size_t count, loff_t *ppos)
21908 + struct inode *inode = file->f_dentry->d_inode;
21909 + struct vx_info *vxi = NULL;
21910 + xid_t xid = PROC_I(inode)->fd;
21911 + unsigned long page;
21912 + ssize_t length = 0;
21914 + if (count > PROC_BLOCK_SIZE)
21915 + count = PROC_BLOCK_SIZE;
21917 + /* fade that out as soon as stable */
21919 + vxi = lookup_vx_info(xid);
21923 + length = -ENOMEM;
21924 + if (!(page = __get_free_page(GFP_KERNEL)))
21927 + BUG_ON(!PROC_I(inode)->op.proc_vxi_read);
21928 + length = PROC_I(inode)->op.proc_vxi_read(vxi, (char *)page);
21931 + length = simple_read_from_buffer(buf, count, ppos,
21932 + (char *)page, length);
21936 + put_vx_info(vxi);
21941 +static ssize_t proc_nx_info_read(struct file *file, char __user *buf,
21942 + size_t count, loff_t *ppos)
21944 + struct inode *inode = file->f_dentry->d_inode;
21945 + struct nx_info *nxi = NULL;
21946 + nid_t nid = PROC_I(inode)->fd;
21947 + unsigned long page;
21948 + ssize_t length = 0;
21950 + if (count > PROC_BLOCK_SIZE)
21951 + count = PROC_BLOCK_SIZE;
21953 + /* fade that out as soon as stable */
21955 + nxi = lookup_nx_info(nid);
21959 + length = -ENOMEM;
21960 + if (!(page = __get_free_page(GFP_KERNEL)))
21963 + BUG_ON(!PROC_I(inode)->op.proc_nxi_read);
21964 + length = PROC_I(inode)->op.proc_nxi_read(nxi, (char *)page);
21967 + length = simple_read_from_buffer(buf, count, ppos,
21968 + (char *)page, length);
21972 + put_nx_info(nxi);
21979 +/* here comes the lower level */
21982 +#define NOD(NAME, MODE, IOP, FOP, OP) { \
21983 + .len = sizeof(NAME) - 1, \
21984 + .name = (NAME), \
21992 +#define DIR(NAME, MODE, OTYPE) \
21993 + NOD(NAME, (S_IFDIR | (MODE)), \
21994 + &proc_ ## OTYPE ## _inode_operations, \
21995 + &proc_ ## OTYPE ## _file_operations, { } )
21997 +#define INF(NAME, MODE, OTYPE) \
21998 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
21999 + &proc_vs_info_file_operations, \
22000 + { .proc_vs_read = &proc_##OTYPE } )
22002 +#define VINF(NAME, MODE, OTYPE) \
22003 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
22004 + &proc_vx_info_file_operations, \
22005 + { .proc_vxi_read = &proc_##OTYPE } )
22007 +#define NINF(NAME, MODE, OTYPE) \
22008 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
22009 + &proc_nx_info_file_operations, \
22010 + { .proc_nxi_read = &proc_##OTYPE } )
22013 +static struct file_operations proc_vs_info_file_operations = {
22014 + .read = proc_vs_info_read,
22017 +static struct file_operations proc_vx_info_file_operations = {
22018 + .read = proc_vx_info_read,
22021 +static struct dentry_operations proc_xid_dentry_operations = {
22022 + .d_revalidate = proc_xid_revalidate,
22025 +static struct vs_entry vx_base_stuff[] = {
22026 + VINF("info", S_IRUGO, vxi_info),
22027 + VINF("status", S_IRUGO, vxi_status),
22028 + VINF("limit", S_IRUGO, vxi_limit),
22029 + VINF("sched", S_IRUGO, vxi_sched),
22030 + VINF("nsproxy", S_IRUGO, vxi_nsproxy0),
22031 + VINF("nsproxy1",S_IRUGO, vxi_nsproxy1),
22032 + VINF("cvirt", S_IRUGO, vxi_cvirt),
22033 + VINF("cacct", S_IRUGO, vxi_cacct),
22040 +static struct dentry *proc_xid_instantiate(struct inode *dir,
22041 + struct dentry *dentry, int id, void *ptr)
22043 + dentry->d_op = &proc_xid_dentry_operations;
22044 + return vs_proc_instantiate(dir, dentry, id, ptr);
22047 +static struct dentry *proc_xid_lookup(struct inode *dir,
22048 + struct dentry *dentry, struct nameidata *nd)
22050 + struct vs_entry *p = vx_base_stuff;
22051 + struct dentry *error = ERR_PTR(-ENOENT);
22053 + for (; p->name; p++) {
22054 + if (p->len != dentry->d_name.len)
22056 + if (!memcmp(dentry->d_name.name, p->name, p->len))
22062 + error = proc_xid_instantiate(dir, dentry, PROC_I(dir)->fd, p);
22067 +static int proc_xid_readdir(struct file *filp,
22068 + void *dirent, filldir_t filldir)
22070 + struct dentry *dentry = filp->f_dentry;
22071 + struct inode *inode = dentry->d_inode;
22072 + struct vs_entry *p = vx_base_stuff;
22073 + int size = sizeof(vx_base_stuff) / sizeof(struct vs_entry);
22077 + pos = filp->f_pos;
22080 + ino = inode->i_ino;
22081 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
22084 + /* fall through */
22086 + ino = parent_ino(dentry);
22087 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
22090 + /* fall through */
22093 + if (index >= size)
22095 + for (p += index; p->name; p++) {
22096 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
22097 + vs_proc_instantiate, PROC_I(inode)->fd, p))
22103 + filp->f_pos = pos;
22109 +static struct file_operations proc_nx_info_file_operations = {
22110 + .read = proc_nx_info_read,
22113 +static struct dentry_operations proc_nid_dentry_operations = {
22114 + .d_revalidate = proc_nid_revalidate,
22117 +static struct vs_entry nx_base_stuff[] = {
22118 + NINF("info", S_IRUGO, nxi_info),
22119 + NINF("status", S_IRUGO, nxi_status),
22124 +static struct dentry *proc_nid_instantiate(struct inode *dir,
22125 + struct dentry *dentry, int id, void *ptr)
22127 + dentry->d_op = &proc_nid_dentry_operations;
22128 + return vs_proc_instantiate(dir, dentry, id, ptr);
22131 +static struct dentry *proc_nid_lookup(struct inode *dir,
22132 + struct dentry *dentry, struct nameidata *nd)
22134 + struct vs_entry *p = nx_base_stuff;
22135 + struct dentry *error = ERR_PTR(-ENOENT);
22137 + for (; p->name; p++) {
22138 + if (p->len != dentry->d_name.len)
22140 + if (!memcmp(dentry->d_name.name, p->name, p->len))
22146 + error = proc_nid_instantiate(dir, dentry, PROC_I(dir)->fd, p);
22151 +static int proc_nid_readdir(struct file *filp,
22152 + void *dirent, filldir_t filldir)
22154 + struct dentry *dentry = filp->f_dentry;
22155 + struct inode *inode = dentry->d_inode;
22156 + struct vs_entry *p = nx_base_stuff;
22157 + int size = sizeof(nx_base_stuff) / sizeof(struct vs_entry);
22161 + pos = filp->f_pos;
22164 + ino = inode->i_ino;
22165 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
22168 + /* fall through */
22170 + ino = parent_ino(dentry);
22171 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
22174 + /* fall through */
22177 + if (index >= size)
22179 + for (p += index; p->name; p++) {
22180 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
22181 + vs_proc_instantiate, PROC_I(inode)->fd, p))
22187 + filp->f_pos = pos;
22192 +#define MAX_MULBY10 ((~0U - 9) / 10)
22194 +static inline int atovid(const char *str, int len)
22199 + while (len-- > 0) {
22204 + if (vid >= MAX_MULBY10)
22214 +/* now the upper level (virtual) */
22217 +static struct file_operations proc_xid_file_operations = {
22218 + .read = generic_read_dir,
22219 + .readdir = proc_xid_readdir,
22222 +static struct inode_operations proc_xid_inode_operations = {
22223 + .lookup = proc_xid_lookup,
22226 +static struct vs_entry vx_virtual_stuff[] = {
22227 + INF("info", S_IRUGO, virtual_info),
22228 + INF("status", S_IRUGO, virtual_status),
22229 + DIR(NULL, S_IRUGO | S_IXUGO, xid),
22233 +static struct dentry *proc_virtual_lookup(struct inode *dir,
22234 + struct dentry *dentry, struct nameidata *nd)
22236 + struct vs_entry *p = vx_virtual_stuff;
22237 + struct dentry *error = ERR_PTR(-ENOENT);
22240 + for (; p->name; p++) {
22241 + if (p->len != dentry->d_name.len)
22243 + if (!memcmp(dentry->d_name.name, p->name, p->len))
22247 + goto instantiate;
22249 + id = atovid(dentry->d_name.name, dentry->d_name.len);
22250 + if ((id < 0) || !xid_is_hashed(id))
22254 + error = proc_xid_instantiate(dir, dentry, id, p);
22259 +static struct file_operations proc_nid_file_operations = {
22260 + .read = generic_read_dir,
22261 + .readdir = proc_nid_readdir,
22264 +static struct inode_operations proc_nid_inode_operations = {
22265 + .lookup = proc_nid_lookup,
22268 +static struct vs_entry nx_virtnet_stuff[] = {
22269 + INF("info", S_IRUGO, virtnet_info),
22270 + INF("status", S_IRUGO, virtnet_status),
22271 + DIR(NULL, S_IRUGO | S_IXUGO, nid),
22275 +static struct dentry *proc_virtnet_lookup(struct inode *dir,
22276 + struct dentry *dentry, struct nameidata *nd)
22278 + struct vs_entry *p = nx_virtnet_stuff;
22279 + struct dentry *error = ERR_PTR(-ENOENT);
22282 + for (; p->name; p++) {
22283 + if (p->len != dentry->d_name.len)
22285 + if (!memcmp(dentry->d_name.name, p->name, p->len))
22289 + goto instantiate;
22291 + id = atovid(dentry->d_name.name, dentry->d_name.len);
22292 + if ((id < 0) || !nid_is_hashed(id))
22296 + error = proc_nid_instantiate(dir, dentry, id, p);
22302 +#define PROC_MAXVIDS 32
22304 +int proc_virtual_readdir(struct file *filp,
22305 + void *dirent, filldir_t filldir)
22307 + struct dentry *dentry = filp->f_dentry;
22308 + struct inode *inode = dentry->d_inode;
22309 + struct vs_entry *p = vx_virtual_stuff;
22310 + int size = sizeof(vx_virtual_stuff) / sizeof(struct vs_entry);
22312 + unsigned int xid_array[PROC_MAXVIDS];
22313 + char buf[PROC_NUMBUF];
22314 + unsigned int nr_xids, i;
22317 + pos = filp->f_pos;
22320 + ino = inode->i_ino;
22321 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
22324 + /* fall through */
22326 + ino = parent_ino(dentry);
22327 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
22330 + /* fall through */
22333 + if (index >= size)
22335 + for (p += index; p->name; p++) {
22336 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
22337 + vs_proc_instantiate, 0, p))
22342 + index = pos - size;
22343 + p = &vx_virtual_stuff[size - 1];
22344 + nr_xids = get_xid_list(index, xid_array, PROC_MAXVIDS);
22345 + for (i = 0; i < nr_xids; i++) {
22346 + int n, xid = xid_array[i];
22347 + unsigned int j = PROC_NUMBUF;
22351 + buf[--j] = '0' + (n % 10);
22354 + if (proc_fill_cache(filp, dirent, filldir,
22355 + buf + j, PROC_NUMBUF - j,
22356 + vs_proc_instantiate, xid, p))
22362 + filp->f_pos = pos;
22366 +static int proc_virtual_getattr(struct vfsmount *mnt,
22367 + struct dentry *dentry, struct kstat *stat)
22369 + struct inode *inode = dentry->d_inode;
22371 + generic_fillattr(inode, stat);
22372 + stat->nlink = 2 + atomic_read(&vx_global_cactive);
22376 +static struct file_operations proc_virtual_dir_operations = {
22377 + .read = generic_read_dir,
22378 + .readdir = proc_virtual_readdir,
22381 +static struct inode_operations proc_virtual_dir_inode_operations = {
22382 + .getattr = proc_virtual_getattr,
22383 + .lookup = proc_virtual_lookup,
22390 +int proc_virtnet_readdir(struct file *filp,
22391 + void *dirent, filldir_t filldir)
22393 + struct dentry *dentry = filp->f_dentry;
22394 + struct inode *inode = dentry->d_inode;
22395 + struct vs_entry *p = nx_virtnet_stuff;
22396 + int size = sizeof(nx_virtnet_stuff) / sizeof(struct vs_entry);
22398 + unsigned int nid_array[PROC_MAXVIDS];
22399 + char buf[PROC_NUMBUF];
22400 + unsigned int nr_nids, i;
22403 + pos = filp->f_pos;
22406 + ino = inode->i_ino;
22407 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
22410 + /* fall through */
22412 + ino = parent_ino(dentry);
22413 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
22416 + /* fall through */
22419 + if (index >= size)
22421 + for (p += index; p->name; p++) {
22422 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
22423 + vs_proc_instantiate, 0, p))
22428 + index = pos - size;
22429 + p = &nx_virtnet_stuff[size - 1];
22430 + nr_nids = get_nid_list(index, nid_array, PROC_MAXVIDS);
22431 + for (i = 0; i < nr_nids; i++) {
22432 + int n, nid = nid_array[i];
22433 + unsigned int j = PROC_NUMBUF;
22437 + buf[--j] = '0' + (n % 10);
22440 + if (proc_fill_cache(filp, dirent, filldir,
22441 + buf + j, PROC_NUMBUF - j,
22442 + vs_proc_instantiate, nid, p))
22448 + filp->f_pos = pos;
22452 +static int proc_virtnet_getattr(struct vfsmount *mnt,
22453 + struct dentry *dentry, struct kstat *stat)
22455 + struct inode *inode = dentry->d_inode;
22457 + generic_fillattr(inode, stat);
22458 + stat->nlink = 2 + atomic_read(&nx_global_cactive);
22462 +static struct file_operations proc_virtnet_dir_operations = {
22463 + .read = generic_read_dir,
22464 + .readdir = proc_virtnet_readdir,
22467 +static struct inode_operations proc_virtnet_dir_inode_operations = {
22468 + .getattr = proc_virtnet_getattr,
22469 + .lookup = proc_virtnet_lookup,
22474 +void proc_vx_init(void)
22476 + struct proc_dir_entry *ent;
22478 + ent = proc_mkdir("virtual", 0);
22480 + ent->proc_fops = &proc_virtual_dir_operations;
22481 + ent->proc_iops = &proc_virtual_dir_inode_operations;
22483 + proc_virtual = ent;
22485 + ent = proc_mkdir("virtnet", 0);
22487 + ent->proc_fops = &proc_virtnet_dir_operations;
22488 + ent->proc_iops = &proc_virtnet_dir_inode_operations;
22490 + proc_virtnet = ent;
22496 +/* per pid info */
22499 +int proc_pid_vx_info(struct task_struct *p, char *buffer)
22501 + struct vx_info *vxi;
22502 + char *orig = buffer;
22504 + buffer += sprintf(buffer, "XID:\t%d\n", vx_task_xid(p));
22506 + vxi = task_get_vx_info(p);
22510 + buffer += sprintf(buffer, "BCaps:\t");
22511 + buffer = print_cap_t(buffer, &vxi->vx_bcaps);
22512 + buffer += sprintf(buffer, "\n");
22513 + buffer += sprintf(buffer, "CCaps:\t%016llx\n",
22514 + (unsigned long long)vxi->vx_ccaps);
22515 + buffer += sprintf(buffer, "CFlags:\t%016llx\n",
22516 + (unsigned long long)vxi->vx_flags);
22517 + buffer += sprintf(buffer, "CIPid:\t%d\n", vxi->vx_initpid);
22519 + put_vx_info(vxi);
22521 + return buffer - orig;
22525 +int proc_pid_nx_info(struct task_struct *p, char *buffer)
22527 + struct nx_info *nxi;
22528 + struct nx_addr_v4 *v4a;
22529 +#ifdef CONFIG_IPV6
22530 + struct nx_addr_v6 *v6a;
22532 + char *orig = buffer;
22535 + buffer += sprintf(buffer, "NID:\t%d\n", nx_task_nid(p));
22537 + nxi = task_get_nx_info(p);
22541 + buffer += sprintf(buffer, "NCaps:\t%016llx\n",
22542 + (unsigned long long)nxi->nx_ncaps);
22543 + buffer += sprintf(buffer, "NFlags:\t%016llx\n",
22544 + (unsigned long long)nxi->nx_flags);
22546 + buffer += sprintf(buffer,
22547 + "V4Root[bcast]:\t" NIPQUAD_FMT "\n",
22548 + NIPQUAD(nxi->v4_bcast.s_addr));
22549 + buffer += sprintf (buffer,
22550 + "V4Root[lback]:\t" NIPQUAD_FMT "\n",
22551 + NIPQUAD(nxi->v4_lback.s_addr));
22552 + if (!NX_IPV4(nxi))
22554 + for (i = 0, v4a = &nxi->v4; v4a; i++, v4a = v4a->next)
22555 + buffer += sprintf(buffer, "V4Root[%d]:\t" NXAV4_FMT "\n",
22558 +#ifdef CONFIG_IPV6
22559 + if (!NX_IPV6(nxi))
22561 + for (i = 0, v6a = &nxi->v6; v6a; i++, v6a = v6a->next)
22562 + buffer += sprintf(buffer, "V6Root[%d]:\t" NXAV6_FMT "\n",
22566 + put_nx_info(nxi);
22568 + return buffer - orig;
22571 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/sched.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sched.c
22572 --- linux-3.0-rc5/kernel/vserver/sched.c 1970-01-01 01:00:00.000000000 +0100
22573 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sched.c 2011-06-10 22:11:24.000000000 +0200
22576 + * linux/kernel/vserver/sched.c
22578 + * Virtual Server: Scheduler Support
22580 + * Copyright (C) 2004-2010 Herbert Pötzl
22582 + * V0.01 adapted Sam Vilains version to 2.6.3
22583 + * V0.02 removed legacy interface
22584 + * V0.03 changed vcmds to vxi arg
22585 + * V0.04 removed older and legacy interfaces
22586 + * V0.05 removed scheduler code/commands
22590 +#include <linux/vs_context.h>
22591 +#include <linux/vs_sched.h>
22592 +#include <linux/vserver/sched_cmd.h>
22594 +#include <asm/uaccess.h>
22597 +void vx_update_sched_param(struct _vx_sched *sched,
