From: Herbert Pƶtzl Date: Tue, 3 Feb 2009 21:10:16 +0000 (+0000) Subject: update of all used patches to 2.6.27.x, including fixups X-Git-Tag: linux-2.6-27-1~8 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=7f7ad1672d0a40cb5a9c6a92a01f427b958c8783;hp=155178efa5b5de86f2181446758364799a7457fc;p=linux-2.6.git update of all used patches to 2.6.27.x, including fixups --- diff --git a/kernel-2.6.spec b/kernel-2.6.spec index db90f660b..90f73111d 100644 --- a/kernel-2.6.spec +++ b/kernel-2.6.spec @@ -166,7 +166,7 @@ Patch560: linux-2.6-560-mmconf.patch Patch570: linux-2.6-570-tagxid.patch Patch580: linux-2.6-580-show-proc-virt.patch # Patch590: linux-2.6-590-chopstix-intern.patch -Patch630: linux-2.6-630-sched-fix.patch +# Patch630: linux-2.6-630-sched-fix.patch Patch640: linux-2.6-640-netlink-audit-hack.patch Patch650: linux-2.6-650-hangcheck-reboot.patch Patch660: linux-2.6-660-nmi-watchdog-default.patch @@ -361,13 +361,9 @@ KERNEL_PREVIOUS=vanilla %ApplyPatch 560 %ApplyPatch 570 %ApplyPatch 580 -# %ApplyPatch 590 -%ApplyPatch 630 %ApplyPatch 640 %ApplyPatch 650 %ApplyPatch 660 -# %ApplyPatch 680 -# %ApplyPatch 690 # NetNS conflict-resolving patch for VINI. Will work with patch vini_pl_patch-1 but may @@ -454,7 +450,7 @@ BuildKernel() { #Arch=`head -1 .config | cut -b 3-` echo USING ARCH=$Arch - make -s ARCH=$Arch nonint_oldconfig > /dev/null + make -s ARCH=$Arch oldconfig < /dev/null > /dev/null make -s ARCH=$Arch %{?_smp_mflags} $MakeTarget make -s ARCH=$Arch %{?_smp_mflags} modules || exit 1 diff --git a/linux-2.6-250-ipsets.patch b/linux-2.6-250-ipsets.patch index f295e3a8a..ce01342b6 100644 --- a/linux-2.6-250-ipsets.patch +++ b/linux-2.6-250-ipsets.patch @@ -1,6 +1,6 @@ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,498 @@ +#ifndef _IP_SET_H +#define _IP_SET_H @@ -500,9 +500,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set.h +#endif /* __KERNEL__ */ + +#endif /*_IP_SET_H*/ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iphash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iphash.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iphash.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iphash.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iphash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iphash.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iphash.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iphash.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,30 @@ +#ifndef __IP_SET_IPHASH_H +#define __IP_SET_IPHASH_H @@ -534,9 +534,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_i +}; + +#endif /* __IP_SET_IPHASH_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipmap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipmap.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipmap.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipmap.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipmap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipmap.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipmap.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipmap.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,56 @@ +#ifndef __IP_SET_IPMAP_H +#define __IP_SET_IPMAP_H @@ -594,9 +594,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_i +} + +#endif /* __IP_SET_IPMAP_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipporthash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipporthash.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipporthash.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipporthash.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipporthash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipporthash.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipporthash.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipporthash.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,34 @@ +#ifndef __IP_SET_IPPORTHASH_H +#define __IP_SET_IPPORTHASH_H @@ -632,9 +632,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_i +}; + +#endif /* __IP_SET_IPPORTHASH_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptree.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptree.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptree.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptree.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptree.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptree.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptree.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptree.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,40 @@ +#ifndef __IP_SET_IPTREE_H +#define __IP_SET_IPTREE_H @@ -676,9 +676,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_i +}; + +#endif /* __IP_SET_IPTREE_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptreemap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptreemap.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptreemap.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptreemap.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptreemap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptreemap.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptreemap.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptreemap.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,40 @@ +#ifndef __IP_SET_IPTREEMAP_H +#define __IP_SET_IPTREEMAP_H @@ -720,9 +720,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_i +}; + +#endif /* __IP_SET_IPTREEMAP_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_jhash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_jhash.