1 Missing header for routes patch, caused vs2.3 route.h mixing
2 --- a/net/ipv4/netfilter/nf_nat_core.c~ 2008-01-24 23:58:37.000000000 +0100
3 +++ a/net/ipv4/netfilter/nf_nat_core.c 2008-03-30 21:00:19.349593833 +0200
5 #include <net/checksum.h>
8 +#include <net/route.h>
9 #include <net/tcp.h> /* For tcp_prot in getorigdst */
10 #include <linux/icmp.h>
11 #include <linux/udp.h>
12 --- linux-2.6.33/arch/x86/kernel/process.c~ 2010-02-24 19:52:17.000000000 +0100
13 +++ linux-2.6.33/arch/x86/kernel/process.c 2010-02-25 23:44:56.487156216 +0100
17 printk(KERN_CONT "\n");
18 - printk(KERN_DEFAULT "Pid: %d, comm: %.20s %s %s %.*s %s/%s\n",
19 - current->pid, current->comm, print_tainted(),
20 + printk(KERN_DEFAULT "Pid: %d, xid: #%u, comm: %.20s %s %s %.*s %s/%s\n",
21 + task_pid_nr(current), current->xid, current->comm, print_tainted(),
22 init_utsname()->release,
23 (int)strcspn(init_utsname()->version, " "),
24 init_utsname()->version, board, product);
25 --- linux-2.6.31/arch/x86/kernel/dumpstack.c~ 2009-09-16 08:32:02.000000000 +0200
26 +++ linux-2.6.31/arch/x86/kernel/dumpstack.c 2009-09-17 21:58:13.778791960 +0200
31 - printk("Pid: %d, comm: %.20s %s %s %.*s\n",
32 - current->pid, current->comm, print_tainted(),
33 + printk("Pid: %d, comm: %.20s xid: #%u %s %s %.*s\n",
34 + current->pid, current->comm, current->xid, print_tainted(),
35 init_utsname()->release,
36 (int)strcspn(init_utsname()->version, " "),
37 init_utsname()->version);
40 --- linux-2.6.35.4/security/commoncap.c 2010-08-02 16:53:03.000000000 +0200
41 +++ linux-2.6.35.4-vs2.3.0.36.32/security/commoncap.c 2010-08-02 17:05:06.000000000 +0200
42 @@ -951,4 +969,3 @@ int cap_file_mmap(struct file *file, uns
47 diff -NurpP linux-2.6.36-vs2.3.0.36.38/include/linux/cred.h linux-2.6.36-vs2.3.0.36.38.2/include/linux/cred.h
48 --- linux-2.6.36-vs2.3.0.36.38/include/linux/cred.h 2010-08-02 16:52:53.000000000 +0200
49 +++ linux-2.6.36-vs2.3.0.36.38.2/include/linux/cred.h 2010-12-01 17:26:52.000000000 +0100
50 @@ -208,6 +208,31 @@ static inline void validate_process_cred
54 +static inline void set_cred_subscribers(struct cred *cred, int n)
56 +#ifdef CONFIG_DEBUG_CREDENTIALS
57 + atomic_set(&cred->subscribers, n);
61 +static inline int read_cred_subscribers(const struct cred *cred)
63 +#ifdef CONFIG_DEBUG_CREDENTIALS
64 + return atomic_read(&cred->subscribers);
70 +static inline void alter_cred_subscribers(const struct cred *_cred, int n)
72 +#ifdef CONFIG_DEBUG_CREDENTIALS
73 + struct cred *cred = (struct cred *) _cred;
75 + atomic_add(n, &cred->subscribers);
80 * get_new_cred - Get a reference on a new set of credentials
81 * @cred: The new credentials to reference
82 diff -NurpP linux-2.6.36-vs2.3.0.36.38/include/linux/vserver/context.h linux-2.6.36-vs2.3.0.36.38.2/include/linux/vserver/context.h
83 --- linux-2.6.36-vs2.3.0.36.38/include/linux/vserver/context.h 2010-10-21 13:09:36.000000000 +0200
84 +++ linux-2.6.36-vs2.3.0.36.38.2/include/linux/vserver/context.h 2010-12-01 17:36:51.000000000 +0100
85 @@ -110,6 +110,8 @@ struct vx_info {
86 unsigned long vx_nsmask[VX_SPACES]; /* assignment mask */
87 struct nsproxy *vx_nsproxy[VX_SPACES]; /* private namespaces */
88 struct fs_struct *vx_fs[VX_SPACES]; /* private namespace fs */
89 + const struct cred *vx_real_cred; /* real task credentials */
90 + const struct cred *vx_cred; /* task credentials */
92 uint64_t vx_flags; /* context flags */
93 uint64_t vx_ccaps; /* context caps (vserver) */
94 diff -NurpP linux-2.6.36-vs2.3.0.36.38/kernel/cred.c linux-2.6.36-vs2.3.0.36.38.2/kernel/cred.c
95 --- linux-2.6.36-vs2.3.0.36.38/kernel/cred.c 2010-10-21 13:07:56.000000000 +0200
96 +++ linux-2.6.36-vs2.3.0.36.38.2/kernel/cred.c 2010-12-01 17:25:55.000000000 +0100
97 @@ -60,31 +60,6 @@ struct cred init_cred = {
101 -static inline void set_cred_subscribers(struct cred *cred, int n)
103 -#ifdef CONFIG_DEBUG_CREDENTIALS
104 - atomic_set(&cred->subscribers, n);
108 -static inline int read_cred_subscribers(const struct cred *cred)
110 -#ifdef CONFIG_DEBUG_CREDENTIALS