22598 + struct _vx_sched_pc *sched_pc)
22600 + sched_pc->prio_bias = sched->prio_bias;
22603 +static int do_set_prio_bias(struct vx_info *vxi, struct vcmd_prio_bias *data)
22607 + if (data->prio_bias > MAX_PRIO_BIAS)
22608 + data->prio_bias = MAX_PRIO_BIAS;
22609 + if (data->prio_bias < MIN_PRIO_BIAS)
22610 + data->prio_bias = MIN_PRIO_BIAS;
22612 + if (data->cpu_id != ~0) {
22613 + vxi->sched.update = cpumask_of_cpu(data->cpu_id);
22614 + cpus_and(vxi->sched.update, cpu_online_map,
22615 + vxi->sched.update);
22617 + vxi->sched.update = cpu_online_map;
22619 + for_each_cpu_mask(cpu, vxi->sched.update)
22620 + vx_update_sched_param(&vxi->sched,
22621 + &vx_per_cpu(vxi, sched_pc, cpu));
22625 +int vc_set_prio_bias(struct vx_info *vxi, void __user *data)
22627 + struct vcmd_prio_bias vc_data;
22629 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22632 + return do_set_prio_bias(vxi, &vc_data);
22635 +int vc_get_prio_bias(struct vx_info *vxi, void __user *data)
22637 + struct vcmd_prio_bias vc_data;
22638 + struct _vx_sched_pc *pcd;
22641 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22644 + cpu = vc_data.cpu_id;
22646 + if (!cpu_possible(cpu))
22649 + pcd = &vx_per_cpu(vxi, sched_pc, cpu);
22650 + vc_data.prio_bias = pcd->prio_bias;
22652 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22657 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/sched_init.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sched_init.h
22658 --- linux-3.0-rc5/kernel/vserver/sched_init.h 1970-01-01 01:00:00.000000000 +0100
22659 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sched_init.h 2011-06-10 22:11:24.000000000 +0200
22662 +static inline void vx_info_init_sched(struct _vx_sched *sched)
22664 + /* scheduling; hard code starting values as constants */
22665 + sched->prio_bias = 0;
22669 +void vx_info_init_sched_pc(struct _vx_sched_pc *sched_pc, int cpu)
22671 + sched_pc->prio_bias = 0;
22673 + sched_pc->user_ticks = 0;
22674 + sched_pc->sys_ticks = 0;
22675 + sched_pc->hold_ticks = 0;
22678 +static inline void vx_info_exit_sched(struct _vx_sched *sched)
22684 +void vx_info_exit_sched_pc(struct _vx_sched_pc *sched_pc, int cpu)
22688 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/sched_proc.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sched_proc.h
22689 --- linux-3.0-rc5/kernel/vserver/sched_proc.h 1970-01-01 01:00:00.000000000 +0100
22690 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sched_proc.h 2011-06-10 22:11:24.000000000 +0200
22692 +#ifndef _VX_SCHED_PROC_H
22693 +#define _VX_SCHED_PROC_H
22697 +int vx_info_proc_sched(struct _vx_sched *sched, char *buffer)
22701 + length += sprintf(buffer,
22702 + "PrioBias:\t%8d\n",
22703 + sched->prio_bias);
22708 +int vx_info_proc_sched_pc(struct _vx_sched_pc *sched_pc,
22709 + char *buffer, int cpu)
22713 + length += sprintf(buffer + length,
22714 + "cpu %d: %lld %lld %lld", cpu,
22715 + (unsigned long long)sched_pc->user_ticks,
22716 + (unsigned long long)sched_pc->sys_ticks,
22717 + (unsigned long long)sched_pc->hold_ticks);
22718 + length += sprintf(buffer + length,
22719 + " %d\n", sched_pc->prio_bias);
22723 +#endif /* _VX_SCHED_PROC_H */
22724 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/signal.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/signal.c
22725 --- linux-3.0-rc5/kernel/vserver/signal.c 1970-01-01 01:00:00.000000000 +0100
22726 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/signal.c 2011-06-10 22:11:24.000000000 +0200
22729 + * linux/kernel/vserver/signal.c
22731 + * Virtual Server: Signal Support
22733 + * Copyright (C) 2003-2007 Herbert Pötzl
22735 + * V0.01 broken out from vcontext V0.05
22736 + * V0.02 changed vcmds to vxi arg
22737 + * V0.03 adjusted siginfo for kill
22741 +#include <asm/uaccess.h>
22743 +#include <linux/vs_context.h>
22744 +#include <linux/vs_pid.h>
22745 +#include <linux/vserver/signal_cmd.h>
22748 +int vx_info_kill(struct vx_info *vxi, int pid, int sig)
22750 + int retval, count = 0;
22751 + struct task_struct *p;
22752 + struct siginfo *sip = SEND_SIG_PRIV;
22755 + vxdprintk(VXD_CBIT(misc, 4),
22756 + "vx_info_kill(%p[#%d],%d,%d)*",
22757 + vxi, vxi->vx_id, pid, sig);
22758 + read_lock(&tasklist_lock);
22762 + for_each_process(p) {
22765 + if (vx_task_xid(p) != vxi->vx_id || p->pid <= 1 ||
22766 + (pid && vxi->vx_initpid == p->pid))
22769 + err = group_send_sig_info(sig, sip, p);
22771 + if (err != -EPERM)
22777 + if (vxi->vx_initpid) {
22778 + pid = vxi->vx_initpid;
22779 + /* for now, only SIGINT to private init ... */
22780 + if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
22781 + /* ... as long as there are tasks left */
22782 + (atomic_read(&vxi->vx_tasks) > 1))
22785 + /* fallthrough */
22788 + p = find_task_by_real_pid(pid);
22789 + rcu_read_unlock();
22791 + if (vx_task_xid(p) == vxi->vx_id)
22792 + retval = group_send_sig_info(sig, sip, p);
22796 + read_unlock(&tasklist_lock);
22797 + vxdprintk(VXD_CBIT(misc, 4),
22798 + "vx_info_kill(%p[#%d],%d,%d,%ld) = %d",
22799 + vxi, vxi->vx_id, pid, sig, (long)sip, retval);
22803 +int vc_ctx_kill(struct vx_info *vxi, void __user *data)
22805 + struct vcmd_ctx_kill_v0 vc_data;
22807 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22810 + /* special check to allow guest shutdown */
22811 + if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
22812 + /* forbid killall pid=0 when init is present */
22813 + (((vc_data.pid < 1) && vxi->vx_initpid) ||
22814 + (vc_data.pid > 1)))
22817 + return vx_info_kill(vxi, vc_data.pid, vc_data.sig);
22821 +static int __wait_exit(struct vx_info *vxi)
22823 + DECLARE_WAITQUEUE(wait, current);
22826 + add_wait_queue(&vxi->vx_wait, &wait);
22827 + set_current_state(TASK_INTERRUPTIBLE);
22830 + if (vx_info_state(vxi,
22831 + VXS_SHUTDOWN | VXS_HASHED | VXS_HELPER) == VXS_SHUTDOWN)
22833 + if (signal_pending(current)) {
22834 + ret = -ERESTARTSYS;
22841 + set_current_state(TASK_RUNNING);
22842 + remove_wait_queue(&vxi->vx_wait, &wait);
22848 +int vc_wait_exit(struct vx_info *vxi, void __user *data)
22850 + struct vcmd_wait_exit_v0 vc_data;
22853 + ret = __wait_exit(vxi);
22854 + vc_data.reboot_cmd = vxi->reboot_cmd;
22855 + vc_data.exit_code = vxi->exit_code;
22857 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22862 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/space.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/space.c
22863 --- linux-3.0-rc5/kernel/vserver/space.c 1970-01-01 01:00:00.000000000 +0100
22864 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/space.c 2011-06-10 22:11:24.000000000 +0200
22867 + * linux/kernel/vserver/space.c
22869 + * Virtual Server: Context Space Support
22871 + * Copyright (C) 2003-2010 Herbert Pötzl
22873 + * V0.01 broken out from context.c 0.07
22874 + * V0.02 added task locking for namespace
22875 + * V0.03 broken out vx_enter_namespace
22876 + * V0.04 added *space support and commands
22877 + * V0.05 added credential support
22881 +#include <linux/utsname.h>
22882 +#include <linux/nsproxy.h>
22883 +#include <linux/err.h>
22884 +#include <linux/fs_struct.h>
22885 +#include <linux/cred.h>
22886 +#include <asm/uaccess.h>
22888 +#include <linux/vs_context.h>
22889 +#include <linux/vserver/space.h>
22890 +#include <linux/vserver/space_cmd.h>
22892 +atomic_t vs_global_nsproxy = ATOMIC_INIT(0);
22893 +atomic_t vs_global_fs = ATOMIC_INIT(0);
22894 +atomic_t vs_global_mnt_ns = ATOMIC_INIT(0);
22895 +atomic_t vs_global_uts_ns = ATOMIC_INIT(0);
22896 +atomic_t vs_global_user_ns = ATOMIC_INIT(0);
22897 +atomic_t vs_global_pid_ns = ATOMIC_INIT(0);
22900 +/* namespace functions */
22902 +#include <linux/mnt_namespace.h>
22903 +#include <linux/user_namespace.h>
22904 +#include <linux/pid_namespace.h>
22905 +#include <linux/ipc_namespace.h>
22906 +#include <net/net_namespace.h>
22909 +static const struct vcmd_space_mask_v1 space_mask_v0 = {
22910 + .mask = CLONE_FS |
22918 +static const struct vcmd_space_mask_v1 space_mask = {
22919 + .mask = CLONE_FS |
22924 +#ifdef CONFIG_PID_NS
22927 +#ifdef CONFIG_NET_NS
22933 +static const struct vcmd_space_mask_v1 default_space_mask = {
22934 + .mask = CLONE_FS |
22939 +#ifdef CONFIG_PID_NS
22946 + * build a new nsproxy mix
22947 + * assumes that both proxies are 'const'
22948 + * does not touch nsproxy refcounts
22949 + * will hold a reference on the result.
22952 +struct nsproxy *vs_mix_nsproxy(struct nsproxy *old_nsproxy,
22953 + struct nsproxy *new_nsproxy, unsigned long mask)
22955 + struct mnt_namespace *old_ns;
22956 + struct uts_namespace *old_uts;
22957 + struct ipc_namespace *old_ipc;
22958 +#ifdef CONFIG_PID_NS
22959 + struct pid_namespace *old_pid;
22961 +#ifdef CONFIG_NET_NS
22962 + struct net *old_net;
22964 + struct nsproxy *nsproxy;
22966 + nsproxy = copy_nsproxy(old_nsproxy);
22970 + if (mask & CLONE_NEWNS) {
22971 + old_ns = nsproxy->mnt_ns;
22972 + nsproxy->mnt_ns = new_nsproxy->mnt_ns;
22973 + if (nsproxy->mnt_ns)
22974 + get_mnt_ns(nsproxy->mnt_ns);
22978 + if (mask & CLONE_NEWUTS) {
22979 + old_uts = nsproxy->uts_ns;
22980 + nsproxy->uts_ns = new_nsproxy->uts_ns;
22981 + if (nsproxy->uts_ns)
22982 + get_uts_ns(nsproxy->uts_ns);
22986 + if (mask & CLONE_NEWIPC) {
22987 + old_ipc = nsproxy->ipc_ns;
22988 + nsproxy->ipc_ns = new_nsproxy->ipc_ns;
22989 + if (nsproxy->ipc_ns)
22990 + get_ipc_ns(nsproxy->ipc_ns);
22994 +#ifdef CONFIG_PID_NS
22995 + if (mask & CLONE_NEWPID) {
22996 + old_pid = nsproxy->pid_ns;
22997 + nsproxy->pid_ns = new_nsproxy->pid_ns;
22998 + if (nsproxy->pid_ns)
22999 + get_pid_ns(nsproxy->pid_ns);
23003 +#ifdef CONFIG_NET_NS
23004 + if (mask & CLONE_NEWNET) {
23005 + old_net = nsproxy->net_ns;
23006 + nsproxy->net_ns = new_nsproxy->net_ns;
23007 + if (nsproxy->net_ns)
23008 + get_net(nsproxy->net_ns);
23013 + put_mnt_ns(old_ns);
23015 + put_uts_ns(old_uts);
23017 + put_ipc_ns(old_ipc);
23018 +#ifdef CONFIG_PID_NS
23020 + put_pid_ns(old_pid);
23022 +#ifdef CONFIG_NET_NS
23024 + put_net(old_net);
23032 + * merge two nsproxy structs into a new one.
23033 + * will hold a reference on the result.
23037 +struct nsproxy *__vs_merge_nsproxy(struct nsproxy *old,
23038 + struct nsproxy *proxy, unsigned long mask)
23040 + struct nsproxy null_proxy = { .mnt_ns = NULL };
23046 + /* vs_mix_nsproxy returns with reference */
23047 + return vs_mix_nsproxy(old ? old : &null_proxy,
23050 + get_nsproxy(proxy);
23055 +int vx_enter_space(struct vx_info *vxi, unsigned long mask, unsigned index)
23057 + struct nsproxy *proxy, *proxy_cur, *proxy_new;
23058 + struct fs_struct *fs_cur, *fs = NULL;
23059 + struct _vx_space *space;
23060 + int ret, kill = 0;
23062 + vxdprintk(VXD_CBIT(space, 8), "vx_enter_space(%p[#%u],0x%08lx,%d)",
23063 + vxi, vxi->vx_id, mask, index);
23065 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
23068 + if (index >= VX_SPACES)
23071 + space = &vxi->space[index];
23074 + mask = space->vx_nsmask;
23076 + if ((mask & space->vx_nsmask) != mask)
23079 + if (mask & CLONE_FS) {
23080 + fs = copy_fs_struct(space->vx_fs);
23084 + proxy = space->vx_nsproxy;
23086 + vxdprintk(VXD_CBIT(space, 9),
23087 + "vx_enter_space(%p[#%u],0x%08lx,%d) -> (%p,%p)",
23088 + vxi, vxi->vx_id, mask, index, proxy, fs);
23090 + task_lock(current);
23091 + fs_cur = current->fs;
23093 + if (mask & CLONE_FS) {
23094 + spin_lock(&fs_cur->lock);
23095 + current->fs = fs;
23096 + kill = !--fs_cur->users;
23097 + spin_unlock(&fs_cur->lock);
23100 + proxy_cur = current->nsproxy;
23101 + get_nsproxy(proxy_cur);
23102 + task_unlock(current);
23105 + free_fs_struct(fs_cur);
23107 + proxy_new = __vs_merge_nsproxy(proxy_cur, proxy, mask);
23108 + if (IS_ERR(proxy_new)) {
23109 + ret = PTR_ERR(proxy_new);
23113 + proxy_new = xchg(¤t->nsproxy, proxy_new);
23115 + if (mask & CLONE_NEWUSER) {
23116 + struct cred *cred;
23118 + vxdprintk(VXD_CBIT(space, 10),
23119 + "vx_enter_space(%p[#%u],%p) cred (%p,%p)",
23120 + vxi, vxi->vx_id, space->vx_cred,
23121 + current->real_cred, current->cred);
23123 + if (space->vx_cred) {
23124 + cred = __prepare_creds(space->vx_cred);
23126 + commit_creds(cred);
23133 + put_nsproxy(proxy_new);
23136 + put_nsproxy(proxy_cur);
23141 +int vx_set_space(struct vx_info *vxi, unsigned long mask, unsigned index)
23143 + struct nsproxy *proxy_vxi, *proxy_cur, *proxy_new;
23144 + struct fs_struct *fs_vxi, *fs;
23145 + struct _vx_space *space;
23146 + int ret, kill = 0;
23148 + vxdprintk(VXD_CBIT(space, 8), "vx_set_space(%p[#%u],0x%08lx,%d)",
23149 + vxi, vxi->vx_id, mask, index);
23151 + if ((mask & space_mask.mask) != mask)
23154 + if (index >= VX_SPACES)
23157 + space = &vxi->space[index];
23159 + proxy_vxi = space->vx_nsproxy;
23160 + fs_vxi = space->vx_fs;
23162 + if (mask & CLONE_FS) {
23163 + fs = copy_fs_struct(current->fs);
23168 + task_lock(current);
23170 + if (mask & CLONE_FS) {
23171 + spin_lock(&fs_vxi->lock);
23172 + space->vx_fs = fs;
23173 + kill = !--fs_vxi->users;
23174 + spin_unlock(&fs_vxi->lock);
23177 + proxy_cur = current->nsproxy;
23178 + get_nsproxy(proxy_cur);
23179 + task_unlock(current);
23182 + free_fs_struct(fs_vxi);
23184 + proxy_new = __vs_merge_nsproxy(proxy_vxi, proxy_cur, mask);
23185 + if (IS_ERR(proxy_new)) {
23186 + ret = PTR_ERR(proxy_new);
23190 + proxy_new = xchg(&space->vx_nsproxy, proxy_new);
23191 + space->vx_nsmask |= mask;
23193 + if (mask & CLONE_NEWUSER) {
23194 + struct cred *cred;
23196 + vxdprintk(VXD_CBIT(space, 10),
23197 + "vx_set_space(%p[#%u],%p) cred (%p,%p)",
23198 + vxi, vxi->vx_id, space->vx_cred,
23199 + current->real_cred, current->cred);
23201 + cred = prepare_creds();
23202 + cred = (struct cred *)xchg(&space->vx_cred, cred);
23204 + abort_creds(cred);
23210 + put_nsproxy(proxy_new);
23213 + put_nsproxy(proxy_cur);
23218 +int vc_enter_space_v1(struct vx_info *vxi, void __user *data)
23220 + struct vcmd_space_mask_v1 vc_data = { .mask = 0 };
23222 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23225 + return vx_enter_space(vxi, vc_data.mask, 0);
23228 +int vc_enter_space(struct vx_info *vxi, void __user *data)
23230 + struct vcmd_space_mask_v2 vc_data = { .mask = 0 };
23232 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23235 + if (vc_data.index >= VX_SPACES)
23238 + return vx_enter_space(vxi, vc_data.mask, vc_data.index);
23241 +int vc_set_space_v1(struct vx_info *vxi, void __user *data)
23243 + struct vcmd_space_mask_v1 vc_data = { .mask = 0 };
23245 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23248 + return vx_set_space(vxi, vc_data.mask, 0);
23251 +int vc_set_space(struct vx_info *vxi, void __user *data)
23253 + struct vcmd_space_mask_v2 vc_data = { .mask = 0 };
23255 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23258 + if (vc_data.index >= VX_SPACES)
23261 + return vx_set_space(vxi, vc_data.mask, vc_data.index);
23264 +int vc_get_space_mask(void __user *data, int type)
23266 + const struct vcmd_space_mask_v1 *mask;
23269 + mask = &space_mask_v0;
23270 + else if (type == 1)
23271 + mask = &space_mask;
23273 + mask = &default_space_mask;
23275 + vxdprintk(VXD_CBIT(space, 10),
23276 + "vc_get_space_mask(%d) = %08llx", type, mask->mask);
23278 + if (copy_to_user(data, mask, sizeof(*mask)))
23283 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/switch.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/switch.c