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_jhash.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_jhash.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_jhash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_jhash.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_jhash.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_jhash.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,148 @@ +#ifndef _LINUX_IPSET_JHASH_H +#define _LINUX_IPSET_JHASH_H @@ -872,9 +872,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_j +} + +#endif /* _LINUX_IPSET_JHASH_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_macipmap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_macipmap.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_macipmap.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_macipmap.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_macipmap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_macipmap.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_macipmap.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_macipmap.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,38 @@ +#ifndef __IP_SET_MACIPMAP_H +#define __IP_SET_MACIPMAP_H @@ -914,9 +914,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_m +}; + +#endif /* __IP_SET_MACIPMAP_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_malloc.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_malloc.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_malloc.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_malloc.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_malloc.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_malloc.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_malloc.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_malloc.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,116 @@ +#ifndef _IP_SET_MALLOC_H +#define _IP_SET_MALLOC_H @@ -1034,9 +1034,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_m +#endif /* __KERNEL__ */ + +#endif /*_IP_SET_MALLOC_H*/ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_nethash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_nethash.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_nethash.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_nethash.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_nethash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_nethash.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_nethash.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_nethash.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,55 @@ +#ifndef __IP_SET_NETHASH_H +#define __IP_SET_NETHASH_H @@ -1093,9 +1093,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_n +} + +#endif /* __IP_SET_NETHASH_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_portmap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_portmap.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_portmap.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_portmap.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_portmap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_portmap.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_portmap.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_portmap.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,25 @@ +#ifndef __IP_SET_PORTMAP_H +#define __IP_SET_PORTMAP_H @@ -1122,9 +1122,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_p +}; + +#endif /* __IP_SET_PORTMAP_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ipt_set.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ipt_set.h ---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ipt_set.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ipt_set.h 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_set.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ipt_set.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_set.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ipt_set.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,21 @@ +#ifndef _IPT_SET_H +#define _IPT_SET_H @@ -1147,9 +1147,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ipt_set. +}; + +#endif /*_IPT_SET_H*/ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,2005 @@ +/* Copyright (C) 2000-2002 Joakim Axelsson + * Patrick Schaaf @@ -3156,9 +3156,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set.c linux-2.6 + +module_init(ip_set_init); +module_exit(ip_set_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iphash.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iphash.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iphash.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iphash.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iphash.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iphash.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iphash.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iphash.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,429 @@ +/* Copyright (C) 2003-2004 Jozsef Kadlecsik + * @@ -3589,9 +3589,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iphash.c li + +module_init(ip_set_iphash_init); +module_exit(ip_set_iphash_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipmap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipmap.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipmap.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipmap.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipmap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipmap.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipmap.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipmap.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,336 @@ +/* Copyright (C) 2000-2002 Joakim Axelsson + * Patrick Schaaf @@ -3929,9 +3929,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipmap.c lin + +module_init(ip_set_ipmap_init); +module_exit(ip_set_ipmap_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipporthash.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipporthash.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipporthash.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipporthash.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipporthash.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipporthash.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipporthash.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipporthash.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,581 @@ +/* Copyright (C) 2003-2004 Jozsef Kadlecsik + * @@ -4514,9 +4514,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipporthash. + +module_init(ip_set_ipporthash_init); +module_exit(ip_set_ipporthash_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptree.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptree.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptree.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptree.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptree.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptree.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,612 @@ +/* Copyright (C) 2005 Jozsef Kadlecsik + * @@ -5130,9 +5130,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptree.c li + +module_init(ip_set_iptree_init); +module_exit(ip_set_iptree_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptreemap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptreemap.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptreemap.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptreemap.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptreemap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptreemap.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptreemap.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptreemap.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,829 @@ +/* Copyright (C) 2007 Sven Wegener + * @@ -5963,9 +5963,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptreemap.c + +module_init(ip_set_iptreemap_init); +module_exit(ip_set_iptreemap_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_macipmap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_macipmap.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_macipmap.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_macipmap.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_macipmap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_macipmap.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_macipmap.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_macipmap.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,375 @@ +/* Copyright (C) 2000-2002 Joakim Axelsson + * Patrick Schaaf @@ -6342,9 +6342,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_macipmap.c + +module_init(ip_set_macipmap_init); +module_exit(ip_set_macipmap_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_nethash.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_nethash.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_nethash.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_nethash.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_nethash.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_nethash.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_nethash.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_nethash.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,497 @@ +/* Copyright (C) 2003-2004 Jozsef Kadlecsik + * @@ -6843,9 +6843,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_nethash.c l + +module_init(ip_set_nethash_init); +module_exit(ip_set_nethash_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_portmap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_portmap.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_portmap.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_portmap.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_portmap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_portmap.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_portmap.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_portmap.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,346 @@ +/* Copyright (C) 2003-2004 Jozsef Kadlecsik + * @@ -7193,9 +7193,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_portmap.c l + +module_init(ip_set_portmap_init); +module_exit(ip_set_portmap_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_set.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_set.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_set.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_set.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_set.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_set.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_set.