111 - return atomic_read(&cred->subscribers);
117 -static inline void alter_cred_subscribers(const struct cred *_cred, int n)
119 -#ifdef CONFIG_DEBUG_CREDENTIALS
120 - struct cred *cred = (struct cred *) _cred;
122 - atomic_add(n, &cred->subscribers);
127 * Dispose of the shared task group credentials
129 diff -NurpP linux-2.6.36-vs2.3.0.36.38/kernel/vserver/context.c linux-2.6.36-vs2.3.0.36.38.2/kernel/vserver/context.c
130 --- linux-2.6.36-vs2.3.0.36.38/kernel/vserver/context.c 2010-10-21 14:39:59.000000000 +0200
131 +++ linux-2.6.36-vs2.3.0.36.38.2/kernel/vserver/context.c 2010-12-01 20:34:45.000000000 +0100
134 * Virtual Server: Context Support
136 - * Copyright (C) 2003-2007 Herbert Pötzl
137 + * Copyright (C) 2003-2010 Herbert Pötzl
139 * V0.01 context helper
140 * V0.02 vx_ctx_kill syscall command
142 * V0.15 added context stat
143 * V0.16 have __create claim() the vxi
144 * V0.17 removed older and legacy stuff
145 + * V0.18 added user credentials
150 #include <linux/vserver/space.h>
151 #include <linux/init_task.h>
152 #include <linux/fs_struct.h>
153 +#include <linux/cred.h>
155 #include <linux/vs_context.h>
156 #include <linux/vs_limit.h>
157 @@ -127,6 +129,10 @@ static struct vx_info *__alloc_vx_info(x
158 new->vx_fs[index] = &init_fs;
161 + /* FIXME: we want defaults */
162 + new->vx_real_cred = 0;
165 vxdprintk(VXD_CBIT(xid, 0),
166 "alloc_vx_info(%d) = %p", xid, new);
167 vxh_alloc_vx_info(new);
168 @@ -183,6 +189,7 @@ static void __shutdown_vx_info(struct vx
170 struct nsproxy *nsproxy;
171 struct fs_struct *fs;
172 + const struct cred *cred;
176 @@ -202,6 +209,18 @@ static void __shutdown_vx_info(struct vx
181 + cred = xchg(&vxi->vx_real_cred, NULL);
183 + alter_cred_subscribers(cred, -1);
187 + cred = xchg(&vxi->vx_cred, NULL);
189 + alter_cred_subscribers(cred, -1);
195 diff -NurpP linux-2.6.36-vs2.3.0.36.38/kernel/vserver/space.c linux-2.6.36-vs2.3.0.36.38.2/kernel/vserver/space.c
196 --- linux-2.6.36-vs2.3.0.36.38/kernel/vserver/space.c 2010-10-21 14:41:06.000000000 +0200
197 +++ linux-2.6.36-vs2.3.0.36.38.2/kernel/vserver/space.c 2010-12-01 20:39:35.000000000 +0100
200 * Virtual Server: Context Space Support
202 - * Copyright (C) 2003-2007 Herbert Pötzl
203 + * Copyright (C) 2003-2010 Herbert Pötzl
205 * V0.01 broken out from context.c 0.07
206 * V0.02 added task locking for namespace
207 * V0.03 broken out vx_enter_namespace
208 * V0.04 added *space support and commands
209 + * V0.05 added credential support
214 #include <linux/nsproxy.h>
215 #include <linux/err.h>
216 #include <linux/fs_struct.h>
217 +#include <linux/cred.h>
218 #include <asm/uaccess.h>
220 #include <linux/vs_context.h>
221 @@ -238,6 +240,19 @@ int vx_enter_space(struct vx_info *vxi,
224 proxy_new = xchg(¤t->nsproxy, proxy_new);
226 + if (mask & CLONE_NEWUSER) {
227 + vxdprintk(VXD_CBIT(space, 10),
228 + "vx_enter_space(%p[#%u],%p,%p) cred (%p,%p)",
229 + vxi, vxi->vx_id, vxi->vx_real_cred, vxi->vx_cred,
230 + current->real_cred, current->cred);
231 + exit_creds(current);
232 + current->real_cred = get_cred(vxi->vx_real_cred);
233 + alter_cred_subscribers(current->real_cred, 1);
234 + current->cred = get_cred(vxi->vx_cred);
235 + alter_cred_subscribers(current->cred, 1);
241 @@ -297,6 +312,38 @@ int vx_set_space(struct vx_info *vxi, un
243 proxy_new = xchg(&vxi->vx_nsproxy[index], proxy_new);
244 vxi->vx_nsmask[index] |= mask;
246 + if (mask & CLONE_NEWUSER) {
247 + const struct cred *cred;
249 + vxdprintk(VXD_CBIT(space, 10),
250 + "vx_set_space(%p[#%u],%p,%p) cred (%p,%p)",
251 + vxi, vxi->vx_id, vxi->vx_real_cred, vxi->vx_cred,
252 + current->real_cred, current->cred);
254 + if (current->real_cred) {
255 + cred = get_cred(current->real_cred);
256 + alter_cred_subscribers(cred, 1);
259 + cred = xchg(&vxi->vx_real_cred, cred);
261 + alter_cred_subscribers(cred, -1);
265 + if (current->cred) {
266 + cred = get_cred(current->cred);
267 + alter_cred_subscribers(cred, 1);
270 + cred = xchg(&vxi->vx_cred, cred);
272 + alter_cred_subscribers(cred, -1);