23284 --- linux-3.0-rc5/kernel/vserver/switch.c 1970-01-01 01:00:00.000000000 +0100
23285 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/switch.c 2011-06-10 22:11:24.000000000 +0200
23288 + * linux/kernel/vserver/switch.c
23290 + * Virtual Server: Syscall Switch
23292 + * Copyright (C) 2003-2007 Herbert Pötzl
23294 + * V0.01 syscall switch
23295 + * V0.02 added signal to context
23296 + * V0.03 added rlimit functions
23297 + * V0.04 added iattr, task/xid functions
23298 + * V0.05 added debug/history stuff
23299 + * V0.06 added compat32 layer
23300 + * V0.07 vcmd args and perms
23301 + * V0.08 added status commands
23302 + * V0.09 added tag commands
23303 + * V0.10 added oom bias
23304 + * V0.11 added device commands
23308 +#include <linux/vs_context.h>
23309 +#include <linux/vs_network.h>
23310 +#include <linux/vserver/switch.h>
23312 +#include "vci_config.h"
23316 +int vc_get_version(uint32_t id)
23318 + return VCI_VERSION;
23322 +int vc_get_vci(uint32_t id)
23324 + return vci_kernel_config();
23327 +#include <linux/vserver/context_cmd.h>
23328 +#include <linux/vserver/cvirt_cmd.h>
23329 +#include <linux/vserver/cacct_cmd.h>
23330 +#include <linux/vserver/limit_cmd.h>
23331 +#include <linux/vserver/network_cmd.h>
23332 +#include <linux/vserver/sched_cmd.h>
23333 +#include <linux/vserver/debug_cmd.h>
23334 +#include <linux/vserver/inode_cmd.h>
23335 +#include <linux/vserver/dlimit_cmd.h>
23336 +#include <linux/vserver/signal_cmd.h>
23337 +#include <linux/vserver/space_cmd.h>
23338 +#include <linux/vserver/tag_cmd.h>
23339 +#include <linux/vserver/device_cmd.h>
23341 +#include <linux/vserver/inode.h>
23342 +#include <linux/vserver/dlimit.h>
23345 +#ifdef CONFIG_COMPAT
23346 +#define __COMPAT(name, id, data, compat) \
23347 + (compat) ? name ## _x32(id, data) : name(id, data)
23348 +#define __COMPAT_NO_ID(name, data, compat) \
23349 + (compat) ? name ## _x32(data) : name(data)
23351 +#define __COMPAT(name, id, data, compat) \
23353 +#define __COMPAT_NO_ID(name, data, compat) \
23359 +long do_vcmd(uint32_t cmd, uint32_t id,
23360 + struct vx_info *vxi, struct nx_info *nxi,
23361 + void __user *data, int compat)
23365 + case VCMD_get_version:
23366 + return vc_get_version(id);
23367 + case VCMD_get_vci:
23368 + return vc_get_vci(id);
23370 + case VCMD_task_xid:
23371 + return vc_task_xid(id);
23372 + case VCMD_vx_info:
23373 + return vc_vx_info(vxi, data);
23375 + case VCMD_task_nid:
23376 + return vc_task_nid(id);
23377 + case VCMD_nx_info:
23378 + return vc_nx_info(nxi, data);
23380 + case VCMD_task_tag:
23381 + return vc_task_tag(id);
23383 + case VCMD_set_space_v1:
23384 + return vc_set_space_v1(vxi, data);
23385 + /* this is version 2 */
23386 + case VCMD_set_space:
23387 + return vc_set_space(vxi, data);
23389 + case VCMD_get_space_mask_v0:
23390 + return vc_get_space_mask(data, 0);
23391 + /* this is version 1 */
23392 + case VCMD_get_space_mask:
23393 + return vc_get_space_mask(data, 1);
23395 + case VCMD_get_space_default:
23396 + return vc_get_space_mask(data, -1);
23398 + case VCMD_set_umask:
23399 + return vc_set_umask(vxi, data);
23401 + case VCMD_get_umask:
23402 + return vc_get_umask(vxi, data);
23404 +#ifdef CONFIG_IA32_EMULATION
23405 + case VCMD_get_rlimit:
23406 + return __COMPAT(vc_get_rlimit, vxi, data, compat);
23407 + case VCMD_set_rlimit:
23408 + return __COMPAT(vc_set_rlimit, vxi, data, compat);
23410 + case VCMD_get_rlimit:
23411 + return vc_get_rlimit(vxi, data);
23412 + case VCMD_set_rlimit:
23413 + return vc_set_rlimit(vxi, data);
23415 + case VCMD_get_rlimit_mask:
23416 + return vc_get_rlimit_mask(id, data);
23417 + case VCMD_reset_hits:
23418 + return vc_reset_hits(vxi, data);
23419 + case VCMD_reset_minmax:
23420 + return vc_reset_minmax(vxi, data);
23422 + case VCMD_get_vhi_name:
23423 + return vc_get_vhi_name(vxi, data);
23424 + case VCMD_set_vhi_name:
23425 + return vc_set_vhi_name(vxi, data);
23427 + case VCMD_ctx_stat:
23428 + return vc_ctx_stat(vxi, data);
23429 + case VCMD_virt_stat:
23430 + return vc_virt_stat(vxi, data);
23431 + case VCMD_sock_stat:
23432 + return vc_sock_stat(vxi, data);
23433 + case VCMD_rlimit_stat:
23434 + return vc_rlimit_stat(vxi, data);
23436 + case VCMD_set_cflags:
23437 + return vc_set_cflags(vxi, data);
23438 + case VCMD_get_cflags:
23439 + return vc_get_cflags(vxi, data);
23441 + /* this is version 1 */
23442 + case VCMD_set_ccaps:
23443 + return vc_set_ccaps(vxi, data);
23444 + /* this is version 1 */
23445 + case VCMD_get_ccaps:
23446 + return vc_get_ccaps(vxi, data);
23447 + case VCMD_set_bcaps:
23448 + return vc_set_bcaps(vxi, data);
23449 + case VCMD_get_bcaps:
23450 + return vc_get_bcaps(vxi, data);
23452 + case VCMD_set_badness:
23453 + return vc_set_badness(vxi, data);
23454 + case VCMD_get_badness:
23455 + return vc_get_badness(vxi, data);
23457 + case VCMD_set_nflags:
23458 + return vc_set_nflags(nxi, data);
23459 + case VCMD_get_nflags:
23460 + return vc_get_nflags(nxi, data);
23462 + case VCMD_set_ncaps:
23463 + return vc_set_ncaps(nxi, data);
23464 + case VCMD_get_ncaps:
23465 + return vc_get_ncaps(nxi, data);
23467 + case VCMD_set_prio_bias:
23468 + return vc_set_prio_bias(vxi, data);
23469 + case VCMD_get_prio_bias:
23470 + return vc_get_prio_bias(vxi, data);
23471 + case VCMD_add_dlimit:
23472 + return __COMPAT(vc_add_dlimit, id, data, compat);
23473 + case VCMD_rem_dlimit:
23474 + return __COMPAT(vc_rem_dlimit, id, data, compat);
23475 + case VCMD_set_dlimit:
23476 + return __COMPAT(vc_set_dlimit, id, data, compat);
23477 + case VCMD_get_dlimit:
23478 + return __COMPAT(vc_get_dlimit, id, data, compat);
23480 + case VCMD_ctx_kill:
23481 + return vc_ctx_kill(vxi, data);
23483 + case VCMD_wait_exit:
23484 + return vc_wait_exit(vxi, data);
23486 + case VCMD_get_iattr:
23487 + return __COMPAT_NO_ID(vc_get_iattr, data, compat);
23488 + case VCMD_set_iattr:
23489 + return __COMPAT_NO_ID(vc_set_iattr, data, compat);
23491 + case VCMD_fget_iattr:
23492 + return vc_fget_iattr(id, data);
23493 + case VCMD_fset_iattr:
23494 + return vc_fset_iattr(id, data);
23496 + case VCMD_enter_space_v0:
23497 + return vc_enter_space_v1(vxi, NULL);
23498 + case VCMD_enter_space_v1:
23499 + return vc_enter_space_v1(vxi, data);
23500 + /* this is version 2 */
23501 + case VCMD_enter_space:
23502 + return vc_enter_space(vxi, data);
23504 + case VCMD_ctx_create_v0:
23505 + return vc_ctx_create(id, NULL);
23506 + case VCMD_ctx_create:
23507 + return vc_ctx_create(id, data);
23508 + case VCMD_ctx_migrate_v0:
23509 + return vc_ctx_migrate(vxi, NULL);
23510 + case VCMD_ctx_migrate:
23511 + return vc_ctx_migrate(vxi, data);
23513 + case VCMD_net_create_v0:
23514 + return vc_net_create(id, NULL);
23515 + case VCMD_net_create:
23516 + return vc_net_create(id, data);
23517 + case VCMD_net_migrate:
23518 + return vc_net_migrate(nxi, data);
23520 + case VCMD_tag_migrate:
23521 + return vc_tag_migrate(id);
23523 + case VCMD_net_add:
23524 + return vc_net_add(nxi, data);
23525 + case VCMD_net_remove:
23526 + return vc_net_remove(nxi, data);
23528 + case VCMD_net_add_ipv4_v1:
23529 + return vc_net_add_ipv4_v1(nxi, data);
23530 + /* this is version 2 */
23531 + case VCMD_net_add_ipv4:
23532 + return vc_net_add_ipv4(nxi, data);
23534 + case VCMD_net_rem_ipv4_v1:
23535 + return vc_net_rem_ipv4_v1(nxi, data);
23536 + /* this is version 2 */
23537 + case VCMD_net_rem_ipv4:
23538 + return vc_net_rem_ipv4(nxi, data);
23539 +#ifdef CONFIG_IPV6
23540 + case VCMD_net_add_ipv6:
23541 + return vc_net_add_ipv6(nxi, data);
23542 + case VCMD_net_remove_ipv6:
23543 + return vc_net_remove_ipv6(nxi, data);
23545 +/* case VCMD_add_match_ipv4:
23546 + return vc_add_match_ipv4(nxi, data);
23547 + case VCMD_get_match_ipv4:
23548 + return vc_get_match_ipv4(nxi, data);
23549 +#ifdef CONFIG_IPV6
23550 + case VCMD_add_match_ipv6:
23551 + return vc_add_match_ipv6(nxi, data);
23552 + case VCMD_get_match_ipv6:
23553 + return vc_get_match_ipv6(nxi, data);
23556 +#ifdef CONFIG_VSERVER_DEVICE
23557 + case VCMD_set_mapping:
23558 + return __COMPAT(vc_set_mapping, vxi, data, compat);
23559 + case VCMD_unset_mapping:
23560 + return __COMPAT(vc_unset_mapping, vxi, data, compat);
23562 +#ifdef CONFIG_VSERVER_HISTORY
23563 + case VCMD_dump_history:
23564 + return vc_dump_history(id);
23565 + case VCMD_read_history:
23566 + return __COMPAT(vc_read_history, id, data, compat);
23569 + vxwprintk_task(1, "unimplemented VCMD_%02d_%d[%d]",
23570 + VC_CATEGORY(cmd), VC_COMMAND(cmd), VC_VERSION(cmd));
23576 +#define __VCMD(vcmd, _perm, _args, _flags) \
23577 + case VCMD_ ## vcmd: perm = _perm; \
23578 + args = _args; flags = _flags; break
23581 +#define VCA_NONE 0x00
23582 +#define VCA_VXI 0x01
23583 +#define VCA_NXI 0x02
23585 +#define VCF_NONE 0x00
23586 +#define VCF_INFO 0x01
23587 +#define VCF_ADMIN 0x02
23588 +#define VCF_ARES 0x06 /* includes admin */
23589 +#define VCF_SETUP 0x08
23591 +#define VCF_ZIDOK 0x10 /* zero id okay */
23595 +long do_vserver(uint32_t cmd, uint32_t id, void __user *data, int compat)
23598 + int permit = -1, state = 0;
23599 + int perm = -1, args = 0, flags = 0;
23600 + struct vx_info *vxi = NULL;
23601 + struct nx_info *nxi = NULL;
23604 + /* unpriviledged commands */
23605 + __VCMD(get_version, 0, VCA_NONE, 0);
23606 + __VCMD(get_vci, 0, VCA_NONE, 0);
23607 + __VCMD(get_rlimit_mask, 0, VCA_NONE, 0);
23608 + __VCMD(get_space_mask_v0,0, VCA_NONE, 0);
23609 + __VCMD(get_space_mask, 0, VCA_NONE, 0);
23610 + __VCMD(get_space_default,0, VCA_NONE, 0);
23612 + /* info commands */
23613 + __VCMD(task_xid, 2, VCA_NONE, 0);
23614 + __VCMD(reset_hits, 2, VCA_VXI, 0);
23615 + __VCMD(reset_minmax, 2, VCA_VXI, 0);
23616 + __VCMD(vx_info, 3, VCA_VXI, VCF_INFO);
23617 + __VCMD(get_bcaps, 3, VCA_VXI, VCF_INFO);
23618 + __VCMD(get_ccaps, 3, VCA_VXI, VCF_INFO);
23619 + __VCMD(get_cflags, 3, VCA_VXI, VCF_INFO);
23620 + __VCMD(get_umask, 3, VCA_VXI, VCF_INFO);
23621 + __VCMD(get_badness, 3, VCA_VXI, VCF_INFO);
23622 + __VCMD(get_vhi_name, 3, VCA_VXI, VCF_INFO);
23623 + __VCMD(get_rlimit, 3, VCA_VXI, VCF_INFO);
23625 + __VCMD(ctx_stat, 3, VCA_VXI, VCF_INFO);
23626 + __VCMD(virt_stat, 3, VCA_VXI, VCF_INFO);
23627 + __VCMD(sock_stat, 3, VCA_VXI, VCF_INFO);
23628 + __VCMD(rlimit_stat, 3, VCA_VXI, VCF_INFO);
23630 + __VCMD(task_nid, 2, VCA_NONE, 0);
23631 + __VCMD(nx_info, 3, VCA_NXI, VCF_INFO);
23632 + __VCMD(get_ncaps, 3, VCA_NXI, VCF_INFO);
23633 + __VCMD(get_nflags, 3, VCA_NXI, VCF_INFO);
23635 + __VCMD(task_tag, 2, VCA_NONE, 0);
23637 + __VCMD(get_iattr, 2, VCA_NONE, 0);
23638 + __VCMD(fget_iattr, 2, VCA_NONE, 0);
23639 + __VCMD(get_dlimit, 3, VCA_NONE, VCF_INFO);
23640 + __VCMD(get_prio_bias, 3, VCA_VXI, VCF_INFO);
23642 + /* lower admin commands */
23643 + __VCMD(wait_exit, 4, VCA_VXI, VCF_INFO);
23644 + __VCMD(ctx_create_v0, 5, VCA_NONE, 0);
23645 + __VCMD(ctx_create, 5, VCA_NONE, 0);
23646 + __VCMD(ctx_migrate_v0, 5, VCA_VXI, VCF_ADMIN);
23647 + __VCMD(ctx_migrate, 5, VCA_VXI, VCF_ADMIN);
23648 + __VCMD(enter_space_v0, 5, VCA_VXI, VCF_ADMIN);
23649 + __VCMD(enter_space_v1, 5, VCA_VXI, VCF_ADMIN);
23650 + __VCMD(enter_space, 5, VCA_VXI, VCF_ADMIN);
23652 + __VCMD(net_create_v0, 5, VCA_NONE, 0);
23653 + __VCMD(net_create, 5, VCA_NONE, 0);
23654 + __VCMD(net_migrate, 5, VCA_NXI, VCF_ADMIN);
23656 + __VCMD(tag_migrate, 5, VCA_NONE, VCF_ADMIN);
23658 + /* higher admin commands */
23659 + __VCMD(ctx_kill, 6, VCA_VXI, VCF_ARES);
23660 + __VCMD(set_space_v1, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23661 + __VCMD(set_space, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23663 + __VCMD(set_ccaps, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23664 + __VCMD(set_bcaps, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23665 + __VCMD(set_cflags, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23666 + __VCMD(set_umask, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23667 + __VCMD(set_badness, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23669 + __VCMD(set_vhi_name, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23670 + __VCMD(set_rlimit, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23671 + __VCMD(set_prio_bias, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
23673 + __VCMD(set_ncaps, 7, VCA_NXI, VCF_ARES | VCF_SETUP);
23674 + __VCMD(set_nflags, 7, VCA_NXI, VCF_ARES | VCF_SETUP);
23675 + __VCMD(net_add, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23676 + __VCMD(net_remove, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23677 + __VCMD(net_add_ipv4_v1, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23678 + __VCMD(net_rem_ipv4_v1, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23679 + __VCMD(net_add_ipv4, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23680 + __VCMD(net_rem_ipv4, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23681 +#ifdef CONFIG_IPV6
23682 + __VCMD(net_add_ipv6, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23683 + __VCMD(net_remove_ipv6, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
23685 + __VCMD(set_iattr, 7, VCA_NONE, 0);
23686 + __VCMD(fset_iattr, 7, VCA_NONE, 0);
23687 + __VCMD(set_dlimit, 7, VCA_NONE, VCF_ARES);
23688 + __VCMD(add_dlimit, 8, VCA_NONE, VCF_ARES);
23689 + __VCMD(rem_dlimit, 8, VCA_NONE, VCF_ARES);
23691 +#ifdef CONFIG_VSERVER_DEVICE
23692 + __VCMD(set_mapping, 8, VCA_VXI, VCF_ARES|VCF_ZIDOK);
23693 + __VCMD(unset_mapping, 8, VCA_VXI, VCF_ARES|VCF_ZIDOK);
23695 + /* debug level admin commands */
23696 +#ifdef CONFIG_VSERVER_HISTORY
23697 + __VCMD(dump_history, 9, VCA_NONE, 0);
23698 + __VCMD(read_history, 9, VCA_NONE, 0);
23705 + vxdprintk(VXD_CBIT(switch, 0),
23706 + "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]",
23707 + VC_CATEGORY(cmd), VC_COMMAND(cmd),
23708 + VC_VERSION(cmd), id, data, compat,
23709 + perm, args, flags);
23716 + if (!capable(CAP_CONTEXT))
23720 + /* moved here from the individual commands */
23722 + if ((perm > 1) && !capable(CAP_SYS_ADMIN))
23726 + /* vcmd involves resource management */
23728 + if ((flags & VCF_ARES) && !capable(CAP_SYS_RESOURCE))
23732 + /* various legacy exceptions */
23734 + /* will go away when spectator is a cap */
23735 + case VCMD_ctx_migrate_v0:
23736 + case VCMD_ctx_migrate:
23738 + current->xid = 1;
23744 + /* will go away when spectator is a cap */
23745 + case VCMD_net_migrate:
23747 + current->nid = 1;
23754 + /* vcmds are fine by default */
23757 + /* admin type vcmds require admin ... */
23758 + if (flags & VCF_ADMIN)
23759 + permit = vx_check(0, VS_ADMIN) ? 1 : 0;
23761 + /* ... but setup type vcmds override that */
23762 + if (!permit && (flags & VCF_SETUP))
23763 + permit = vx_flags(VXF_STATE_SETUP, 0) ? 2 : 0;
23771 + if (!id && (flags & VCF_ZIDOK))
23775 + if (args & VCA_VXI) {
23776 + vxi = lookup_vx_info(id);
23780 + if ((flags & VCF_ADMIN) &&
23781 + /* special case kill for shutdown */
23782 + (cmd != VCMD_ctx_kill) &&
23783 + /* can context be administrated? */
23784 + !vx_info_flags(vxi, VXF_STATE_ADMIN, 0)) {
23790 + if (args & VCA_NXI) {
23791 + nxi = lookup_nx_info(id);
23795 + if ((flags & VCF_ADMIN) &&
23796 + /* can context be administrated? */
23797 + !nx_info_flags(nxi, NXF_STATE_ADMIN, 0)) {
23804 + ret = do_vcmd(cmd, id, vxi, nxi, data, compat);
23807 + if ((args & VCA_NXI) && nxi)