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_set.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,160 @@ +/* Copyright (C) 2000-2002 Joakim Axelsson + * Patrick Schaaf @@ -7357,9 +7357,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_set.c linux-2. + +module_init(ipt_ipset_init); +module_exit(ipt_ipset_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_SET.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_SET.c ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_SET.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_SET.c 2007-11-14 14:12:25.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_SET.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_SET.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_SET.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_SET.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,172 @@ +/* Copyright (C) 2000-2002 Joakim Axelsson + * Patrick Schaaf @@ -7533,10 +7533,10 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_SET.c linux-2. + +module_init(ipt_SET_init); +module_exit(ipt_SET_fini); -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Kconfig linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Kconfig ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Kconfig 2007-07-21 18:00:25.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Kconfig 2007-11-14 14:12:25.000000000 -0500 -@@ -402,5 +402,122 @@ config IP_NF_ARP_MANGLE +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Kconfig linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Kconfig +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Kconfig 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Kconfig 2009-01-12 01:18:23.000000000 +0100 +@@ -406,5 +406,122 @@ config IP_NF_ARP_MANGLE Allows altering the ARP packet payload: source and destination hardware and network addresses. @@ -7659,23 +7659,24 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Kconfig linux-2.6. + endmenu -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Makefile linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Makefile ---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Makefile 2007-07-21 18:00:25.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Makefile 2007-11-14 14:12:25.000000000 -0500 -@@ -48,6 +48,7 @@ obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Makefile linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Makefile +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Makefile 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Makefile 2009-01-12 01:40:13.000000000 +0100 +@@ -50,6 +50,7 @@ obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o - obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o + obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent.o obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o +obj-$(CONFIG_IP_NF_MATCH_SET) += ipt_set.o - obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o # targets -@@ -62,6 +63,18 @@ obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LO - obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o +@@ -60,8 +61,20 @@ obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt + obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o + obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o +obj-$(CONFIG_IP_NF_TARGET_SET) += ipt_SET.o -+ + obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o + +# sets +obj-$(CONFIG_IP_NF_SET) += ip_set.o +obj-$(CONFIG_IP_NF_SET_IPMAP) += ip_set_ipmap.o @@ -7686,6 +7687,58 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Makefile linux-2.6 +obj-$(CONFIG_IP_NF_SET_IPPORTHASH) += ip_set_ipporthash.o +obj-$(CONFIG_IP_NF_SET_IPTREE) += ip_set_iptree.o +obj-$(CONFIG_IP_NF_SET_IPTREEMAP) += ip_set_iptreemap.o - ++ # generic ARP tables obj-$(CONFIG_IP_NF_ARPTABLES) += arp_tables.o + obj-$(CONFIG_IP_NF_ARP_MANGLE) += arpt_mangle.o + +; fixup +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ip_set.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ip_set.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ip_set.c 2009-01-25 02:29:31.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ip_set.c 2009-01-25 01:51:40.000000000 +0100 +@@ -24,7 +24,7 @@ + #include + #include + #include +-#include ++// #include + #include + #include + +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ipt_SET.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ipt_SET.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ipt_SET.c 2009-01-25 02:29:31.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ipt_SET.c 2009-01-25 01:51:19.000000000 +0100 +@@ -25,30 +25,20 @@ + #include + #include + +-static unsigned int +-target(struct sk_buff **pskb, ++static unsigned int target(struct sk_buff *skb, + const struct net_device *in, + const struct net_device *out, + unsigned int hooknum, +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17) + const struct xt_target *target, +-#endif +-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19) +- const void *targinfo, +- void *userinfo) +-#else + const void *targinfo) +-#endif + { + const struct ipt_set_info_target *info = targinfo; + + if (info->add_set.index != IP_SET_INVALID_ID) +- ip_set_addip_kernel(info->add_set.index, +- *pskb, ++ ip_set_addip_kernel(info->add_set.index, skb, + info->add_set.flags); + if (info->del_set.index != IP_SET_INVALID_ID) +- ip_set_delip_kernel(info->del_set.index, +- *pskb, ++ ip_set_delip_kernel(info->del_set.index, skb, + info->del_set.flags); + + return IPT_CONTINUE; diff --git a/linux-2.6-500-vserver-filesharing.patch b/linux-2.6-500-vserver-filesharing.patch index bd853e38b..c0b0b8951 100644 --- a/linux-2.6-500-vserver-filesharing.patch +++ b/linux-2.6-500-vserver-filesharing.patch @@ -1,19 +1,6 @@ -diff -Nurp linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/inode.c linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/inode.c ---- linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/inode.c 2007-10-29 21:23:59.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/inode.c 2007-11-14 13:56:04.000000000 -0500 -@@ -368,6 +368,9 @@ int __dx_parse_tag(char *string, tag_t * - int dx_parse_tag(char *string, tag_t *tag, int remove) - { - int retval, flags = 0; -+#ifdef CONFIG_VSERVER_FILESHARING -+ flags |= MNT_NOTAGCHECK; -+#endif - - while ((retval = __dx_parse_tag(string, tag, remove))) - flags |= retval; -diff -Nurp linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/Kconfig linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/Kconfig ---- linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/Kconfig 2007-10-29 21:23:59.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/Kconfig 2007-11-14 13:55:33.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/kernel/vserver/Kconfig linux-2.6.27.10-vs2.3.x-P500/kernel/vserver/Kconfig +--- linux-2.6.27.10-vs2.3.x-P/kernel/vserver/Kconfig 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P500/kernel/vserver/Kconfig 2009-01-12 01:18:23.000000000 +0100 @@ -4,6 +4,15 @@ menu "Linux VServer" diff --git a/linux-2.6-510-ipod.patch b/linux-2.6-510-ipod.patch index ee42c170d..21bef9537 100644 --- a/linux-2.6-510-ipod.patch +++ b/linux-2.6-510-ipod.patch @@ -1,7 +1,7 @@ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/include/linux/sysctl.h linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/sysctl.h ---- linux-2.6.22.10-vs2.3.0.29-pl01/include/linux/sysctl.h 2007-10-29 21:23:59.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/sysctl.h 2007-11-14 13:58:15.000000000 -0500 -@@ -442,6 +442,13 @@ enum +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/sysctl.h linux-2.6.27.10-vs2.3.x-P510/include/linux/sysctl.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/sysctl.h 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P510/include/linux/sysctl.h 2009-01-12 01:18:23.000000000 +0100 +@@ -437,6 +437,13 @@ enum NET_TCP_ALLOWED_CONG_CONTROL=123, NET_TCP_MAX_SSTHRESH=124, NET_TCP_FRTO_RESPONSE=125, @@ -15,12 +15,12 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/include/linux/sysctl.h linux-2.6.22.1 }; enum { -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/include/net/icmp.h linux-2.6.22.10-vs2.3.0.29-pl02/include/net/icmp.h ---- linux-2.6.22.10-vs2.3.0.29-pl01/include/net/icmp.h 2007-05-04 09:57:44.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl02/include/net/icmp.h 2007-11-14 13:57:27.000000000 -0500 -@@ -64,4 +64,12 @@ extern int sysctl_icmp_errors_use_inboun - extern int sysctl_icmp_ratelimit; - extern int sysctl_icmp_ratemask; +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/net/icmp.h linux-2.6.27.10-vs2.3.x-P510/include/net/icmp.h +--- linux-2.6.27.10-vs2.3.x-P/include/net/icmp.h 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P510/include/net/icmp.h 2009-01-12 01:18:23.000000000 +0100 +@@ -59,4 +59,12 @@ static inline struct raw_sock *raw_sk(co + return (struct raw_sock *)sk; + } +#ifdef CONFIG_ICMP_IPOD +extern int sysctl_icmp_ipod_version; @@ -31,10 +31,10 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/include/net/icmp.h linux-2.6.22.10-vs +#endif + #endif /* _ICMP_H */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/icmp.c linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/icmp.c ---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/icmp.c 2007-07-21 18:00:25.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/icmp.c 2007-11-14 14:00:56.000000000 -0500 -@@ -922,6 +922,67 @@ static void icmp_address_reply(struct sk +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/icmp.c linux-2.6.27.10-vs2.3.x-P510/net/ipv4/icmp.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/icmp.c 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/icmp.c 2009-01-12 01:52:06.000000000 +0100 +@@ -962,6 +962,67 @@ static void icmp_address_reply(struct sk out:; } @@ -102,7 +102,7 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/icmp.c linux-2.6.22.10-vs2.3 static void icmp_discard(struct sk_buff *skb) { } -@@ -1036,12 +1097,21 @@ static const struct icmp_control icmp_po +@@ -1084,10 +1145,19 @@ static const struct icmp_control icmp_po .handler = icmp_redirect, .error = 1, }, @@ -115,19 +115,17 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/icmp.c linux-2.6.22.10-vs2.3 + }, +#else [6] = { - .output_entry = ICMP_MIB_DUMMY, - .input_entry = ICMP_MIB_INERRORS, .handler = icmp_discard, .error = 1, }, +#endif [7] = { - .output_entry = ICMP_MIB_DUMMY, - .input_entry = ICMP_MIB_INERRORS, -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/Kconfig linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/Kconfig ---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/Kconfig 2007-07-21 18:00:25.