23808 + put_nx_info(nxi);
23810 + if ((args & VCA_VXI) && vxi)
23811 + put_vx_info(vxi);
23813 + vxdprintk(VXD_CBIT(switch, 1),
23814 + "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]",
23815 + VC_CATEGORY(cmd), VC_COMMAND(cmd),
23816 + VC_VERSION(cmd), ret, ret, state, permit);
23821 +sys_vserver(uint32_t cmd, uint32_t id, void __user *data)
23823 + return do_vserver(cmd, id, data, 0);
23826 +#ifdef CONFIG_COMPAT
23829 +sys32_vserver(uint32_t cmd, uint32_t id, void __user *data)
23831 + return do_vserver(cmd, id, data, 1);
23834 +#endif /* CONFIG_COMPAT */
23835 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/sysctl.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sysctl.c
23836 --- linux-3.0-rc5/kernel/vserver/sysctl.c 1970-01-01 01:00:00.000000000 +0100
23837 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/sysctl.c 2011-06-10 22:11:24.000000000 +0200
23840 + * kernel/vserver/sysctl.c
23842 + * Virtual Context Support
23844 + * Copyright (C) 2004-2007 Herbert Pötzl
23846 + * V0.01 basic structure
23850 +#include <linux/module.h>
23851 +#include <linux/ctype.h>
23852 +#include <linux/sysctl.h>
23853 +#include <linux/parser.h>
23854 +#include <asm/uaccess.h>
23857 + CTL_DEBUG_ERROR = 0,
23858 + CTL_DEBUG_SWITCH = 1,
23873 +unsigned int vx_debug_switch = 0;
23874 +unsigned int vx_debug_xid = 0;
23875 +unsigned int vx_debug_nid = 0;
23876 +unsigned int vx_debug_tag = 0;
23877 +unsigned int vx_debug_net = 0;
23878 +unsigned int vx_debug_limit = 0;
23879 +unsigned int vx_debug_cres = 0;
23880 +unsigned int vx_debug_dlim = 0;
23881 +unsigned int vx_debug_quota = 0;
23882 +unsigned int vx_debug_cvirt = 0;
23883 +unsigned int vx_debug_space = 0;
23884 +unsigned int vx_debug_misc = 0;
23887 +static struct ctl_table_header *vserver_table_header;
23888 +static ctl_table vserver_root_table[];
23891 +void vserver_register_sysctl(void)
23893 + if (!vserver_table_header) {
23894 + vserver_table_header = register_sysctl_table(vserver_root_table);
23899 +void vserver_unregister_sysctl(void)
23901 + if (vserver_table_header) {
23902 + unregister_sysctl_table(vserver_table_header);
23903 + vserver_table_header = NULL;
23908 +static int proc_dodebug(ctl_table *table, int write,
23909 + void __user *buffer, size_t *lenp, loff_t *ppos)
23911 + char tmpbuf[20], *p, c;
23912 + unsigned int value;
23913 + size_t left, len;
23915 + if ((*ppos && !write) || !*lenp) {
23923 + if (!access_ok(VERIFY_READ, buffer, left))
23925 + p = (char *)buffer;
23926 + while (left && __get_user(c, p) >= 0 && isspace(c))
23931 + if (left > sizeof(tmpbuf) - 1)
23933 + if (copy_from_user(tmpbuf, p, left))
23935 + tmpbuf[left] = '\0';
23937 + for (p = tmpbuf, value = 0; '0' <= *p && *p <= '9'; p++, left--)
23938 + value = 10 * value + (*p - '0');
23939 + if (*p && !isspace(*p))
23941 + while (left && isspace(*p))
23943 + *(unsigned int *)table->data = value;
23945 + if (!access_ok(VERIFY_WRITE, buffer, left))
23947 + len = sprintf(tmpbuf, "%d", *(unsigned int *)table->data);
23950 + if (__copy_to_user(buffer, tmpbuf, len))
23952 + if ((left -= len) > 0) {
23953 + if (put_user('\n', (char *)buffer + len))
23967 +#define CTL_ENTRY(ctl, name) \
23969 + .procname = #name, \
23970 + .data = &vx_ ## name, \
23971 + .maxlen = sizeof(int), \
23973 + .proc_handler = &proc_dodebug, \
23974 + .extra1 = &zero, \
23975 + .extra2 = &zero, \
23978 +static ctl_table vserver_debug_table[] = {
23979 + CTL_ENTRY(CTL_DEBUG_SWITCH, debug_switch),
23980 + CTL_ENTRY(CTL_DEBUG_XID, debug_xid),
23981 + CTL_ENTRY(CTL_DEBUG_NID, debug_nid),
23982 + CTL_ENTRY(CTL_DEBUG_TAG, debug_tag),
23983 + CTL_ENTRY(CTL_DEBUG_NET, debug_net),
23984 + CTL_ENTRY(CTL_DEBUG_LIMIT, debug_limit),
23985 + CTL_ENTRY(CTL_DEBUG_CRES, debug_cres),
23986 + CTL_ENTRY(CTL_DEBUG_DLIM, debug_dlim),
23987 + CTL_ENTRY(CTL_DEBUG_QUOTA, debug_quota),
23988 + CTL_ENTRY(CTL_DEBUG_CVIRT, debug_cvirt),
23989 + CTL_ENTRY(CTL_DEBUG_SPACE, debug_space),
23990 + CTL_ENTRY(CTL_DEBUG_MISC, debug_misc),
23994 +static ctl_table vserver_root_table[] = {
23996 + .procname = "vserver",
23998 + .child = vserver_debug_table
24004 +static match_table_t tokens = {
24005 + { CTL_DEBUG_SWITCH, "switch=%x" },
24006 + { CTL_DEBUG_XID, "xid=%x" },
24007 + { CTL_DEBUG_NID, "nid=%x" },
24008 + { CTL_DEBUG_TAG, "tag=%x" },
24009 + { CTL_DEBUG_NET, "net=%x" },
24010 + { CTL_DEBUG_LIMIT, "limit=%x" },
24011 + { CTL_DEBUG_CRES, "cres=%x" },
24012 + { CTL_DEBUG_DLIM, "dlim=%x" },
24013 + { CTL_DEBUG_QUOTA, "quota=%x" },
24014 + { CTL_DEBUG_CVIRT, "cvirt=%x" },
24015 + { CTL_DEBUG_SPACE, "space=%x" },
24016 + { CTL_DEBUG_MISC, "misc=%x" },
24017 + { CTL_DEBUG_ERROR, NULL }
24020 +#define HANDLE_CASE(id, name, val) \
24021 + case CTL_DEBUG_ ## id: \
24022 + vx_debug_ ## name = val; \
24023 + printk("vs_debug_" #name "=0x%x\n", val); \
24027 +static int __init vs_debug_setup(char *str)
24032 + printk("vs_debug_setup(%s)\n", str);
24033 + while ((p = strsep(&str, ",")) != NULL) {
24034 + substring_t args[MAX_OPT_ARGS];
24035 + unsigned int value;
24040 + token = match_token(p, tokens, args);
24041 + value = (token > 0) ? simple_strtoul(args[0].from, NULL, 0) : 0;
24044 + HANDLE_CASE(SWITCH, switch, value);
24045 + HANDLE_CASE(XID, xid, value);
24046 + HANDLE_CASE(NID, nid, value);
24047 + HANDLE_CASE(TAG, tag, value);
24048 + HANDLE_CASE(NET, net, value);
24049 + HANDLE_CASE(LIMIT, limit, value);
24050 + HANDLE_CASE(CRES, cres, value);
24051 + HANDLE_CASE(DLIM, dlim, value);
24052 + HANDLE_CASE(QUOTA, quota, value);
24053 + HANDLE_CASE(CVIRT, cvirt, value);
24054 + HANDLE_CASE(SPACE, space, value);
24055 + HANDLE_CASE(MISC, misc, value);
24064 +__setup("vsdebug=", vs_debug_setup);
24068 +EXPORT_SYMBOL_GPL(vx_debug_switch);
24069 +EXPORT_SYMBOL_GPL(vx_debug_xid);
24070 +EXPORT_SYMBOL_GPL(vx_debug_nid);
24071 +EXPORT_SYMBOL_GPL(vx_debug_net);
24072 +EXPORT_SYMBOL_GPL(vx_debug_limit);
24073 +EXPORT_SYMBOL_GPL(vx_debug_cres);
24074 +EXPORT_SYMBOL_GPL(vx_debug_dlim);
24075 +EXPORT_SYMBOL_GPL(vx_debug_quota);
24076 +EXPORT_SYMBOL_GPL(vx_debug_cvirt);
24077 +EXPORT_SYMBOL_GPL(vx_debug_space);
24078 +EXPORT_SYMBOL_GPL(vx_debug_misc);
24080 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/tag.c linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/tag.c
24081 --- linux-3.0-rc5/kernel/vserver/tag.c 1970-01-01 01:00:00.000000000 +0100
24082 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/tag.c 2011-06-10 22:11:24.000000000 +0200
24085 + * linux/kernel/vserver/tag.c
24087 + * Virtual Server: Shallow Tag Space
24089 + * Copyright (C) 2007 Herbert Pötzl
24091 + * V0.01 basic implementation
24095 +#include <linux/sched.h>
24096 +#include <linux/vserver/debug.h>
24097 +#include <linux/vs_pid.h>
24098 +#include <linux/vs_tag.h>
24100 +#include <linux/vserver/tag_cmd.h>
24103 +int dx_migrate_task(struct task_struct *p, tag_t tag)
24108 + vxdprintk(VXD_CBIT(tag, 5),
24109 + "dx_migrate_task(%p[#%d],#%d)", p, p->tag, tag);
24115 + vxdprintk(VXD_CBIT(tag, 5),
24116 + "moved task %p into [#%d]", p, tag);
24120 +/* vserver syscall commands below here */
24122 +/* taks xid and vx_info functions */
24125 +int vc_task_tag(uint32_t id)
24130 + struct task_struct *tsk;
24132 + tsk = find_task_by_real_pid(id);
24133 + tag = (tsk) ? tsk->tag : -ESRCH;
24134 + rcu_read_unlock();
24136 + tag = dx_current_tag();
24141 +int vc_tag_migrate(uint32_t tag)
24143 + return dx_migrate_task(current, tag & 0xFFFF);
24147 diff -NurpP --minimal linux-3.0-rc5/kernel/vserver/vci_config.h linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/vci_config.h
24148 --- linux-3.0-rc5/kernel/vserver/vci_config.h 1970-01-01 01:00:00.000000000 +0100
24149 +++ linux-3.0-rc5-vs2.3.1-pre3/kernel/vserver/vci_config.h 2011-06-10 22:11:24.000000000 +0200
24152 +/* interface version */
24154 +#define VCI_VERSION 0x00020308
24158 + VCI_KCBIT_NO_DYNAMIC = 0,
24160 + VCI_KCBIT_PROC_SECURE = 4,
24161 + /* VCI_KCBIT_HARDCPU = 5, */
24162 + /* VCI_KCBIT_IDLELIMIT = 6, */
24163 + /* VCI_KCBIT_IDLETIME = 7, */
24165 + VCI_KCBIT_COWBL = 8,
24166 + VCI_KCBIT_FULLCOWBL = 9,
24167 + VCI_KCBIT_SPACES = 10,
24168 + VCI_KCBIT_NETV2 = 11,
24169 + VCI_KCBIT_MEMCG = 12,
24171 + VCI_KCBIT_DEBUG = 16,
24172 + VCI_KCBIT_HISTORY = 20,
24173 + VCI_KCBIT_TAGGED = 24,
24174 + VCI_KCBIT_PPTAG = 28,
24176 + VCI_KCBIT_MORE = 31,
24180 +static inline uint32_t vci_kernel_config(void)
24183 + (1 << VCI_KCBIT_NO_DYNAMIC) |
24185 + /* configured features */
24186 +#ifdef CONFIG_VSERVER_PROC_SECURE
24187 + (1 << VCI_KCBIT_PROC_SECURE) |
24189 +#ifdef CONFIG_VSERVER_COWBL
24190 + (1 << VCI_KCBIT_COWBL) |
24191 + (1 << VCI_KCBIT_FULLCOWBL) |
24193 + (1 << VCI_KCBIT_SPACES) |
24194 + (1 << VCI_KCBIT_NETV2) |
24195 +#ifdef CONFIG_CGROUP_MEM_RES_CTLR
24196 + (1 << VCI_KCBIT_MEMCG) |
24199 + /* debug options */
24200 +#ifdef CONFIG_VSERVER_DEBUG
24201 + (1 << VCI_KCBIT_DEBUG) |
24203 +#ifdef CONFIG_VSERVER_HISTORY
24204 + (1 << VCI_KCBIT_HISTORY) |
24207 + /* inode context tagging */
24208 +#if defined(CONFIG_TAGGING_NONE)
24209 + (0 << VCI_KCBIT_TAGGED) |
24210 +#elif defined(CONFIG_TAGGING_UID16)
24211 + (1 << VCI_KCBIT_TAGGED) |
24212 +#elif defined(CONFIG_TAGGING_GID16)
24213 + (2 << VCI_KCBIT_TAGGED) |
24214 +#elif defined(CONFIG_TAGGING_ID24)
24215 + (3 << VCI_KCBIT_TAGGED) |
24216 +#elif defined(CONFIG_TAGGING_INTERN)
24217 + (4 << VCI_KCBIT_TAGGED) |
24218 +#elif defined(CONFIG_TAGGING_RUNTIME)
24219 + (5 << VCI_KCBIT_TAGGED) |
24221 + (7 << VCI_KCBIT_TAGGED) |
24223 + (1 << VCI_KCBIT_PPTAG) |
24227 diff -NurpP --minimal linux-3.0-rc5/mm/filemap_xip.c linux-3.0-rc5-vs2.3.1-pre3/mm/filemap_xip.c
24228 --- linux-3.0-rc5/mm/filemap_xip.c 2011-07-01 11:14:23.000000000 +0200
24229 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/filemap_xip.c 2011-06-10 22:11:24.000000000 +0200
24231 #include <linux/seqlock.h>
24232 #include <linux/mutex.h>
24233 #include <linux/gfp.h>
24234 +#include <linux/vs_memory.h>
24235 #include <asm/tlbflush.h>
24236 #include <asm/io.h>
24238 diff -NurpP --minimal linux-3.0-rc5/mm/fremap.c linux-3.0-rc5-vs2.3.1-pre3/mm/fremap.c
24239 --- linux-3.0-rc5/mm/fremap.c 2011-07-01 11:14:23.000000000 +0200
24240 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/fremap.c 2011-06-10 22:11:24.000000000 +0200
24242 #include <linux/module.h>
24243 #include <linux/syscalls.h>
24244 #include <linux/mmu_notifier.h>
24245 +#include <linux/vs_memory.h>
24247 #include <asm/mmu_context.h>
24248 #include <asm/cacheflush.h>
24249 diff -NurpP --minimal linux-3.0-rc5/mm/hugetlb.c linux-3.0-rc5-vs2.3.1-pre3/mm/hugetlb.c
24250 --- linux-3.0-rc5/mm/hugetlb.c 2011-07-01 11:14:23.000000000 +0200
24251 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/hugetlb.c 2011-06-22 12:39:16.000000000 +0200
24254 #include <linux/hugetlb.h>
24255 #include <linux/node.h>
24256 +#include <linux/vs_memory.h>
24257 #include "internal.h"
24259 const unsigned long hugetlb_zero = 0, hugetlb_infinity = ~0UL;
24260 diff -NurpP --minimal linux-3.0-rc5/mm/memcontrol.c linux-3.0-rc5-vs2.3.1-pre3/mm/memcontrol.c
24261 --- linux-3.0-rc5/mm/memcontrol.c 2011-07-01 11:14:23.000000000 +0200
24262 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/memcontrol.c 2011-07-01 11:35:35.000000000 +0200
24263 @@ -736,6 +736,31 @@ struct mem_cgroup *mem_cgroup_from_task(
24264 struct mem_cgroup, css);
24267 +u64 mem_cgroup_res_read_u64(struct mem_cgroup *mem, int member)
24269 + return res_counter_read_u64(&mem->res, member);
24272 +u64 mem_cgroup_memsw_read_u64(struct mem_cgroup *mem, int member)
24274 + return res_counter_read_u64(&mem->memsw, member);
24277 +s64 mem_cgroup_stat_read_cache(struct mem_cgroup *mem)
24279 + return mem_cgroup_read_stat(mem, MEM_CGROUP_STAT_CACHE);
24282 +s64 mem_cgroup_stat_read_anon(struct mem_cgroup *mem)
24284 + return mem_cgroup_read_stat(mem, MEM_CGROUP_STAT_RSS);
24287 +s64 mem_cgroup_stat_read_mapped(struct mem_cgroup *mem)
24289 + return mem_cgroup_read_stat(mem, MEM_CGROUP_STAT_FILE_MAPPED);
24292 struct mem_cgroup *try_get_mem_cgroup_from_mm(struct mm_struct *mm)
24294 struct mem_cgroup *mem = NULL;
24295 diff -NurpP --minimal linux-3.0-rc5/mm/memory.c linux-3.0-rc5-vs2.3.1-pre3/mm/memory.c
24296 --- linux-3.0-rc5/mm/memory.c 2011-07-01 11:14:23.000000000 +0200
24297 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/memory.c 2011-07-01 11:35:35.000000000 +0200
24298 @@ -3331,6 +3331,7 @@ int handle_pte_fault(struct mm_struct *m
24302 + int ret = 0, type = VXPT_UNKNOWN;
24305 if (!pte_present(entry)) {
24306 @@ -3355,9 +3356,12 @@ int handle_pte_fault(struct mm_struct *m
24307 if (unlikely(!pte_same(*pte, entry)))
24309 if (flags & FAULT_FLAG_WRITE) {
24310 - if (!pte_write(entry))
24311 - return do_wp_page(mm, vma, address,
24312 + if (!pte_write(entry)) {
24313 + ret = do_wp_page(mm, vma, address,
24314 pte, pmd, ptl, entry);
24315 + type = VXPT_WRITE;
24318 entry = pte_mkdirty(entry);
24320 entry = pte_mkyoung(entry);
24321 @@ -3375,7 +3379,10 @@ int handle_pte_fault(struct mm_struct *m
24324 pte_unmap_unlock(pte, ptl);
24328 + vx_page_fault(mm, vma, type, ret);
24333 diff -NurpP --minimal linux-3.0-rc5/mm/mremap.c linux-3.0-rc5-vs2.3.1-pre3/mm/mremap.c
24334 --- linux-3.0-rc5/mm/mremap.c 2011-07-01 11:14:23.000000000 +0200
24335 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/mremap.c 2011-06-10 22:11:24.000000000 +0200
24337 #include <linux/security.h>
24338 #include <linux/syscalls.h>
24339 #include <linux/mmu_notifier.h>
24340 +#include <linux/vs_memory.h>
24342 #include <asm/uaccess.h>
24343 #include <asm/cacheflush.h>
24344 diff -NurpP --minimal linux-3.0-rc5/mm/oom_kill.c linux-3.0-rc5-vs2.3.1-pre3/mm/oom_kill.c
24345 --- linux-3.0-rc5/mm/oom_kill.c 2011-07-01 11:14:23.000000000 +0200
24346 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/oom_kill.c 2011-06-10 22:11:24.000000000 +0200
24348 #include <linux/mempolicy.h>
24349 #include <linux/security.h>
24350 #include <linux/ptrace.h>
24351 +#include <linux/reboot.h>
24352 +#include <linux/vs_memory.h>
24353 +#include <linux/vs_context.h>
24355 int sysctl_panic_on_oom;
24356 int sysctl_oom_kill_allocating_task;
24357 @@ -134,11 +137,18 @@ struct task_struct *find_lock_task_mm(st
24358 static bool oom_unkillable_task(struct task_struct *p,
24359 const struct mem_cgroup *mem, const nodemask_t *nodemask)
24361 - if (is_global_init(p))
24362 + unsigned xid = vx_current_xid();
24364 + /* skip the init task, global and per guest */
24365 + if (task_is_init(p))
24367 if (p->flags & PF_KTHREAD)
24370 + /* skip other guest and host processes if oom in guest */
24371 + if (xid && vx_task_xid(p) != xid)
24374 /* When mem_cgroup_out_of_memory() and p is not member of the group */
24375 if (mem && !task_in_mem_cgroup(p, mem))
24377 @@ -214,6 +224,18 @@ unsigned int oom_badness(struct task_str
24378 points += p->signal->oom_score_adj;
24381 + * add points for context badness and
24382 + * reduce badness for processes belonging to
24383 + * a different context
24386 + points += vx_badness(p, p->mm);
24388 + if ((vx_current_xid() > 1) &&
24389 + vx_current_xid() != vx_task_xid(p))
24393 * Never return 0 for an eligible task that may be killed since it's
24394 * possible that no single user task uses more than 0.1% of memory and
24395 * no single admin tasks uses more than 3.0%.
24396 @@ -427,8 +449,8 @@ static int oom_kill_task(struct task_str
24397 /* mm cannot be safely dereferenced after task_unlock(p) */
24400 - pr_err("Killed process %d (%s) total-vm:%lukB, anon-rss:%lukB, file-rss:%lukB\n",
24401 - task_pid_nr(p), p->comm, K(p->mm->total_vm),
24402 + pr_err("Killed process %d:#%u (%s) total-vm:%lukB, anon-rss:%lukB, file-rss:%lukB\n",
24403 + task_pid_nr(p), p->xid, p->comm, K(p->mm->total_vm),
24404 K(get_mm_counter(p->mm, MM_ANONPAGES)),
24405 K(get_mm_counter(p->mm, MM_FILEPAGES)));
24407 @@ -482,8 +504,8 @@ static int oom_kill_process(struct task_
24411 - pr_err("%s: Kill process %d (%s) score %d or sacrifice child\n",
24412 - message, task_pid_nr(p), p->comm, points);
24413 + pr_err("%s: Kill process %d:#%u (%s) score %d or sacrifice child\n",
24414 + message, task_pid_nr(p), p->xid, p->comm, points);
24418 @@ -584,6 +606,8 @@ int unregister_oom_notifier(struct notif
24420 EXPORT_SYMBOL_GPL(unregister_oom_notifier);
24422 +long vs_oom_action(unsigned int);
24425 * Try to acquire the OOM killer lock for the zones in zonelist. Returns zero
24426 * if a parallel OOM killing is already taking place that includes a zone in
24427 @@ -742,7 +766,12 @@ retry:
24429 dump_header(NULL, gfp_mask, order, NULL, mpol_mask);
24430 read_unlock(&tasklist_lock);
24431 - panic("Out of memory and no killable processes...\n");
24433 + /* avoid panic for guest OOM */
24434 + if (current->xid)
24435 + vs_oom_action(LINUX_REBOOT_CMD_OOM);
24437 + panic("Out of memory and no killable processes...\n");
24440 if (oom_kill_process(p, gfp_mask, order, points, totalpages, NULL,
24441 diff -NurpP --minimal linux-3.0-rc5/mm/page_alloc.c linux-3.0-rc5-vs2.3.1-pre3/mm/page_alloc.c
24442 --- linux-3.0-rc5/mm/page_alloc.c 2011-07-01 11:14:23.000000000 +0200
24443 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/page_alloc.c 2011-06-10 22:24:12.000000000 +0200
24445 #include <linux/ftrace_event.h>
24446 #include <linux/memcontrol.h>
24447 #include <linux/prefetch.h>
24448 +#include <linux/vs_base.h>
24449 +#include <linux/vs_limit.h>
24451 #include <asm/tlbflush.h>
24452 #include <asm/div64.h>
24453 @@ -2470,6 +2472,9 @@ void si_meminfo(struct sysinfo *val)
24454 val->totalhigh = totalhigh_pages;
24455 val->freehigh = nr_free_highpages();
24456 val->mem_unit = PAGE_SIZE;
24458 + if (vx_flags(VXF_VIRT_MEM, 0))
24459 + vx_vsi_meminfo(val);
24462 EXPORT_SYMBOL(si_meminfo);
24463 @@ -2490,6 +2495,9 @@ void si_meminfo_node(struct sysinfo *val
24466 val->mem_unit = PAGE_SIZE;
24468 + if (vx_flags(VXF_VIRT_MEM, 0))
24469 + vx_vsi_meminfo(val);
24473 diff -NurpP --minimal linux-3.0-rc5/mm/pgtable-generic.c linux-3.0-rc5-vs2.3.1-pre3/mm/pgtable-generic.c
24474 --- linux-3.0-rc5/mm/pgtable-generic.c 2011-03-15 18:07:42.000000000 +0100
24475 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/pgtable-generic.c 2011-06-10 22:11:24.000000000 +0200
24477 * Copyright (C) 2010 Linus Torvalds
24480 +#include <linux/mm.h>
24482 #include <linux/pagemap.h>
24483 #include <asm/tlb.h>
24484 #include <asm-generic/pgtable.h>
24485 diff -NurpP --minimal linux-3.0-rc5/mm/rmap.c linux-3.0-rc5-vs2.3.1-pre3/mm/rmap.c
24486 --- linux-3.0-rc5/mm/rmap.c 2011-07-01 11:14:23.000000000 +0200
24487 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/rmap.c 2011-07-01 11:35:35.000000000 +0200
24489 #include <linux/mmu_notifier.h>
24490 #include <linux/migrate.h>
24491 #include <linux/hugetlb.h>
24492 +#include <linux/vs_memory.h>
24494 #include <asm/tlbflush.h>
24496 diff -NurpP --minimal linux-3.0-rc5/mm/shmem.c linux-3.0-rc5-vs2.3.1-pre3/mm/shmem.c
24497 --- linux-3.0-rc5/mm/shmem.c 2011-07-01 11:14:23.000000000 +0200
24498 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/shmem.c 2011-07-01 11:35:35.000000000 +0200
24499 @@ -1850,7 +1850,7 @@ static int shmem_statfs(struct dentry *d
24501 struct shmem_sb_info *sbinfo = SHMEM_SB(dentry->d_sb);
24503 - buf->f_type = TMPFS_MAGIC;
24504 + buf->f_type = TMPFS_SUPER_MAGIC;
24505 buf->f_bsize = PAGE_CACHE_SIZE;
24506 buf->f_namelen = NAME_MAX;
24507 if (sbinfo->max_blocks) {
24508 @@ -2605,7 +2605,7 @@ int shmem_fill_super(struct super_block
24509 sb->s_maxbytes = SHMEM_MAX_BYTES;
24510 sb->s_blocksize = PAGE_CACHE_SIZE;
24511 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
24512 - sb->s_magic = TMPFS_MAGIC;
24513 + sb->s_magic = TMPFS_SUPER_MAGIC;
24514 sb->s_op = &shmem_ops;
24515 sb->s_time_gran = 1;
24516 #ifdef CONFIG_TMPFS_XATTR
24517 diff -NurpP --minimal linux-3.0-rc5/mm/slab.c linux-3.0-rc5-vs2.3.1-pre3/mm/slab.c
24518 --- linux-3.0-rc5/mm/slab.c 2011-07-01 11:14:23.000000000 +0200
24519 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/slab.c 2011-06-15 02:41:23.000000000 +0200
24520 @@ -411,6 +411,8 @@ static void kmem_list3_init(struct kmem_
24521 #define STATS_INC_FREEMISS(x) do { } while (0)
24524 +#include "slab_vs.h"
24529 @@ -3348,6 +3350,7 @@ retry:
24531 obj = slab_get_obj(cachep, slabp, nodeid);
24532 check_slabp(cachep, slabp);
24533 + vx_slab_alloc(cachep, flags);
24534 l3->free_objects--;
24535 /* move slabp to correct slabp list: */
24536 list_del(&slabp->list);
24537 @@ -3425,6 +3428,7 @@ __cache_alloc_node(struct kmem_cache *ca
24538 /* ___cache_alloc_node can fall back to other nodes */
24539 ptr = ____cache_alloc_node(cachep, flags, nodeid);
24541 + vx_slab_alloc(cachep, flags);
24542 local_irq_restore(save_flags);
24543 ptr = cache_alloc_debugcheck_after(cachep, flags, ptr, caller);
24544 kmemleak_alloc_recursive(ptr, obj_size(cachep), 1, cachep->flags,
24545 @@ -3612,6 +3616,7 @@ static inline void __cache_free(struct k
24547 kmemleak_free_recursive(objp, cachep->flags);
24548 objp = cache_free_debugcheck(cachep, objp, caller);
24549 + vx_slab_free(cachep);
24551 kmemcheck_slab_free(cachep, objp, obj_size(cachep));
24553 diff -NurpP --minimal linux-3.0-rc5/mm/slab_vs.h linux-3.0-rc5-vs2.3.1-pre3/mm/slab_vs.h
24554 --- linux-3.0-rc5/mm/slab_vs.h 1970-01-01 01:00:00.000000000 +0100
24555 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/slab_vs.h 2011-06-10 22:11:24.000000000 +0200
24558 +#include <linux/vserver/context.h>
24560 +#include <linux/vs_context.h>
24563 +void vx_slab_alloc(struct kmem_cache *cachep, gfp_t flags)
24565 + int what = gfp_zone(cachep->gfpflags);
24566 + struct vx_info *vxi = current_vx_info();
24571 + atomic_add(cachep->buffer_size, &vxi->cacct.slab[what]);
24575 +void vx_slab_free(struct kmem_cache *cachep)
24577 + int what = gfp_zone(cachep->gfpflags);
24578 + struct vx_info *vxi = current_vx_info();
24583 + atomic_sub(cachep->buffer_size, &vxi->cacct.slab[what]);
24586 diff -NurpP --minimal linux-3.0-rc5/mm/swapfile.c linux-3.0-rc5-vs2.3.1-pre3/mm/swapfile.c
24587 --- linux-3.0-rc5/mm/swapfile.c 2011-07-01 11:14:23.000000000 +0200
24588 +++ linux-3.0-rc5-vs2.3.1-pre3/mm/swapfile.c 2011-07-01 11:35:35.000000000 +0200
24590 #include <asm/tlbflush.h>
24591 #include <linux/swapops.h>
24592 #include <linux/page_cgroup.h>
24593 +#include <linux/vs_base.h>
24594 +#include <linux/vs_memory.h>
24596 static bool swap_count_continued(struct swap_info_struct *, pgoff_t,
24598 @@ -1759,6 +1761,16 @@ static int swap_show(struct seq_file *sw
24600 if (si == SEQ_START_TOKEN) {
24601 seq_puts(swap,"Filename\t\t\t\tType\t\tSize\tUsed\tPriority\n");
24602 + if (vx_flags(VXF_VIRT_MEM, 0)) {
24603 + struct sysinfo si;
24605 + vx_vsi_swapinfo(&si);
24606 + if (si.totalswap < (1 << 10))
24608 + seq_printf(swap, "%s\t\t\t\t\t%s\t%lu\t%lu\t%d\n",
24609 + "hdv0", "partition", si.totalswap >> 10,
24610 + (si.totalswap - si.freeswap) >> 10, -1);
24615 @@ -2186,6 +2198,8 @@ void si_swapinfo(struct sysinfo *val)
24616 val->freeswap = nr_swap_pages + nr_to_be_unused;
24617 val->totalswap = total_swap_pages + nr_to_be_unused;
24618 spin_unlock(&swap_lock);
24619 + if (vx_flags(VXF_VIRT_MEM, 0))
24620 + vx_vsi_swapinfo(val);
24624 diff -NurpP --minimal linux-3.0-rc5/net/bridge/br_multicast.c linux-3.0-rc5-vs2.3.1-pre3/net/bridge/br_multicast.c
24625 --- linux-3.0-rc5/net/bridge/br_multicast.c 2011-07-01 11:14:26.000000000 +0200
24626 +++ linux-3.0-rc5-vs2.3.1-pre3/net/bridge/br_multicast.c 2011-06-22 12:39:16.000000000 +0200
24627 @@ -447,7 +447,7 @@ static struct sk_buff *br_ip6_multicast_
24628 ip6h->hop_limit = 1;
24629 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
24630 ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0,
24632 + &ip6h->saddr, NULL);
24633 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
24635 hopopt = (u8 *)(ip6h + 1);
24636 diff -NurpP --minimal linux-3.0-rc5/net/core/dev.c linux-3.0-rc5-vs2.3.1-pre3/net/core/dev.c
24637 --- linux-3.0-rc5/net/core/dev.c 2011-07-01 11:14:26.000000000 +0200
24638 +++ linux-3.0-rc5-vs2.3.1-pre3/net/core/dev.c 2011-06-15 02:40:14.000000000 +0200
24639 @@ -127,6 +127,7 @@
24640 #include <linux/in.h>
24641 #include <linux/jhash.h>
24642 #include <linux/random.h>
24643 +#include <linux/vs_inet.h>
24644 #include <trace/events/napi.h>
24645 #include <trace/events/net.h>
24646 #include <trace/events/skb.h>
24647 @@ -609,7 +610,8 @@ struct net_device *__dev_get_by_name(str
24648 struct hlist_head *head = dev_name_hash(net, name);
24650 hlist_for_each_entry(dev, p, head, name_hlist)
24651 - if (!strncmp(dev->name, name, IFNAMSIZ))
24652 + if (!strncmp(dev->name, name, IFNAMSIZ) &&
24653 + nx_dev_visible(current_nx_info(), dev))
24657 @@ -635,7 +637,8 @@ struct net_device *dev_get_by_name_rcu(s
24658 struct hlist_head *head = dev_name_hash(net, name);
24660 hlist_for_each_entry_rcu(dev, p, head, name_hlist)
24661 - if (!strncmp(dev->name, name, IFNAMSIZ))
24662 + if (!strncmp(dev->name, name, IFNAMSIZ) &&
24663 + nx_dev_visible(current_nx_info(), dev))
24667 @@ -686,7 +689,8 @@ struct net_device *__dev_get_by_index(st
24668 struct hlist_head *head = dev_index_hash(net, ifindex);
24670 hlist_for_each_entry(dev, p, head, index_hlist)
24671 - if (dev->ifindex == ifindex)
24672 + if ((dev->ifindex == ifindex) &&
24673 + nx_dev_visible(current_nx_info(), dev))
24677 @@ -711,7 +715,8 @@ struct net_device *dev_get_by_index_rcu(
24678 struct hlist_head *head = dev_index_hash(net, ifindex);
24680 hlist_for_each_entry_rcu(dev, p, head, index_hlist)
24681 - if (dev->ifindex == ifindex)
24682 + if ((dev->ifindex == ifindex) &&
24683 + nx_dev_visible(current_nx_info(), dev))
24687 @@ -764,7 +769,8 @@ struct net_device *dev_getbyhwaddr_rcu(s
24689 for_each_netdev_rcu(net, dev)
24690 if (dev->type == type &&
24691 - !memcmp(dev->dev_addr, ha, dev->addr_len))
24692 + !memcmp(dev->dev_addr, ha, dev->addr_len) &&
24693 + nx_dev_visible(current_nx_info(), dev))
24697 @@ -776,9 +782,11 @@ struct net_device *__dev_getfirstbyhwtyp
24698 struct net_device *dev;
24701 - for_each_netdev(net, dev)
24702 - if (dev->type == type)
24703 + for_each_netdev(net, dev) {
24704 + if ((dev->type == type) &&
24705 + nx_dev_visible(current_nx_info(), dev))
24711 @@ -896,6 +904,8 @@ static int __dev_alloc_name(struct net *
24713 if (i < 0 || i >= max_netdevices)
24715 + if (!nx_dev_visible(current_nx_info(), d))
24718 /* avoid cases where sscanf is not exact inverse of printf */
24719 snprintf(buf, IFNAMSIZ, name, i);
24720 @@ -3937,6 +3947,8 @@ static int dev_ifconf(struct net *net, c
24723 for_each_netdev(net, dev) {
24724 + if (!nx_dev_visible(current_nx_info(), dev))
24726 for (i = 0; i < NPROTO; i++) {
24727 if (gifconf_list[i]) {
24729 @@ -4011,6 +4023,10 @@ static void dev_seq_printf_stats(struct
24730 struct rtnl_link_stats64 temp;
24731 const struct rtnl_link_stats64 *stats = dev_get_stats(dev, &temp);
24733 + /* device visible inside network context? */
24734 + if (!nx_dev_visible(current_nx_info(), dev))
24737 seq_printf(seq, "%6s: %7llu %7llu %4llu %4llu %4llu %5llu %10llu %9llu "
24738 "%8llu %7llu %4llu %4llu %4llu %5llu %7llu %10llu\n",
24739 dev->name, stats->rx_bytes, stats->rx_packets,
24740 diff -NurpP --minimal linux-3.0-rc5/net/core/rtnetlink.c linux-3.0-rc5-vs2.3.1-pre3/net/core/rtnetlink.c
24741 --- linux-3.0-rc5/net/core/rtnetlink.c 2011-07-01 11:14:26.000000000 +0200
24742 +++ linux-3.0-rc5-vs2.3.1-pre3/net/core/rtnetlink.c 2011-06-10 22:11:24.000000000 +0200
24743 @@ -1015,6 +1015,8 @@ static int rtnl_dump_ifinfo(struct sk_bu
24744 hlist_for_each_entry_rcu(dev, node, head, index_hlist) {
24747 + if (!nx_dev_visible(skb->sk->sk_nx_info, dev))
24749 if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK,
24750 NETLINK_CB(cb->skb).pid,
24751 cb->nlh->nlmsg_seq, 0,
24752 @@ -1848,6 +1850,9 @@ void rtmsg_ifinfo(int type, struct net_d
24753 struct sk_buff *skb;
24754 int err = -ENOBUFS;
24756 + if (!nx_dev_visible(current_nx_info(), dev))
24759 skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL);
24762 diff -NurpP --minimal linux-3.0-rc5/net/core/sock.c linux-3.0-rc5-vs2.3.1-pre3/net/core/sock.c
24763 --- linux-3.0-rc5/net/core/sock.c 2011-05-22 16:18:00.000000000 +0200
24764 +++ linux-3.0-rc5-vs2.3.1-pre3/net/core/sock.c 2011-06-10 22:11:24.000000000 +0200
24765 @@ -127,6 +127,10 @@
24766 #include <net/cls_cgroup.h>
24768 #include <linux/filter.h>
24769 +#include <linux/vs_socket.h>
24770 +#include <linux/vs_limit.h>
24771 +#include <linux/vs_context.h>
24772 +#include <linux/vs_network.h>
24775 #include <net/tcp.h>
24776 @@ -1070,6 +1074,8 @@ static struct sock *sk_prot_alloc(struct
24778 sk_tx_queue_clear(sk);
24780 + sock_vx_init(sk);
24781 + sock_nx_init(sk);
24785 @@ -1169,6 +1175,11 @@ static void __sk_free(struct sock *sk)
24786 put_cred(sk->sk_peer_cred);
24787 put_pid(sk->sk_peer_pid);
24788 put_net(sock_net(sk));
24790 + clr_vx_info(&sk->sk_vx_info);
24792 + clr_nx_info(&sk->sk_nx_info);
24794 sk_prot_free(sk->sk_prot_creator, sk);
24797 @@ -1216,6 +1227,8 @@ struct sock *sk_clone(const struct sock
24800 get_net(sock_net(newsk));
24801 + sock_vx_init(newsk);
24802 + sock_nx_init(newsk);
24803 sk_node_init(&newsk->sk_node);
24804 sock_lock_init(newsk);
24805 bh_lock_sock(newsk);
24806 @@ -1271,6 +1284,12 @@ struct sock *sk_clone(const struct sock
24808 atomic_set(&newsk->sk_refcnt, 2);
24810 + set_vx_info(&newsk->sk_vx_info, sk->sk_vx_info);
24811 + newsk->sk_xid = sk->sk_xid;
24812 + vx_sock_inc(newsk);
24813 + set_nx_info(&newsk->sk_nx_info, sk->sk_nx_info);
24814 + newsk->sk_nid = sk->sk_nid;
24817 * Increment the counter in the same struct proto as the master
24818 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
24819 @@ -2017,6 +2036,12 @@ void sock_init_data(struct socket *sock,
24821 sk->sk_stamp = ktime_set(-1L, 0);
24823 + set_vx_info(&sk->sk_vx_info, current_vx_info());
24824 + sk->sk_xid = vx_current_xid();
24826 + set_nx_info(&sk->sk_nx_info, current_nx_info());
24827 + sk->sk_nid = nx_current_nid();
24830 * Before updating sk_refcnt, we must commit prior changes to memory
24831 * (Documentation/RCU/rculist_nulls.txt for details)
24832 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/af_inet.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/af_inet.c
24833 --- linux-3.0-rc5/net/ipv4/af_inet.c 2011-07-01 11:14:26.000000000 +0200
24834 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/af_inet.c 2011-06-22 12:39:16.000000000 +0200
24835 @@ -117,6 +117,7 @@
24836 #ifdef CONFIG_IP_MROUTE
24837 #include <linux/mroute.h>
24839 +#include <linux/vs_limit.h>
24842 /* The inetsw table contains everything that inet_create needs to
24843 @@ -326,9 +327,13 @@ lookup_protocol:
24847 + if ((protocol == IPPROTO_ICMP) &&
24848 + nx_capable(CAP_NET_RAW, NXC_RAW_ICMP))
24851 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
24852 goto out_rcu_unlock;
24855 err = -EAFNOSUPPORT;
24856 if (!inet_netns_ok(net, protocol))
24857 goto out_rcu_unlock;
24858 @@ -452,6 +457,7 @@ int inet_bind(struct socket *sock, struc
24859 struct sockaddr_in *addr = (struct sockaddr_in *)uaddr;
24860 struct sock *sk = sock->sk;
24861 struct inet_sock *inet = inet_sk(sk);
24862 + struct nx_v4_sock_addr nsa;
24863 unsigned short snum;
24866 @@ -468,7 +474,11 @@ int inet_bind(struct socket *sock, struc
24867 if (addr->sin_family != AF_INET)
24870 - chk_addr_ret = inet_addr_type(sock_net(sk), addr->sin_addr.s_addr);
24871 + err = v4_map_sock_addr(inet, addr, &nsa);
24875 + chk_addr_ret = inet_addr_type(sock_net(sk), nsa.saddr);
24877 /* Not specified by any standard per-se, however it breaks too
24878 * many applications when removed. It is unfortunate since
24879 @@ -480,7 +490,7 @@ int inet_bind(struct socket *sock, struc
24880 err = -EADDRNOTAVAIL;
24881 if (!sysctl_ip_nonlocal_bind &&
24882 !(inet->freebind || inet->transparent) &&
24883 - addr->sin_addr.s_addr != htonl(INADDR_ANY) &&
24884 + nsa.saddr != htonl(INADDR_ANY) &&
24885 chk_addr_ret != RTN_LOCAL &&
24886 chk_addr_ret != RTN_MULTICAST &&
24887 chk_addr_ret != RTN_BROADCAST)
24888 @@ -505,7 +515,7 @@ int inet_bind(struct socket *sock, struc
24889 if (sk->sk_state != TCP_CLOSE || inet->inet_num)
24890 goto out_release_sock;
24892 - inet->inet_rcv_saddr = inet->inet_saddr = addr->sin_addr.s_addr;
24893 + v4_set_sock_addr(inet, &nsa);
24894 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
24895 inet->inet_saddr = 0; /* Use device */
24897 @@ -708,11 +718,13 @@ int inet_getname(struct socket *sock, st
24900 sin->sin_port = inet->inet_dport;
24901 - sin->sin_addr.s_addr = inet->inet_daddr;
24902 + sin->sin_addr.s_addr =
24903 + nx_map_sock_lback(sk->sk_nx_info, inet->inet_daddr);
24905 __be32 addr = inet->inet_rcv_saddr;
24907 addr = inet->inet_saddr;
24908 + addr = nx_map_sock_lback(sk->sk_nx_info, addr);
24909 sin->sin_port = inet->inet_sport;
24910 sin->sin_addr.s_addr = addr;
24912 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/devinet.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/devinet.c
24913 --- linux-3.0-rc5/net/ipv4/devinet.c 2011-07-01 11:14:26.000000000 +0200
24914 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/devinet.c 2011-06-10 22:11:24.000000000 +0200
24915 @@ -518,6 +518,7 @@ struct in_device *inetdev_by_index(struc
24917 EXPORT_SYMBOL(inetdev_by_index);
24920 /* Called only from RTNL semaphored context. No locks. */
24922 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
24923 @@ -759,6 +760,8 @@ int devinet_ioctl(struct net *net, unsig
24925 in_dev = __in_dev_get_rtnl(dev);
24927 + struct nx_info *nxi = current_nx_info();
24929 if (tryaddrmatch) {
24930 /* Matthias Andree */