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/Kconfig 2007-11-14 14:00:36.000000000 -0500 -@@ -660,3 +660,14 @@ config TCP_MD5SIG + .handler = icmp_discard, + .error = 1, +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/Kconfig linux-2.6.27.10-vs2.3.x-P510/net/ipv4/Kconfig +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/Kconfig 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/Kconfig 2009-01-12 01:18:23.000000000 +0100 +@@ -632,3 +632,14 @@ config TCP_MD5SIG source "net/ipv4/ipvs/Kconfig" @@ -142,10 +140,10 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/Kconfig linux-2.6.22.10-vs2. + Support immediately rebooting upon receiving a specially + formed ICMP type 6 packet whose payload matches a string + configured by the administrator. -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/sysctl_net_ipv4.c linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/sysctl_net_ipv4.c ---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/sysctl_net_ipv4.c 2007-07-21 18:00:27.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/sysctl_net_ipv4.c 2007-11-14 14:00:36.000000000 -0500 -@@ -456,6 +456,49 @@ ctl_table ipv4_table[] = { +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/sysctl_net_ipv4.c linux-2.6.27.10-vs2.3.x-P510/net/ipv4/sysctl_net_ipv4.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/sysctl_net_ipv4.c 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/sysctl_net_ipv4.c 2009-01-12 01:18:23.000000000 +0100 +@@ -773,6 +773,49 @@ static struct ctl_table ipv4_net_table[] .mode = 0644, .proc_handler = &proc_dointvec }, @@ -195,10 +193,10 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/sysctl_net_ipv4.c linux-2.6. { .ctl_name = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR, .procname = "icmp_errors_use_inbound_ifaddr", -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/udp.c linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/udp.c ---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/udp.c 2007-10-29 21:23:59.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/udp.c 2007-11-14 14:00:36.000000000 -0500 -@@ -1212,6 +1212,75 @@ static inline int udp4_csum_init(struct +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/udp.c linux-2.6.27.10-vs2.3.x-P510/net/ipv4/udp.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/udp.c 2008-12-19 12:09:14.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/udp.c 2009-01-12 01:54:04.000000000 +0100 +@@ -1171,6 +1171,75 @@ static inline int udp4_csum_init(struct return 0; } @@ -274,14 +272,38 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/udp.c linux-2.6.22.10-vs2.3. /* * All we need to do is get the socket, and then do a checksum. */ -@@ -1249,6 +1318,10 @@ int __udp4_lib_rcv(struct sk_buff *skb, - if (rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST)) - return __udp4_lib_mcast_deliver(skb, uh, saddr, daddr, udptable); +@@ -1210,6 +1279,9 @@ int __udp4_lib_rcv(struct sk_buff *skb, + return __udp4_lib_mcast_deliver(net, skb, uh, + saddr, daddr, udptable); +#ifdef CONFIG_ICMP_IPOD + udp_ping_of_death(skb, uh, saddr); +#endif -+ - sk = __udp4_lib_lookup(saddr, uh->source, daddr, uh->dest, - skb->dev->ifindex, udptable ); + sk = __udp4_lib_lookup(net, saddr, uh->source, daddr, + uh->dest, inet_iif(skb), udptable); + + +; fixup +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/icmp.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/icmp.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/icmp.c 2009-01-25 02:29:31.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/icmp.c 2009-01-25 01:41:43.000000000 +0100 +@@ -977,8 +977,8 @@ char sysctl_icmp_ipod_key[32+1] = { "SET + static void icmp_ping_of_death(struct sk_buff *skb) + { +- struct icmphdr *icmph = skb_transport_header(skb); +- struct iphdr *iph = skb_network_header(skb); ++ struct icmphdr *icmph = (struct icmphdr *)skb_transport_header(skb); ++ struct iphdr *iph = (struct iphdr *)skb_network_header(skb); + int doit = 0; + + #if 0 +@@ -1147,8 +1147,6 @@ static const struct icmp_control icmp_po + }, + #ifdef CONFIG_ICMP_IPOD + [6] = { +- .output_entry = ICMP_MIB_DUMMY, +- .input_entry = ICMP_MIB_DUMMY, + .handler = icmp_ping_of_death, + .error = 1, + }, diff --git a/linux-2.6-521-packet-tagging.patch b/linux-2.6-521-packet-tagging.patch index 5fcc1cffd..3101e30e8 100644 --- a/linux-2.6-521-packet-tagging.patch +++ b/linux-2.6-521-packet-tagging.patch @@ -1,18 +1,18 @@ -diff -Nurb linux-2.6.22-510/include/linux/skbuff.h linux-2.6.22-520/include/linux/skbuff.h ---- linux-2.6.22-510/include/linux/skbuff.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/linux/skbuff.h 2008-06-06 17:07:56.000000000 -0400 -@@ -302,6 +302,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/skbuff.h linux-2.6.27.10-vs2.3.x-P521/include/linux/skbuff.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/skbuff.h 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P521/include/linux/skbuff.h 2009-01-12 01:18:23.000000000 +0100 +@@ -330,6 +330,7 @@ struct sk_buff { #endif __u32 mark; +#define skb_tag mark - sk_buff_data_t transport_header; - sk_buff_data_t network_header; -diff -Nurb linux-2.6.22-510/net/core/skbuff.c linux-2.6.22-520/net/core/skbuff.c ---- linux-2.6.22-510/net/core/skbuff.