24931 /* compare label and address (4.4BSD style) */
24932 @@ -767,6 +770,8 @@ int devinet_ioctl(struct net *net, unsig
24933 This is checked above. */
24934 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
24935 ifap = &ifa->ifa_next) {
24936 + if (!nx_v4_ifa_visible(nxi, ifa))
24938 if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
24939 sin_orig.sin_addr.s_addr ==
24941 @@ -779,9 +784,12 @@ int devinet_ioctl(struct net *net, unsig
24942 comparing just the label */
24944 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
24945 - ifap = &ifa->ifa_next)
24946 + ifap = &ifa->ifa_next) {
24947 + if (!nx_v4_ifa_visible(nxi, ifa))
24949 if (!strcmp(ifr.ifr_name, ifa->ifa_label))
24955 @@ -934,6 +942,8 @@ static int inet_gifconf(struct net_devic
24958 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
24959 + if (!nx_v4_ifa_visible(current_nx_info(), ifa))
24962 done += sizeof(ifr);
24964 @@ -1294,6 +1304,7 @@ static int inet_dump_ifaddr(struct sk_bu
24965 struct net_device *dev;
24966 struct in_device *in_dev;
24967 struct in_ifaddr *ifa;
24968 + struct sock *sk = skb->sk;
24969 struct hlist_head *head;
24970 struct hlist_node *node;
24972 @@ -1316,6 +1327,8 @@ static int inet_dump_ifaddr(struct sk_bu
24974 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
24975 ifa = ifa->ifa_next, ip_idx++) {
24976 + if (sk && !nx_v4_ifa_visible(sk->sk_nx_info, ifa))
24978 if (ip_idx < s_ip_idx)
24980 if (inet_fill_ifaddr(skb, ifa,
24981 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/inet_connection_sock.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/inet_connection_sock.c
24982 --- linux-3.0-rc5/net/ipv4/inet_connection_sock.c 2011-07-01 11:14:26.000000000 +0200
24983 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/inet_connection_sock.c 2011-06-10 22:11:24.000000000 +0200
24984 @@ -52,6 +52,37 @@ void inet_get_local_port_range(int *low,
24986 EXPORT_SYMBOL(inet_get_local_port_range);
24988 +int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
24990 + __be32 sk1_rcv_saddr = sk_rcv_saddr(sk1),
24991 + sk2_rcv_saddr = sk_rcv_saddr(sk2);
24993 + if (inet_v6_ipv6only(sk2))
24996 + if (sk1_rcv_saddr &&
24998 + sk1_rcv_saddr == sk2_rcv_saddr)
25001 + if (sk1_rcv_saddr &&
25002 + !sk2_rcv_saddr &&
25003 + v4_addr_in_nx_info(sk2->sk_nx_info, sk1_rcv_saddr, NXA_MASK_BIND))
25006 + if (sk2_rcv_saddr &&
25007 + !sk1_rcv_saddr &&
25008 + v4_addr_in_nx_info(sk1->sk_nx_info, sk2_rcv_saddr, NXA_MASK_BIND))
25011 + if (!sk1_rcv_saddr &&
25012 + !sk2_rcv_saddr &&
25013 + nx_v4_addr_conflict(sk1->sk_nx_info, sk2->sk_nx_info))
25019 int inet_csk_bind_conflict(const struct sock *sk,
25020 const struct inet_bind_bucket *tb)
25022 @@ -74,9 +105,7 @@ int inet_csk_bind_conflict(const struct
25023 sk->sk_bound_dev_if == sk2->sk_bound_dev_if)) {
25024 if (!reuse || !sk2->sk_reuse ||
25025 sk2->sk_state == TCP_LISTEN) {
25026 - const __be32 sk2_rcv_saddr = sk_rcv_saddr(sk2);
25027 - if (!sk2_rcv_saddr || !sk_rcv_saddr(sk) ||
25028 - sk2_rcv_saddr == sk_rcv_saddr(sk))
25029 + if (ipv4_rcv_saddr_equal(sk, sk2))
25033 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/inet_diag.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/inet_diag.c
25034 --- linux-3.0-rc5/net/ipv4/inet_diag.c 2011-07-01 11:14:26.000000000 +0200
25035 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/inet_diag.c 2011-06-22 12:39:16.000000000 +0200
25037 #include <linux/stddef.h>
25039 #include <linux/inet_diag.h>
25040 +#include <linux/vs_network.h>
25041 +#include <linux/vs_inet.h>
25043 static const struct inet_diag_handler **inet_diag_table;
25045 @@ -119,8 +121,10 @@ static int inet_csk_diag_fill(struct soc
25047 r->id.idiag_sport = inet->inet_sport;
25048 r->id.idiag_dport = inet->inet_dport;
25049 - r->id.idiag_src[0] = inet->inet_rcv_saddr;
25050 - r->id.idiag_dst[0] = inet->inet_daddr;
25051 + r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info,
25052 + inet->inet_rcv_saddr);
25053 + r->id.idiag_dst[0] = nx_map_sock_lback(sk->sk_nx_info,
25054 + inet->inet_daddr);
25056 #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
25057 if (r->idiag_family == AF_INET6) {
25058 @@ -205,8 +209,8 @@ static int inet_twsk_diag_fill(struct in
25059 r->id.idiag_cookie[1] = (u32)(((unsigned long)tw >> 31) >> 1);
25060 r->id.idiag_sport = tw->tw_sport;
25061 r->id.idiag_dport = tw->tw_dport;
25062 - r->id.idiag_src[0] = tw->tw_rcv_saddr;
25063 - r->id.idiag_dst[0] = tw->tw_daddr;
25064 + r->id.idiag_src[0] = nx_map_sock_lback(tw->tw_nx_info, tw->tw_rcv_saddr);
25065 + r->id.idiag_dst[0] = nx_map_sock_lback(tw->tw_nx_info, tw->tw_daddr);
25066 r->idiag_state = tw->tw_substate;
25067 r->idiag_timer = 3;
25068 r->idiag_expires = DIV_ROUND_UP(tmo * 1000, HZ);
25069 @@ -263,6 +267,7 @@ static int inet_diag_get_exact(struct sk
25072 if (req->idiag_family == AF_INET) {
25073 + /* TODO: lback */
25074 sk = inet_lookup(&init_net, hashinfo, req->id.idiag_dst[0],
25075 req->id.idiag_dport, req->id.idiag_src[0],
25076 req->id.idiag_sport, req->id.idiag_if);
25077 @@ -505,6 +510,7 @@ static int inet_csk_diag_dump(struct soc
25081 + /* TODO: lback */
25082 entry.saddr = &inet->inet_rcv_saddr;
25083 entry.daddr = &inet->inet_daddr;
25085 @@ -543,6 +549,7 @@ static int inet_twsk_diag_dump(struct in
25089 + /* TODO: lback */
25090 entry.saddr = &tw->tw_rcv_saddr;
25091 entry.daddr = &tw->tw_daddr;
25093 @@ -589,8 +596,8 @@ static int inet_diag_fill_req(struct sk_
25095 r->id.idiag_sport = inet->inet_sport;
25096 r->id.idiag_dport = ireq->rmt_port;
25097 - r->id.idiag_src[0] = ireq->loc_addr;
25098 - r->id.idiag_dst[0] = ireq->rmt_addr;
25099 + r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info, ireq->loc_addr);
25100 + r->id.idiag_dst[0] = nx_map_sock_lback(sk->sk_nx_info, ireq->rmt_addr);
25101 r->idiag_expires = jiffies_to_msecs(tmo);
25102 r->idiag_rqueue = 0;
25103 r->idiag_wqueue = 0;
25104 @@ -661,6 +668,7 @@ static int inet_diag_dump_reqs(struct sk
25108 + /* TODO: lback */
25110 #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
25111 (entry.family == AF_INET6) ?
25112 @@ -731,6 +739,8 @@ static int inet_diag_dump(struct sk_buff
25113 sk_nulls_for_each(sk, node, &ilb->head) {
25114 struct inet_sock *inet = inet_sk(sk);
25116 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
25121 @@ -797,6 +807,8 @@ skip_listen_ht:
25122 sk_nulls_for_each(sk, node, &head->chain) {
25123 struct inet_sock *inet = inet_sk(sk);
25125 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
25129 if (!(r->idiag_states & (1 << sk->sk_state)))
25130 @@ -821,6 +833,8 @@ next_normal:
25131 inet_twsk_for_each(tw, node,
25134 + if (!nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))
25138 if (r->id.idiag_sport != tw->tw_sport &&
25139 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/inet_hashtables.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/inet_hashtables.c
25140 --- linux-3.0-rc5/net/ipv4/inet_hashtables.c 2011-01-05 21:50:42.000000000 +0100
25141 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/inet_hashtables.c 2011-06-10 22:11:24.000000000 +0200
25144 #include <net/inet_connection_sock.h>
25145 #include <net/inet_hashtables.h>
25146 +#include <net/route.h>
25147 #include <net/ip.h>
25150 @@ -155,6 +156,11 @@ static inline int compute_score(struct s
25151 if (rcv_saddr != daddr)
25155 + /* block non nx_info ips */
25156 + if (!v4_addr_in_nx_info(sk->sk_nx_info,
25157 + daddr, NXA_MASK_BIND))
25160 if (sk->sk_bound_dev_if) {
25161 if (sk->sk_bound_dev_if != dif)
25162 @@ -172,7 +178,6 @@ static inline int compute_score(struct s
25163 * wildcarded during the search since they can never be otherwise.
25167 struct sock *__inet_lookup_listener(struct net *net,
25168 struct inet_hashinfo *hashinfo,
25169 const __be32 daddr, const unsigned short hnum,
25170 @@ -195,6 +200,7 @@ begin:
25176 * if the nulls value we got at the end of this lookup is
25177 * not the expected one, we must restart lookup.
25178 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/netfilter/nf_nat_helper.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/netfilter/nf_nat_helper.c
25179 --- linux-3.0-rc5/net/ipv4/netfilter/nf_nat_helper.c 2011-07-01 11:14:26.000000000 +0200
25180 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/netfilter/nf_nat_helper.c 2011-06-15 02:40:14.000000000 +0200
25182 #include <net/route.h>
25184 #include <linux/netfilter_ipv4.h>
25185 +#include <net/route.h>
25186 #include <net/netfilter/nf_conntrack.h>
25187 #include <net/netfilter/nf_conntrack_helper.h>
25188 #include <net/netfilter/nf_conntrack_ecache.h>
25189 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/netfilter.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/netfilter.c
25190 --- linux-3.0-rc5/net/ipv4/netfilter.c 2011-05-22 16:18:00.000000000 +0200
25191 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/netfilter.c 2011-06-10 22:11:24.000000000 +0200
25193 #include <linux/ip.h>
25194 #include <linux/skbuff.h>
25195 #include <linux/gfp.h>
25196 -#include <net/route.h>
25197 +// #include <net/route.h>
25198 #include <net/xfrm.h>
25199 #include <net/ip.h>
25200 #include <net/netfilter/nf_queue.h>
25201 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/raw.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/raw.c
25202 --- linux-3.0-rc5/net/ipv4/raw.c 2011-07-01 11:14:26.000000000 +0200
25203 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/raw.c 2011-06-10 22:11:24.000000000 +0200
25204 @@ -117,7 +117,7 @@ static struct sock *__raw_v4_lookup(stru
25206 if (net_eq(sock_net(sk), net) && inet->inet_num == num &&
25207 !(inet->inet_daddr && inet->inet_daddr != raddr) &&
25208 - !(inet->inet_rcv_saddr && inet->inet_rcv_saddr != laddr) &&
25209 + v4_sock_addr_match(sk->sk_nx_info, inet, laddr) &&
25210 !(sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif))
25211 goto found; /* gotcha */
25213 @@ -385,6 +385,12 @@ static int raw_send_hdrinc(struct sock *
25214 icmp_out_count(net, ((struct icmphdr *)
25215 skb_transport_header(skb))->type);
25218 + if (!nx_check(0, VS_ADMIN) && !capable(CAP_NET_RAW) &&
25219 + sk->sk_nx_info &&
25220 + !v4_addr_in_nx_info(sk->sk_nx_info, iph->saddr, NXA_MASK_BIND))
25223 err = NF_HOOK(NFPROTO_IPV4, NF_INET_LOCAL_OUT, skb, NULL,
25224 rt->dst.dev, dst_output);
25226 @@ -647,17 +653,19 @@ static int raw_bind(struct sock *sk, str
25228 struct inet_sock *inet = inet_sk(sk);
25229 struct sockaddr_in *addr = (struct sockaddr_in *) uaddr;
25230 + struct nx_v4_sock_addr nsa = { 0 };
25234 if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_in))
25236 - chk_addr_ret = inet_addr_type(sock_net(sk), addr->sin_addr.s_addr);
25237 + v4_map_sock_addr(inet, addr, &nsa);
25238 + chk_addr_ret = inet_addr_type(sock_net(sk), nsa.saddr);
25239 ret = -EADDRNOTAVAIL;
25240 - if (addr->sin_addr.s_addr && chk_addr_ret != RTN_LOCAL &&
25241 + if (nsa.saddr && chk_addr_ret != RTN_LOCAL &&
25242 chk_addr_ret != RTN_MULTICAST && chk_addr_ret != RTN_BROADCAST)
25244 - inet->inet_rcv_saddr = inet->inet_saddr = addr->sin_addr.s_addr;
25245 + v4_set_sock_addr(inet, &nsa);
25246 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
25247 inet->inet_saddr = 0; /* Use device */
25249 @@ -709,7 +717,8 @@ static int raw_recvmsg(struct kiocb *ioc
25250 /* Copy the address. */
25252 sin->sin_family = AF_INET;
25253 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
25254 + sin->sin_addr.s_addr =
25255 + nx_map_sock_lback(sk->sk_nx_info, ip_hdr(skb)->saddr);
25257 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
25259 @@ -905,7 +914,8 @@ static struct sock *raw_get_first(struct
25260 struct hlist_node *node;
25262 sk_for_each(sk, node, &state->h->ht[state->bucket])
25263 - if (sock_net(sk) == seq_file_net(seq))
25264 + if ((sock_net(sk) == seq_file_net(seq)) &&
25265 + nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
25269 @@ -921,7 +931,8 @@ static struct sock *raw_get_next(struct
25273 - } while (sk && sock_net(sk) != seq_file_net(seq));
25274 + } while (sk && ((sock_net(sk) != seq_file_net(seq)) ||
25275 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)));
25277 if (!sk && ++state->bucket < RAW_HTABLE_SIZE) {
25278 sk = sk_head(&state->h->ht[state->bucket]);
25279 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/tcp.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/tcp.c
25280 --- linux-3.0-rc5/net/ipv4/tcp.c 2011-07-01 11:14:26.000000000 +0200
25281 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/tcp.c 2011-06-10 22:11:24.000000000 +0200
25282 @@ -266,6 +266,7 @@
25283 #include <linux/crypto.h>
25284 #include <linux/time.h>
25285 #include <linux/slab.h>
25286 +#include <linux/in.h>
25288 #include <net/icmp.h>
25289 #include <net/tcp.h>
25290 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/tcp_ipv4.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/tcp_ipv4.c
25291 --- linux-3.0-rc5/net/ipv4/tcp_ipv4.c 2011-07-01 11:14:26.000000000 +0200
25292 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/tcp_ipv4.c 2011-06-22 12:39:16.000000000 +0200
25293 @@ -2002,6 +2002,12 @@ static void *listening_get_next(struct s
25294 req = req->dl_next;
25297 + vxdprintk(VXD_CBIT(net, 6),
25298 + "sk,req: %p [#%d] (from %d)", req->sk,
25299 + (req->sk)?req->sk->sk_nid:0, nx_current_nid());
25301 + !nx_check(req->sk->sk_nid, VS_WATCH_P | VS_IDENT))
25303 if (req->rsk_ops->family == st->family) {
25306 @@ -2026,6 +2032,10 @@ get_req:
25309 sk_nulls_for_each_from(sk, node) {
25310 + vxdprintk(VXD_CBIT(net, 6), "sk: %p [#%d] (from %d)",
25311 + sk, sk->sk_nid, nx_current_nid());
25312 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
25314 if (!net_eq(sock_net(sk), net))
25316 if (sk->sk_family == st->family) {
25317 @@ -2102,6 +2112,11 @@ static void *established_get_first(struc
25319 spin_lock_bh(lock);
25320 sk_nulls_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
25321 + vxdprintk(VXD_CBIT(net, 6),
25322 + "sk,egf: %p [#%d] (from %d)",
25323 + sk, sk->sk_nid, nx_current_nid());
25324 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
25326 if (sk->sk_family != st->family ||
25327 !net_eq(sock_net(sk), net)) {
25329 @@ -2112,6 +2127,11 @@ static void *established_get_first(struc
25330 st->state = TCP_SEQ_STATE_TIME_WAIT;
25331 inet_twsk_for_each(tw, node,
25332 &tcp_hashinfo.ehash[st->bucket].twchain) {
25333 + vxdprintk(VXD_CBIT(net, 6),
25334 + "tw: %p [#%d] (from %d)",
25335 + tw, tw->tw_nid, nx_current_nid());
25336 + if (!nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))
25338 if (tw->tw_family != st->family ||
25339 !net_eq(twsk_net(tw), net)) {
25341 @@ -2141,7 +2161,9 @@ static void *established_get_next(struct
25345 - while (tw && (tw->tw_family != st->family || !net_eq(twsk_net(tw), net))) {
25346 + while (tw && (tw->tw_family != st->family ||
25347 + !net_eq(twsk_net(tw), net) ||
25348 + !nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))) {
25352 @@ -2165,6 +2187,11 @@ get_tw:
25353 sk = sk_nulls_next(sk);
25355 sk_nulls_for_each_from(sk, node) {
25356 + vxdprintk(VXD_CBIT(net, 6),
25357 + "sk,egn: %p [#%d] (from %d)",
25358 + sk, sk->sk_nid, nx_current_nid());
25359 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
25361 if (sk->sk_family == st->family && net_eq(sock_net(sk), net))
25364 @@ -2374,9 +2401,9 @@ static void get_openreq4(struct sock *sk
25365 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
25366 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %pK%n",
25369 + nx_map_sock_lback(current_nx_info(), ireq->loc_addr),
25370 ntohs(inet_sk(sk)->inet_sport),
25372 + nx_map_sock_lback(current_nx_info(), ireq->rmt_addr),
25373 ntohs(ireq->rmt_port),
25375 0, 0, /* could print option size, but that is af dependent. */
25376 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/tcp_minisocks.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/tcp_minisocks.c
25377 --- linux-3.0-rc5/net/ipv4/tcp_minisocks.c 2011-03-15 18:07:45.000000000 +0100
25378 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/tcp_minisocks.c 2011-06-10 22:11:24.000000000 +0200
25380 #include <linux/slab.h>
25381 #include <linux/sysctl.h>
25382 #include <linux/workqueue.h>
25383 +#include <linux/vs_limit.h>
25384 +#include <linux/vs_socket.h>
25385 +#include <linux/vs_context.h>
25386 #include <net/tcp.h>
25387 #include <net/inet_common.h>
25388 #include <net/xfrm.h>
25389 @@ -335,6 +338,11 @@ void tcp_time_wait(struct sock *sk, int
25390 tcptw->tw_ts_recent = tp->rx_opt.ts_recent;
25391 tcptw->tw_ts_recent_stamp = tp->rx_opt.ts_recent_stamp;
25393 + tw->tw_xid = sk->sk_xid;
25394 + tw->tw_vx_info = NULL;
25395 + tw->tw_nid = sk->sk_nid;
25396 + tw->tw_nx_info = NULL;
25398 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
25399 if (tw->tw_family == PF_INET6) {
25400 struct ipv6_pinfo *np = inet6_sk(sk);
25401 diff -NurpP --minimal linux-3.0-rc5/net/ipv4/udp.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/udp.c
25402 --- linux-3.0-rc5/net/ipv4/udp.c 2011-07-01 11:14:26.000000000 +0200
25403 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv4/udp.c 2011-06-10 22:11:24.000000000 +0200
25404 @@ -296,14 +296,7 @@ fail:
25406 EXPORT_SYMBOL(udp_lib_get_port);
25408 -static int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
25410 - struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2);
25412 - return (!ipv6_only_sock(sk2) &&
25413 - (!inet1->inet_rcv_saddr || !inet2->inet_rcv_saddr ||
25414 - inet1->inet_rcv_saddr == inet2->inet_rcv_saddr));
25416 +extern int ipv4_rcv_saddr_equal(const struct sock *, const struct sock *);
25418 static unsigned int udp4_portaddr_hash(struct net *net, __be32 saddr,
25420 @@ -338,6 +331,11 @@ static inline int compute_score(struct s
25421 if (inet->inet_rcv_saddr != daddr)
25425 + /* block non nx_info ips */
25426 + if (!v4_addr_in_nx_info(sk->sk_nx_info,
25427 + daddr, NXA_MASK_BIND))
25430 if (inet->inet_daddr) {
25431 if (inet->inet_daddr != saddr)
25432 @@ -441,6 +439,7 @@ exact_match:
25437 /* UDP is nearly always wildcards out the wazoo, it makes no sense to try
25438 * harder than this. -DaveM
25440 @@ -486,6 +485,11 @@ begin:
25441 sk_nulls_for_each_rcu(sk, node, &hslot->head) {
25442 score = compute_score(sk, net, saddr, hnum, sport,
25443 daddr, dport, dif);
25444 + /* FIXME: disabled?