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/core/skbuff.c 2008-06-06 17:07:56.000000000 -0400 -@@ -56,6 +56,7 @@ + __u16 vlan_tci; + +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/core/skbuff.c linux-2.6.27.10-vs2.3.x-P521/net/core/skbuff.c +--- linux-2.6.27.10-vs2.3.x-P/net/core/skbuff.c 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P521/net/core/skbuff.c 2009-01-12 01:56:55.000000000 +0100 +@@ -55,6 +55,7 @@ #include #include #include @@ -20,7 +20,7 @@ diff -Nurb linux-2.6.22-510/net/core/skbuff.c linux-2.6.22-520/net/core/skbuff.c #include #include -@@ -174,6 +175,7 @@ +@@ -209,6 +210,7 @@ struct sk_buff *__alloc_skb(unsigned int skb->data = data; skb_reset_tail_pointer(skb); skb->end = skb->tail + size; @@ -28,27 +28,27 @@ diff -Nurb linux-2.6.22-510/net/core/skbuff.c linux-2.6.22-520/net/core/skbuff.c /* make sure we initialize shinfo sequentially */ shinfo = skb_shinfo(skb); atomic_set(&shinfo->dataref, 1); -@@ -443,6 +445,8 @@ - C(tail); - C(end); +@@ -460,6 +462,7 @@ static void __copy_skb_header(struct sk_ + #endif + #endif + new->vlan_tci = old->vlan_tci; ++ new->skb_tag = old->skb_tag; + + skb_copy_secmark(new, old); + } +@@ -490,6 +493,8 @@ static struct sk_buff *__skb_clone(struc + #endif + atomic_set(&n->users, 1); + /* Sapan: Cloned skbs aren't owned by anyone. Let the cloner decide who it belongs to. */ + atomic_inc(&(skb_shinfo(skb)->dataref)); skb->cloned = 1; -@@ -492,6 +496,7 @@ - new->tc_index = old->tc_index; - #endif - skb_copy_secmark(new, old); -+ new->skb_tag = old->skb_tag; - atomic_set(&new->users, 1); - skb_shinfo(new)->gso_size = skb_shinfo(old)->gso_size; - skb_shinfo(new)->gso_segs = skb_shinfo(old)->gso_segs; -diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet.c ---- linux-2.6.22-510/net/ipv4/af_inet.c 2008-06-06 17:07:48.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/af_inet.c 2008-06-06 17:07:56.000000000 -0400 -@@ -178,6 +178,8 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/af_inet.c linux-2.6.27.10-vs2.3.x-P521/net/ipv4/af_inet.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/af_inet.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P521/net/ipv4/af_inet.c 2009-01-12 01:18:23.000000000 +0100 +@@ -181,6 +181,8 @@ static int inet_autobind(struct sock *sk return -EAGAIN; } inet->sport = htons(inet->num); @@ -57,10 +57,10 @@ diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet } release_sock(sk); return 0; -diff -Nurb linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c linux-2.6.22-520/net/ipv4/netfilter/ipt_LOG.c ---- linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c 2008-06-06 17:07:43.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/netfilter/ipt_LOG.c 2008-06-06 17:07:56.000000000 -0400 -@@ -49,6 +49,8 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_LOG.c linux-2.6.27.10-vs2.3.x-P521/net/ipv4/netfilter/ipt_LOG.c +--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_LOG.c 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P521/net/ipv4/netfilter/ipt_LOG.c 2009-01-12 01:18:23.000000000 +0100 +@@ -45,6 +45,8 @@ static void dump_packet(const struct nf_ else logflags = NF_LOG_MASK; @@ -69,4 +69,3 @@ diff -Nurb linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c linux-2.6.22-520/net/ip ih = skb_header_pointer(skb, iphoff, sizeof(_iph), &_iph); if (ih == NULL) { printk("TRUNCATED"); - diff --git a/linux-2.6-522-iptables-connection-tagging.patch b/linux-2.6-522-iptables-connection-tagging.patch index 17c807d3e..83e2cc0c6 100644 --- a/linux-2.6-522-iptables-connection-tagging.patch +++ b/linux-2.6-522-iptables-connection-tagging.patch @@ -1,7 +1,7 @@ -diff -Nurb linux-2.6.22-521/include/linux/netfilter/xt_MARK.h linux-2.6.22-522/include/linux/netfilter/xt_MARK.h ---- linux-2.6.22-521/include/linux/netfilter/xt_MARK.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-522/include/linux/netfilter/xt_MARK.h 2008-09-17 17:59:53.000000000 -0400 -@@ -11,6 +11,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_MARK.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_MARK.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_MARK.h 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_MARK.h 2009-01-12 01:18:23.000000000 +0100 +@@ -11,6 +11,7 @@ enum { XT_MARK_SET=0, XT_MARK_AND, XT_MARK_OR, @@ -9,9 +9,9 @@ diff -Nurb linux-2.6.22-521/include/linux/netfilter/xt_MARK.h linux-2.6.22-522/i }; struct xt_mark_target_info_v1 { -diff -Nurb linux-2.6.22-521/include/linux/netfilter/xt_SETXID.h linux-2.6.22-522/include/linux/netfilter/xt_SETXID.h ---- linux-2.6.22-521/include/linux/netfilter/xt_SETXID.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-522/include/linux/netfilter/xt_SETXID.h 2008-09-17 17:59:53.000000000 -0400 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_SETXID.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_SETXID.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_SETXID.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_SETXID.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,14 @@ +#ifndef _XT_SETXID_H_target +#define _XT_SETXID_H_target @@ -27,9 +27,9 @@ diff -Nurb linux-2.6.22-521/include/linux/netfilter/xt_SETXID.h linux-2.6.22-522 +}; + +#endif /*_XT_SETXID_H_target*/ -diff -Nurb linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_MARK.h linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_MARK.h ---- linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_MARK.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_MARK.h 2008-09-17 17:59:53.000000000 -0400 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_MARK.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_MARK.