25445 + if (score == 9) {
25449 if (score > badness) {
25452 @@ -499,6 +503,7 @@ begin:
25453 if (get_nulls_value(node) != slot)
25458 if (unlikely(!atomic_inc_not_zero_hint(&result->sk_refcnt, 2)))
25460 @@ -508,6 +513,7 @@ begin:
25468 @@ -550,8 +556,7 @@ static inline struct sock *udp_v4_mcast_
25469 udp_sk(s)->udp_port_hash != hnum ||
25470 (inet->inet_daddr && inet->inet_daddr != rmt_addr) ||
25471 (inet->inet_dport != rmt_port && inet->inet_dport) ||
25472 - (inet->inet_rcv_saddr &&
25473 - inet->inet_rcv_saddr != loc_addr) ||
25474 + !v4_sock_addr_match(sk->sk_nx_info, inet, loc_addr) ||
25475 ipv6_only_sock(s) ||
25476 (s->sk_bound_dev_if && s->sk_bound_dev_if != dif))
25478 @@ -1226,7 +1231,8 @@ try_again:
25480 sin->sin_family = AF_INET;
25481 sin->sin_port = udp_hdr(skb)->source;
25482 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
25483 + sin->sin_addr.s_addr = nx_map_sock_lback(
25484 + skb->sk->sk_nx_info, ip_hdr(skb)->saddr);
25485 memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
25487 if (inet->cmsg_flags)
25488 @@ -1967,6 +1973,8 @@ static struct sock *udp_get_first(struct
25489 sk_nulls_for_each(sk, node, &hslot->head) {
25490 if (!net_eq(sock_net(sk), net))
25492 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
25494 if (sk->sk_family == state->family)
25497 @@ -1984,7 +1992,9 @@ static struct sock *udp_get_next(struct
25500 sk = sk_nulls_next(sk);
25501 - } while (sk && (!net_eq(sock_net(sk), net) || sk->sk_family != state->family));
25502 + } while (sk && (!net_eq(sock_net(sk), net) ||
25503 + sk->sk_family != state->family ||
25504 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)));
25507 if (state->bucket <= state->udp_table->mask)
25508 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/Kconfig linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/Kconfig
25509 --- linux-3.0-rc5/net/ipv6/Kconfig 2010-08-02 16:52:59.000000000 +0200
25510 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/Kconfig 2011-06-10 22:11:24.000000000 +0200
25513 # IPv6 as module will cause a CRASH if you try to unload it
25515 - tristate "The IPv6 protocol"
25517 + bool "The IPv6 protocol"
25520 This is complemental support for the IP version 6.
25521 You will still be able to do traditional IPv4 networking as well.
25522 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/addrconf.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/addrconf.c
25523 --- linux-3.0-rc5/net/ipv6/addrconf.c 2011-07-01 11:14:26.000000000 +0200
25524 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/addrconf.c 2011-06-10 22:11:24.000000000 +0200
25527 #include <linux/proc_fs.h>
25528 #include <linux/seq_file.h>
25529 +#include <linux/vs_network.h>
25530 +#include <linux/vs_inet6.h>
25532 /* Set to 3 to get tracing... */
25533 #define ACONF_DEBUG 2
25534 @@ -1108,7 +1110,7 @@ out:
25536 int ipv6_dev_get_saddr(struct net *net, struct net_device *dst_dev,
25537 const struct in6_addr *daddr, unsigned int prefs,
25538 - struct in6_addr *saddr)
25539 + struct in6_addr *saddr, struct nx_info *nxi)
25541 struct ipv6_saddr_score scores[2],
25542 *score = &scores[0], *hiscore = &scores[1];
25543 @@ -1180,6 +1182,8 @@ int ipv6_dev_get_saddr(struct net *net,
25547 + if (!v6_addr_in_nx_info(nxi, &score->ifa->addr, -1))
25551 bitmap_zero(score->scorebits, IPV6_SADDR_RULE_MAX);
25552 @@ -3048,7 +3052,10 @@ static void if6_seq_stop(struct seq_file
25553 static int if6_seq_show(struct seq_file *seq, void *v)
25555 struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v;
25556 - seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n",
25558 + if (nx_check(0, VS_ADMIN|VS_WATCH) ||
25559 + v6_addr_in_nx_info(current_nx_info(), &ifp->addr, -1))
25560 + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n",
25562 ifp->idev->dev->ifindex,
25564 @@ -3554,6 +3561,11 @@ static int in6_dump_addrs(struct inet6_d
25565 struct ifacaddr6 *ifaca;
25567 int ip_idx = *p_ip_idx;
25568 + struct nx_info *nxi = skb->sk ? skb->sk->sk_nx_info : NULL;
25570 + /* disable ipv6 on non v6 guests */
25571 + if (nxi && !nx_info_has_v6(nxi))
25574 read_lock_bh(&idev->lock);
25576 @@ -3564,6 +3576,8 @@ static int in6_dump_addrs(struct inet6_d
25577 list_for_each_entry(ifa, &idev->addr_list, if_list) {
25578 if (++ip_idx < s_ip_idx)
25580 + if (!v6_addr_in_nx_info(nxi, &ifa->addr, -1))
25582 err = inet6_fill_ifaddr(skb, ifa,
25583 NETLINK_CB(cb->skb).pid,
25584 cb->nlh->nlmsg_seq,
25585 @@ -3580,6 +3594,8 @@ static int in6_dump_addrs(struct inet6_d
25586 ifmca = ifmca->next, ip_idx++) {
25587 if (ip_idx < s_ip_idx)
25589 + if (!v6_addr_in_nx_info(nxi, &ifmca->mca_addr, -1))
25591 err = inet6_fill_ifmcaddr(skb, ifmca,
25592 NETLINK_CB(cb->skb).pid,
25593 cb->nlh->nlmsg_seq,
25594 @@ -3595,6 +3611,8 @@ static int in6_dump_addrs(struct inet6_d
25595 ifaca = ifaca->aca_next, ip_idx++) {
25596 if (ip_idx < s_ip_idx)
25598 + if (!v6_addr_in_nx_info(nxi, &ifaca->aca_addr, -1))
25600 err = inet6_fill_ifacaddr(skb, ifaca,
25601 NETLINK_CB(cb->skb).pid,
25602 cb->nlh->nlmsg_seq,
25603 @@ -3980,6 +3998,11 @@ static int inet6_dump_ifinfo(struct sk_b
25604 struct inet6_dev *idev;
25605 struct hlist_head *head;
25606 struct hlist_node *node;
25607 + struct nx_info *nxi = skb->sk ? skb->sk->sk_nx_info : NULL;
25609 + /* FIXME: maybe disable ipv6 on non v6 guests?
25610 + if (skb->sk && skb->sk->sk_vx_info)
25611 + return skb->len; */
25614 s_idx = cb->args[1];
25615 @@ -3991,6 +4014,8 @@ static int inet6_dump_ifinfo(struct sk_b
25616 hlist_for_each_entry_rcu(dev, node, head, index_hlist) {
25619 + if (!v6_dev_in_nx_info(dev, nxi))
25621 idev = __in6_dev_get(dev);
25624 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/af_inet6.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/af_inet6.c
25625 --- linux-3.0-rc5/net/ipv6/af_inet6.c 2011-07-01 11:14:26.000000000 +0200
25626 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/af_inet6.c 2011-06-15 02:44:10.000000000 +0200
25628 #include <linux/netdevice.h>
25629 #include <linux/icmpv6.h>
25630 #include <linux/netfilter_ipv6.h>
25631 +#include <linux/vs_inet.h>
25632 +#include <linux/vs_inet6.h>
25634 #include <net/ip.h>
25635 #include <net/ipv6.h>
25636 @@ -160,9 +162,12 @@ lookup_protocol:
25640 + if ((protocol == IPPROTO_ICMPV6) &&
25641 + nx_capable(CAP_NET_RAW, NXC_RAW_ICMP))
25643 if (sock->type == SOCK_RAW && !kern && !capable(CAP_NET_RAW))
25644 goto out_rcu_unlock;
25647 sock->ops = answer->ops;
25648 answer_prot = answer->prot;
25649 answer_no_check = answer->no_check;
25650 @@ -261,6 +266,7 @@ int inet6_bind(struct socket *sock, stru
25651 struct inet_sock *inet = inet_sk(sk);
25652 struct ipv6_pinfo *np = inet6_sk(sk);
25653 struct net *net = sock_net(sk);
25654 + struct nx_v6_sock_addr nsa;
25656 unsigned short snum;
25658 @@ -276,6 +282,10 @@ int inet6_bind(struct socket *sock, stru
25659 if (addr->sin6_family != AF_INET6)
25662 + err = v6_map_sock_addr(inet, addr, &nsa);
25666 addr_type = ipv6_addr_type(&addr->sin6_addr);
25667 if ((addr_type & IPV6_ADDR_MULTICAST) && sock->type == SOCK_STREAM)
25669 @@ -307,6 +317,7 @@ int inet6_bind(struct socket *sock, stru
25670 /* Reproduce AF_INET checks to make the bindings consistent */
25671 v4addr = addr->sin6_addr.s6_addr32[3];
25672 chk_addr_ret = inet_addr_type(net, v4addr);
25674 if (!sysctl_ip_nonlocal_bind &&
25675 !(inet->freebind || inet->transparent) &&
25676 v4addr != htonl(INADDR_ANY) &&
25677 @@ -316,6 +327,10 @@ int inet6_bind(struct socket *sock, stru
25678 err = -EADDRNOTAVAIL;
25681 + if (!v4_addr_in_nx_info(sk->sk_nx_info, v4addr, NXA_MASK_BIND)) {
25682 + err = -EADDRNOTAVAIL;
25686 if (addr_type != IPV6_ADDR_ANY) {
25687 struct net_device *dev = NULL;
25688 @@ -342,6 +357,11 @@ int inet6_bind(struct socket *sock, stru
25692 + if (!v6_addr_in_nx_info(sk->sk_nx_info, &addr->sin6_addr, -1)) {
25693 + err = -EADDRNOTAVAIL;
25697 /* ipv4 addr of the socket is invalid. Only the
25698 * unspecified and mapped address have a v4 equivalent.
25700 @@ -358,6 +378,9 @@ int inet6_bind(struct socket *sock, stru
25704 + /* what's that for? */
25705 + v6_set_sock_addr(inet, &nsa);
25707 inet->inet_rcv_saddr = v4addr;
25708 inet->inet_saddr = v4addr;
25710 @@ -459,9 +482,11 @@ int inet6_getname(struct socket *sock, s
25712 sin->sin6_port = inet->inet_dport;
25713 ipv6_addr_copy(&sin->sin6_addr, &np->daddr);
25714 + /* FIXME: remap lback? */
25716 sin->sin6_flowinfo = np->flow_label;
25718 + /* FIXME: remap lback? */
25719 if (ipv6_addr_any(&np->rcv_saddr))
25720 ipv6_addr_copy(&sin->sin6_addr, &np->saddr);
25722 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/fib6_rules.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/fib6_rules.c
25723 --- linux-3.0-rc5/net/ipv6/fib6_rules.c 2011-05-22 16:18:00.000000000 +0200
25724 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/fib6_rules.c 2011-06-10 22:11:24.000000000 +0200
25725 @@ -90,7 +90,7 @@ static int fib6_rule_action(struct fib_r
25726 ip6_dst_idev(&rt->dst)->dev,
25728 rt6_flags2srcprefs(flags),
25732 if (!ipv6_prefix_equal(&saddr, &r->src.addr,
25734 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/inet6_hashtables.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/inet6_hashtables.c
25735 --- linux-3.0-rc5/net/ipv6/inet6_hashtables.c 2011-05-22 16:18:00.000000000 +0200
25736 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/inet6_hashtables.c 2011-06-10 22:11:24.000000000 +0200
25739 #include <linux/module.h>
25740 #include <linux/random.h>
25741 +#include <linux/vs_inet6.h>
25743 #include <net/inet_connection_sock.h>
25744 #include <net/inet_hashtables.h>
25745 @@ -82,7 +83,6 @@ struct sock *__inet6_lookup_established(
25746 unsigned int slot = hash & hashinfo->ehash_mask;
25747 struct inet_ehash_bucket *head = &hashinfo->ehash[slot];
25752 sk_nulls_for_each_rcu(sk, node, &head->chain) {
25753 @@ -94,7 +94,7 @@ begin:
25761 if (get_nulls_value(node) != slot)
25762 @@ -140,6 +140,9 @@ static inline int compute_score(struct s
25763 if (!ipv6_addr_equal(&np->rcv_saddr, daddr))
25767 + if (!v6_addr_in_nx_info(sk->sk_nx_info, daddr, -1))
25770 if (sk->sk_bound_dev_if) {
25771 if (sk->sk_bound_dev_if != dif)
25772 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/ip6_output.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/ip6_output.c
25773 --- linux-3.0-rc5/net/ipv6/ip6_output.c 2011-07-01 11:14:26.000000000 +0200
25774 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/ip6_output.c 2011-06-16 14:16:51.000000000 +0200
25775 @@ -933,7 +933,8 @@ static int ip6_dst_lookup_tail(struct so
25776 struct rt6_info *rt = (struct rt6_info *) *dst;
25777 err = ip6_route_get_saddr(net, rt, &fl6->daddr,
25778 sk ? inet6_sk(sk)->srcprefs : 0,
25781 + sk ? sk->sk_nx_info : NULL);
25783 goto out_err_release;
25785 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/ndisc.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/ndisc.c
25786 --- linux-3.0-rc5/net/ipv6/ndisc.c 2011-07-01 11:14:26.000000000 +0200
25787 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/ndisc.c 2011-06-10 22:11:24.000000000 +0200
25788 @@ -597,7 +597,7 @@ static void ndisc_send_na(struct net_dev
25790 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
25791 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
25795 src_addr = &tmpaddr;
25797 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/raw.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/raw.c
25798 --- linux-3.0-rc5/net/ipv6/raw.c 2011-07-01 11:14:26.000000000 +0200
25799 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/raw.c 2011-06-10 22:11:24.000000000 +0200
25801 #include <linux/icmpv6.h>
25802 #include <linux/netfilter.h>
25803 #include <linux/netfilter_ipv6.h>
25804 +#include <linux/vs_inet6.h>
25805 #include <linux/skbuff.h>
25806 #include <linux/compat.h>
25807 #include <asm/uaccess.h>
25808 @@ -284,6 +285,13 @@ static int rawv6_bind(struct sock *sk, s
25812 + if (!v6_addr_in_nx_info(sk->sk_nx_info, &addr->sin6_addr, -1)) {
25813 + err = -EADDRNOTAVAIL;
25819 /* ipv4 addr of the socket is invalid. Only the
25820 * unspecified and mapped address have a v4 equivalent.
25822 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/route.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/route.c
25823 --- linux-3.0-rc5/net/ipv6/route.c 2011-07-01 11:14:26.000000000 +0200
25824 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/route.c 2011-06-16 14:16:51.000000000 +0200
25826 #include <net/xfrm.h>
25827 #include <net/netevent.h>
25828 #include <net/netlink.h>
25829 +#include <linux/vs_inet6.h>
25831 #include <asm/uaccess.h>
25833 @@ -2057,15 +2058,17 @@ int ip6_route_get_saddr(struct net *net,
25834 struct rt6_info *rt,
25835 const struct in6_addr *daddr,
25836 unsigned int prefs,
25837 - struct in6_addr *saddr)
25838 + struct in6_addr *saddr,
25839 + struct nx_info *nxi)
25841 struct inet6_dev *idev = ip6_dst_idev((struct dst_entry*)rt);
25843 - if (rt->rt6i_prefsrc.plen)
25844 + if (rt->rt6i_prefsrc.plen && (!nxi ||
25845 + v6_addr_in_nx_info(nxi, &rt->rt6i_prefsrc.addr, NXA_TYPE_ADDR)))
25846 ipv6_addr_copy(saddr, &rt->rt6i_prefsrc.addr);
25848 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
25849 - daddr, prefs, saddr);
25850 + daddr, prefs, saddr, nxi);
25854 @@ -2394,7 +2397,8 @@ static int rt6_fill_node(struct net *net
25855 NLA_PUT_U32(skb, RTA_IIF, iif);
25857 struct in6_addr saddr_buf;
25858 - if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0)
25859 + if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf,
25860 + (skb->sk ? skb->sk->sk_nx_info : NULL)) == 0)
25861 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
25864 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/tcp_ipv6.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/tcp_ipv6.c
25865 --- linux-3.0-rc5/net/ipv6/tcp_ipv6.c 2011-07-01 11:14:26.000000000 +0200
25866 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/tcp_ipv6.c 2011-06-22 12:39:16.000000000 +0200
25869 #include <linux/crypto.h>
25870 #include <linux/scatterlist.h>
25871 +#include <linux/vs_inet6.h>
25873 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
25874 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
25875 @@ -161,8 +162,15 @@ static int tcp_v6_connect(struct sock *s
25876 * connect() to INADDR_ANY means loopback (BSD'ism).
25879 - if(ipv6_addr_any(&usin->sin6_addr))
25880 - usin->sin6_addr.s6_addr[15] = 0x1;
25881 + if(ipv6_addr_any(&usin->sin6_addr)) {
25882 + struct nx_info *nxi = sk->sk_nx_info;
25884 + if (nxi && nx_info_has_v6(nxi))
25885 + /* FIXME: remap lback? */
25886 + usin->sin6_addr = nxi->v6.ip;
25888 + usin->sin6_addr.s6_addr[15] = 0x1;
25891 addr_type = ipv6_addr_type(&usin->sin6_addr);
25893 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/udp.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/udp.c
25894 --- linux-3.0-rc5/net/ipv6/udp.c 2011-07-01 11:14:26.000000000 +0200
25895 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/udp.c 2011-06-10 22:11:24.000000000 +0200
25896 @@ -45,41 +45,67 @@
25897 #include <net/tcp_states.h>
25898 #include <net/ip6_checksum.h>
25899 #include <net/xfrm.h>
25900 +#include <linux/vs_inet6.h>
25902 #include <linux/proc_fs.h>
25903 #include <linux/seq_file.h>
25904 #include "udp_impl.h"
25906 -int ipv6_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2)
25907 +int ipv6_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
25909 - const struct in6_addr *sk_rcv_saddr6 = &inet6_sk(sk)->rcv_saddr;
25910 + const struct in6_addr *sk1_rcv_saddr6 = &inet6_sk(sk1)->rcv_saddr;
25911 const struct in6_addr *sk2_rcv_saddr6 = inet6_rcv_saddr(sk2);
25912 - __be32 sk1_rcv_saddr = sk_rcv_saddr(sk);
25913 + __be32 sk1_rcv_saddr = sk_rcv_saddr(sk1);
25914 __be32 sk2_rcv_saddr = sk_rcv_saddr(sk2);
25915 - int sk_ipv6only = ipv6_only_sock(sk);
25916 + int sk1_ipv6only = ipv6_only_sock(sk1);
25917 int sk2_ipv6only = inet_v6_ipv6only(sk2);
25918 - int addr_type = ipv6_addr_type(sk_rcv_saddr6);
25919 + int addr_type = ipv6_addr_type(sk1_rcv_saddr6);
25920 int addr_type2 = sk2_rcv_saddr6 ? ipv6_addr_type(sk2_rcv_saddr6) : IPV6_ADDR_MAPPED;
25922 /* if both are mapped, treat as IPv4 */
25923 - if (addr_type == IPV6_ADDR_MAPPED && addr_type2 == IPV6_ADDR_MAPPED)
25924 - return (!sk2_ipv6only &&
25925 + if (addr_type == IPV6_ADDR_MAPPED && addr_type2 == IPV6_ADDR_MAPPED) {
25926 + if (!sk2_ipv6only &&
25927 (!sk1_rcv_saddr || !sk2_rcv_saddr ||
25928 - sk1_rcv_saddr == sk2_rcv_saddr));
25929 + sk1_rcv_saddr == sk2_rcv_saddr))
25935 if (addr_type2 == IPV6_ADDR_ANY &&
25936 !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED))
25940 if (addr_type == IPV6_ADDR_ANY &&
25941 - !(sk_ipv6only && addr_type2 == IPV6_ADDR_MAPPED))
25943 + !(sk1_ipv6only && addr_type2 == IPV6_ADDR_MAPPED))
25946 if (sk2_rcv_saddr6 &&
25947 - ipv6_addr_equal(sk_rcv_saddr6, sk2_rcv_saddr6))
25949 + ipv6_addr_equal(sk1_rcv_saddr6, sk2_rcv_saddr6))
25955 + if (!sk1_rcv_saddr && !sk2_rcv_saddr)
25956 + return nx_v4_addr_conflict(sk1->sk_nx_info, sk2->sk_nx_info);
25957 + if (!sk2_rcv_saddr)
25958 + return v4_addr_in_nx_info(sk1->sk_nx_info, sk2_rcv_saddr, -1);
25959 + if (!sk1_rcv_saddr)
25960 + return v4_addr_in_nx_info(sk2->sk_nx_info, sk1_rcv_saddr, -1);
25963 + if (addr_type2 == IPV6_ADDR_ANY && addr_type == IPV6_ADDR_ANY)
25964 + return nx_v6_addr_conflict(sk1->sk_nx_info, sk2->sk_nx_info);
25965 + else if (addr_type2 == IPV6_ADDR_ANY)
25966 + return v6_addr_in_nx_info(sk2->sk_nx_info, sk1_rcv_saddr6, -1);
25967 + else if (addr_type == IPV6_ADDR_ANY) {
25968 + if (addr_type2 == IPV6_ADDR_MAPPED)
25969 + return nx_v4_addr_conflict(sk1->sk_nx_info, sk2->sk_nx_info);
25971 + return v6_addr_in_nx_info(sk1->sk_nx_info, sk2_rcv_saddr6, -1);
25976 static unsigned int udp6_portaddr_hash(struct net *net,
25977 @@ -143,6 +169,10 @@ static inline int compute_score(struct s
25978 if (!ipv6_addr_equal(&np->rcv_saddr, daddr))
25982 + /* block non nx_info ips */
25983 + if (!v6_addr_in_nx_info(sk->sk_nx_info, daddr, -1))
25986 if (!ipv6_addr_any(&np->daddr)) {
25987 if (!ipv6_addr_equal(&np->daddr, saddr))
25988 diff -NurpP --minimal linux-3.0-rc5/net/ipv6/xfrm6_policy.c linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/xfrm6_policy.c
25989 --- linux-3.0-rc5/net/ipv6/xfrm6_policy.c 2011-07-01 11:14:26.000000000 +0200
25990 +++ linux-3.0-rc5-vs2.3.1-pre3/net/ipv6/xfrm6_policy.c 2011-06-10 22:11:24.000000000 +0200
25991 @@ -63,7 +63,7 @@ static int xfrm6_get_saddr(struct net *n
25992 dev = ip6_dst_idev(dst)->dev;
25993 ipv6_dev_get_saddr(dev_net(dev), dev,
25994 (struct in6_addr *)&daddr->a6, 0,
25995 - (struct in6_addr *)&saddr->a6);
25996 + (struct in6_addr *)&saddr->a6, NULL);
26000 diff -NurpP --minimal linux-3.0-rc5/netfilter/ipvs/ip_vs_xmit.c linux-3.0-rc5-vs2.3.1-pre3/net/netfilter/ipvs/ip_vs_xmit.c
26001 --- linux-3.0-rc5/net/netfilter/ipvs/ip_vs_xmit.c
26002 +++ linux-3.0-rc5-vs2.3.1-pre3/net/netfilter/ipvs/ip_vs_xmit.c
26003 @@ -213,7 +213,7 @@ __ip_vs_route_output_v6(struct net *net,
26005 if (ipv6_addr_any(&fl6.saddr) &&
26006 ipv6_dev_get_saddr(net, ip6_dst_idev(dst)->dev,
26007 - &fl6.daddr, 0, &fl6.saddr) < 0)
26008 + &fl6.daddr, 0, &fl6.saddr, NULL) < 0)
26011 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
26012 diff -NurpP --minimal linux-3.0-rc5/net/netlink/af_netlink.c linux-3.0-rc5-vs2.3.1-pre3/net/netlink/af_netlink.c
26013 --- linux-3.0-rc5/net/netlink/af_netlink.c 2011-07-01 11:14:27.000000000 +0200
26014 +++ linux-3.0-rc5-vs2.3.1-pre3/net/netlink/af_netlink.c 2011-06-10 22:11:24.000000000 +0200
26016 #include <linux/types.h>
26017 #include <linux/audit.h>
26018 #include <linux/mutex.h>
26019 +#include <linux/vs_context.h>
26020 +#include <linux/vs_network.h>
26021 +#include <linux/vs_limit.h>
26023 #include <net/net_namespace.h>
26024 #include <net/sock.h>
26025 @@ -1907,6 +1910,8 @@ static struct sock *netlink_seq_socket_i
26026 sk_for_each(s, node, &hash->table[j]) {
26027 if (sock_net(s) != seq_file_net(seq))
26029 + if (!nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT))
26033 iter->hash_idx = j;
26034 @@ -1941,7 +1946,8 @@ static void *netlink_seq_next(struct seq
26038 - } while (s && sock_net(s) != seq_file_net(seq));
26039 + } while (s && (sock_net(s) != seq_file_net(seq) ||
26040 + !nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT)));
26044 @@ -1953,7 +1959,8 @@ static void *netlink_seq_next(struct seq
26046 for (; j <= hash->mask; j++) {
26047 s = sk_head(&hash->table[j]);
26048 - while (s && sock_net(s) != seq_file_net(seq))
26049 + while (s && (sock_net(s) != seq_file_net(seq) ||
26050 + !nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT)))
26054 diff -NurpP --minimal linux-3.0-rc5/net/socket.c linux-3.0-rc5-vs2.3.1-pre3/net/socket.c
26055 --- linux-3.0-rc5/net/socket.c 2011-07-01 11:14:27.000000000 +0200
26056 +++ linux-3.0-rc5-vs2.3.1-pre3/net/socket.c 2011-06-16 14:16:51.000000000 +0200
26059 #include <net/sock.h>
26060 #include <linux/netfilter.h>
26061 +#include <linux/vs_base.h>
26062 +#include <linux/vs_socket.h>
26063 +#include <linux/vs_inet.h>
26064 +#include <linux/vs_inet6.h>
26066 #include <linux/if_tun.h>
26067 #include <linux/ipv6_route.h>
26068 @@ -546,6 +550,7 @@ static inline int __sock_sendmsg_nosec(s
26069 struct msghdr *msg, size_t size)
26071 struct sock_iocb *si = kiocb_to_siocb(iocb);
26074 sock_update_classid(sock->sk);
26076 @@ -554,7 +559,22 @@ static inline int __sock_sendmsg_nosec(s
26080 - return sock->ops->sendmsg(iocb, sock, msg, size);
26081 + len = sock->ops->sendmsg(iocb, sock, msg, size);
26084 + vx_sock_send(sock->sk, size);
26086 + vx_sock_fail(sock->sk, size);
26088 + vxdprintk(VXD_CBIT(net, 7),
26089 + "__sock_sendmsg: %p[%p,%p,%p;%d/%d]:%d/%d",
26091 + (sock->sk)?sock->sk->sk_nx_info:0,
26092 + (sock->sk)?sock->sk->sk_vx_info:0,
26093 + (sock->sk)?sock->sk->sk_xid:0,
26094 + (sock->sk)?sock->sk->sk_nid:0,
26095 + (unsigned int)size, len);
26099 static inline int __sock_sendmsg(struct kiocb *iocb, struct socket *sock,
26100 @@ -694,6 +714,7 @@ static inline int __sock_recvmsg_nosec(s
26101 struct msghdr *msg, size_t size, int flags)
26103 struct sock_iocb *si = kiocb_to_siocb(iocb);
26106 sock_update_classid(sock->sk);
26108 @@ -703,7 +724,18 @@ static inline int __sock_recvmsg_nosec(s
26112 - return sock->ops->recvmsg(iocb, sock, msg, size, flags);
26113 + len = sock->ops->recvmsg(iocb, sock, msg, size, flags);
26114 + if ((len >= 0) && sock->sk)
26115 + vx_sock_recv(sock->sk, len);
26116 + vxdprintk(VXD_CBIT(net, 7),
26117 + "__sock_recvmsg: %p[%p,%p,%p;%d/%d]:%d/%d",
26119 + (sock->sk)?sock->sk->sk_nx_info:0,
26120 + (sock->sk)?sock->sk->sk_vx_info:0,
26121 + (sock->sk)?sock->sk->sk_xid:0,
26122 + (sock->sk)?sock->sk->sk_nid:0,
26123 + (unsigned int)size, len);
26127 static inline int __sock_recvmsg(struct kiocb *iocb, struct socket *sock,
26128 @@ -1188,6 +1220,13 @@ int __sock_create(struct net *net, int f
26129 if (type < 0 || type >= SOCK_MAX)
26132 + if (!nx_check(0, VS_ADMIN)) {
26133 + if (family == PF_INET && !current_nx_info_has_v4())
26134 + return -EAFNOSUPPORT;
26135 + if (family == PF_INET6 && !current_nx_info_has_v6())
26136 + return -EAFNOSUPPORT;
26141 This uglymoron is moved from INET layer to here to avoid
26142 @@ -1323,6 +1362,7 @@ SYSCALL_DEFINE3(socket, int, family, int
26146 + set_bit(SOCK_USER_SOCKET, &sock->flags);
26147 retval = sock_map_fd(sock, flags & (O_CLOEXEC | O_NONBLOCK));
26150 @@ -1364,10 +1404,12 @@ SYSCALL_DEFINE4(socketpair, int, family,
26151 err = sock_create(family, type, protocol, &sock1);
26154 + set_bit(SOCK_USER_SOCKET, &sock1->flags);
26156 err = sock_create(family, type, protocol, &sock2);
26158 goto out_release_1;
26159 + set_bit(SOCK_USER_SOCKET, &sock2->flags);
26161 err = sock1->ops->socketpair(sock1, sock2);
26163 diff -NurpP --minimal linux-3.0-rc5/net/sunrpc/auth.c linux-3.0-rc5-vs2.3.1-pre3/net/sunrpc/auth.c
26164 --- linux-3.0-rc5/net/sunrpc/auth.c 2011-07-01 11:14:27.000000000 +0200
26165 +++ linux-3.0-rc5-vs2.3.1-pre3/net/sunrpc/auth.c 2011-06-10 22:11:24.000000000 +0200
26167 #include <linux/hash.h>
26168 #include <linux/sunrpc/clnt.h>
26169 #include <linux/spinlock.h>
26170 +#include <linux/vs_tag.h>
26173 # define RPCDBG_FACILITY RPCDBG_AUTH
26174 @@ -427,6 +428,7 @@ rpcauth_lookupcred(struct rpc_auth *auth
26175 memset(&acred, 0, sizeof(acred));
26176 acred.uid = cred->fsuid;
26177 acred.gid = cred->fsgid;
26178 + acred.tag = dx_current_tag();
26179 acred.group_info = get_group_info(((struct cred *)cred)->group_info);
26181 ret = auth->au_ops->lookup_cred(auth, &acred, flags);
26182 @@ -467,6 +469,7 @@ rpcauth_bind_root_cred(struct rpc_task *
26183 struct auth_cred acred = {
26186 + .tag = dx_current_tag(),
26189 dprintk("RPC: %5u looking up %s cred\n",
26190 diff -NurpP --minimal linux-3.0-rc5/net/sunrpc/auth_unix.c linux-3.0-rc5-vs2.3.1-pre3/net/sunrpc/auth_unix.c
26191 --- linux-3.0-rc5/net/sunrpc/auth_unix.c 2010-10-21 13:08:01.000000000 +0200
26192 +++ linux-3.0-rc5-vs2.3.1-pre3/net/sunrpc/auth_unix.c 2011-06-10 22:11:24.000000000 +0200
26193 @@ -12,12 +12,14 @@
26194 #include <linux/module.h>
26195 #include <linux/sunrpc/clnt.h>
26196 #include <linux/sunrpc/auth.h>
26197 +#include <linux/vs_tag.h>
26199 #define NFS_NGROUPS 16
26202 struct rpc_cred uc_base;
26205 gid_t uc_gids[NFS_NGROUPS];
26207 #define uc_uid uc_base.cr_uid
26208 @@ -78,6 +80,7 @@ unx_create_cred(struct rpc_auth *auth, s
26209 groups = NFS_NGROUPS;
26211 cred->uc_gid = acred->gid;
26212 + cred->uc_tag = acred->tag;
26213 for (i = 0; i < groups; i++)
26214 cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
26215 if (i < NFS_NGROUPS)
26216 @@ -119,7 +122,9 @@ unx_match(struct auth_cred *acred, struc
26220 - if (cred->uc_uid != acred->uid || cred->uc_gid != acred->gid)
26221 + if (cred->uc_uid != acred->uid ||
26222 + cred->uc_gid != acred->gid ||
26223 + cred->uc_tag != acred->tag)
26226 if (acred->group_info != NULL)
26227 @@ -142,7 +147,7 @@ unx_marshal(struct rpc_task *task, __be3
26228 struct rpc_clnt *clnt = task->tk_client;
26229 struct unx_cred *cred = container_of(task->tk_rqstp->rq_cred, struct unx_cred, uc_base);
26230 __be32 *base, *hold;
26234 *p++ = htonl(RPC_AUTH_UNIX);
26236 @@ -152,9 +157,12 @@ unx_marshal(struct rpc_task *task, __be3
26237 * Copy the UTS nodename captured when the client was created.
26239 p = xdr_encode_array(p, clnt->cl_nodename, clnt->cl_nodelen);
26240 + tag = task->tk_client->cl_tag;
26242 - *p++ = htonl((u32) cred->uc_uid);
26243 - *p++ = htonl((u32) cred->uc_gid);
26244 + *p++ = htonl((u32) TAGINO_UID(tag,
26245 + cred->uc_uid, cred->uc_tag));
26246 + *p++ = htonl((u32) TAGINO_GID(tag,
26247 + cred->uc_gid, cred->uc_tag));
26249 for (i = 0; i < 16 && cred->uc_gids[i] != (gid_t) NOGROUP; i++)
26250 *p++ = htonl((u32) cred->uc_gids[i]);
26251 diff -NurpP --minimal linux-3.0-rc5/net/sunrpc/clnt.c linux-3.0-rc5-vs2.3.1-pre3/net/sunrpc/clnt.c
26252 --- linux-3.0-rc5/net/sunrpc/clnt.c 2011-07-01 11:14:27.000000000 +0200
26253 +++ linux-3.0-rc5-vs2.3.1-pre3/net/sunrpc/clnt.c 2011-07-01 11:35:35.000000000 +0200
26255 #include <linux/in.h>
26256 #include <linux/in6.h>
26257 #include <linux/un.h>
26258 +#include <linux/vs_cvirt.h>
26260 #include <linux/sunrpc/clnt.h>
26261 #include <linux/sunrpc/rpc_pipe_fs.h>
26262 @@ -362,6 +363,9 @@ struct rpc_clnt *rpc_create(struct rpc_c
26263 if (!(args->flags & RPC_CLNT_CREATE_QUIET))
26264 clnt->cl_chatty = 1;
26266 + /* TODO: handle RPC_CLNT_CREATE_TAGGED
26267 + if (args->flags & RPC_CLNT_CREATE_TAGGED)
26268 + clnt->cl_tag = 1; */
26271 EXPORT_SYMBOL_GPL(rpc_create);
26272 diff -NurpP --minimal linux-3.0-rc5/net/unix/af_unix.c linux-3.0-rc5-vs2.3.1-pre3/net/unix/af_unix.c
26273 --- linux-3.0-rc5/net/unix/af_unix.c 2011-07-01 11:14:27.000000000 +0200
26274 +++ linux-3.0-rc5-vs2.3.1-pre3/net/unix/af_unix.c 2011-06-10 22:11:24.000000000 +0200
26275 @@ -114,6 +114,8 @@
26276 #include <linux/mount.h>
26277 #include <net/checksum.h>
26278 #include <linux/security.h>
26279 +#include <linux/vs_context.h>
26280 +#include <linux/vs_limit.h>
26282 static struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1];
26283 static DEFINE_SPINLOCK(unix_table_lock);
26284 @@ -258,6 +260,8 @@ static struct sock *__unix_find_socket_b
26285 if (!net_eq(sock_net(s), net))
26288 + if (!nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT))
26290 if (u->addr->len == len &&
26291 !memcmp(u->addr->name, sunname, len))
26293 @@ -2208,6 +2212,8 @@ static struct sock *unix_seq_idx(struct
26294 for (s = first_unix_socket(&iter->i); s; s = next_unix_socket(&iter->i, s)) {
26295 if (sock_net(s) != seq_file_net(seq))
26297 + if (!nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT))
26302 @@ -2232,7 +2238,8 @@ static void *unix_seq_next(struct seq_fi
26303 sk = first_unix_socket(&iter->i);
26305 sk = next_unix_socket(&iter->i, sk);
26306 - while (sk && (sock_net(sk) != seq_file_net(seq)))
26307 + while (sk && (sock_net(sk) != seq_file_net(seq) ||
26308 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)))
26309 sk = next_unix_socket(&iter->i, sk);
26312 diff -NurpP --minimal linux-3.0-rc5/scripts/checksyscalls.sh linux-3.0-rc5-vs2.3.1-pre3/scripts/checksyscalls.sh
26313 --- linux-3.0-rc5/scripts/checksyscalls.sh 2011-03-15 18:07:46.000000000 +0100
26314 +++ linux-3.0-rc5-vs2.3.1-pre3/scripts/checksyscalls.sh 2011-06-10 22:11:24.000000000 +0200
26315 @@ -193,7 +193,6 @@ cat << EOF
26316 #define __IGNORE_afs_syscall
26317 #define __IGNORE_getpmsg
26318 #define __IGNORE_putpmsg
26319 -#define __IGNORE_vserver
26323 diff -NurpP --minimal linux-3.0-rc5/security/commoncap.c linux-3.0-rc5-vs2.3.1-pre3/security/commoncap.c
26324 --- linux-3.0-rc5/security/commoncap.c 2011-07-01 11:14:27.000000000 +0200
26325 +++ linux-3.0-rc5-vs2.3.1-pre3/security/commoncap.c 2011-06-16 14:16:51.000000000 +0200
26326 @@ -62,6 +62,7 @@ int cap_netlink_recv(struct sk_buff *skb
26331 EXPORT_SYMBOL(cap_netlink_recv);
26334 @@ -83,14 +84,20 @@ EXPORT_SYMBOL(cap_netlink_recv);
26335 int cap_capable(struct task_struct *tsk, const struct cred *cred,
26336 struct user_namespace *targ_ns, int cap, int audit)
26338 + struct vx_info *vxi = tsk->vx_info;
26341 /* The creator of the user namespace has all caps. */
26342 if (targ_ns != &init_user_ns && targ_ns->creator == cred->user)
26345 /* Do we have the necessary capabilities? */
26346 - if (targ_ns == cred->user->user_ns)
26347 - return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM;
26348 + if (targ_ns == cred->user->user_ns) {
26349 + if (vx_info_flags(vxi, VXF_STATE_SETUP, 0) &&
26350 + cap_raised(cred->cap_effective, cap))
26352 + return vx_cap_raised(vxi, cred->cap_effective, cap) ? 0 : -EPERM;
26355 /* Have we tried all of the parent namespaces? */
26356 if (targ_ns == &init_user_ns)
26357 @@ -611,7 +618,7 @@ int cap_inode_setxattr(struct dentry *de
26359 if (!strncmp(name, XATTR_SECURITY_PREFIX,
26360 sizeof(XATTR_SECURITY_PREFIX) - 1) &&
26361 - !capable(CAP_SYS_ADMIN))
26362 + !vx_capable(CAP_SYS_ADMIN, VXC_FS_SECURITY))
26366 @@ -637,7 +644,7 @@ int cap_inode_removexattr(struct dentry
26368 if (!strncmp(name, XATTR_SECURITY_PREFIX,
26369 sizeof(XATTR_SECURITY_PREFIX) - 1) &&
26370 - !capable(CAP_SYS_ADMIN))
26371 + !vx_capable(CAP_SYS_ADMIN, VXC_FS_SECURITY))
26375 @@ -971,3 +978,4 @@ int cap_file_mmap(struct file *file, uns
26380 diff -NurpP --minimal linux-3.0-rc5/security/selinux/hooks.c linux-3.0-rc5-vs2.3.1-pre3/security/selinux/hooks.c
26381 --- linux-3.0-rc5/security/selinux/hooks.c 2011-07-01 11:14:28.000000000 +0200
26382 +++ linux-3.0-rc5-vs2.3.1-pre3/security/selinux/hooks.c 2011-06-15 02:40:14.000000000 +0200
26384 #include <linux/dccp.h>
26385 #include <linux/quota.h>
26386 #include <linux/un.h> /* for Unix socket types */
26387 -#include <net/af_unix.h> /* for Unix socket types */
26388 #include <linux/parser.h>
26389 #include <linux/nfs_mount.h>
26390 #include <net/ipv6.h>