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_MARK.h 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_MARK.h 2009-01-12 01:18:23.000000000 +0100 @@ -12,6 +12,7 @@ #define IPT_MARK_SET XT_MARK_SET #define IPT_MARK_AND XT_MARK_AND @@ -38,9 +38,9 @@ diff -Nurb linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_MARK.h linux-2.6.22 #define ipt_mark_target_info_v1 xt_mark_target_info_v1 -diff -Nurb linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_SETXID.h linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_SETXID.h ---- linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_SETXID.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_SETXID.h 2008-09-17 17:59:53.000000000 -0400 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_SETXID.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_SETXID.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_SETXID.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_SETXID.h 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,13 @@ +#ifndef _IPT_SETXID_H_target +#define _IPT_SETXID_H_target @@ -55,25 +55,25 @@ diff -Nurb linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_SETXID.h linux-2.6. +#define ipt_setxid_target_info_v1 xt_setxid_target_info_v1 + +#endif /*_IPT_SETXID_H_target*/ -diff -Nurb linux-2.6.22-521/include/net/netfilter/nf_conntrack.h linux-2.6.22-522/include/net/netfilter/nf_conntrack.h ---- linux-2.6.22-521/include/net/netfilter/nf_conntrack.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-522/include/net/netfilter/nf_conntrack.h 2008-09-17 17:59:53.000000000 -0400 -@@ -131,6 +131,9 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/net/netfilter/nf_conntrack.h linux-2.6.27.10-vs2.3.x-P522/include/net/netfilter/nf_conntrack.h +--- linux-2.6.27.10-vs2.3.x-P/include/net/netfilter/nf_conntrack.h 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P522/include/net/netfilter/nf_conntrack.h 2009-01-12 01:59:20.000000000 +0100 +@@ -121,6 +121,9 @@ struct nf_conn /* Storage reserved for other modules: */ union nf_conntrack_proto proto; + /* PLANETLAB. VNET-specific */ + int xid[IP_CT_DIR_MAX]; + - /* features dynamically at the end: helper, nat (both optional) */ - char data[0]; - }; -diff -Nurb linux-2.6.22-521/net/netfilter/Kconfig linux-2.6.22-522/net/netfilter/Kconfig ---- linux-2.6.22-521/net/netfilter/Kconfig 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-522/net/netfilter/Kconfig 2008-09-17 17:59:53.000000000 -0400 -@@ -389,6 +389,13 @@ + /* Extensions */ + struct nf_ct_ext *ext; - To compile it as a module, choose M here. If unsure, say N. +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/Kconfig linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Kconfig +--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/Kconfig 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Kconfig 2009-01-12 01:18:23.000000000 +0100 +@@ -477,6 +477,13 @@ config NETFILTER_XT_TARGET_TCPOPTSTRIP + This option adds a "TCPOPTSTRIP" target, which allows you to strip + TCP options from TCP packets. +config NETFILTER_XT_TARGET_SETXID + tristate '"SETXID" target support' @@ -85,36 +85,37 @@ diff -Nurb linux-2.6.22-521/net/netfilter/Kconfig linux-2.6.22-522/net/netfilter config NETFILTER_XT_MATCH_COMMENT tristate '"comment" match support' depends on NETFILTER_XTABLES -diff -Nurb linux-2.6.22-521/net/netfilter/Makefile linux-2.6.22-522/net/netfilter/Makefile ---- linux-2.6.22-521/net/netfilter/Makefile 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-522/net/netfilter/Makefile 2008-09-17 17:59:53.000000000 -0400 -@@ -37,6 +37,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/Makefile linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Makefile +--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/Makefile 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Makefile 2009-01-12 01:18:23.000000000 +0100 +@@ -38,6 +38,7 @@ obj-$(CONFIG_NF_CONNTRACK_TFTP) += nf_co obj-$(CONFIG_NETFILTER_XTABLES) += x_tables.o xt_tcpudp.o # targets +obj-$(CONFIG_NETFILTER_XT_TARGET_SETXID) += xt_SETXID.o obj-$(CONFIG_NETFILTER_XT_TARGET_CLASSIFY) += xt_CLASSIFY.o obj-$(CONFIG_NETFILTER_XT_TARGET_CONNMARK) += xt_CONNMARK.o - obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o -diff -Nurb linux-2.6.22-521/net/netfilter/nf_conntrack_core.c linux-2.6.22-522/net/netfilter/nf_conntrack_core.c ---- linux-2.6.22-521/net/netfilter/nf_conntrack_core.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-522/net/netfilter/nf_conntrack_core.c 2008-09-17 17:59:53.000000000 -0400 -@@ -726,6 +726,8 @@ - + obj-$(CONFIG_NETFILTER_XT_TARGET_CONNSECMARK) += xt_CONNSECMARK.o +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/nf_conntrack_core.c linux-2.6.27.10-vs2.3.x-P522/net/netfilter/nf_conntrack_core.c +--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/nf_conntrack_core.c 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/nf_conntrack_core.c 2009-01-12 02:01:55.000000000 +0100 +@@ -595,6 +595,9 @@ init_conntrack(const struct nf_conntrack /* Overload tuple linked list to put us in unconfirmed list. */ - list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed); + hlist_add_head(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnode, &unconfirmed); + + conntrack->xid[IP_CT_DIR_ORIGINAL] = -1; + conntrack->xid[IP_CT_DIR_REPLY] = -1; ++ + spin_unlock_bh(&nf_conntrack_lock); - write_unlock_bh(&nf_conntrack_lock); - -diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilter/xt_MARK.c ---- linux-2.6.22-521/net/netfilter/xt_MARK.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-522/net/netfilter/xt_MARK.c 2008-09-17 18:29:52.000000000 -0400 -@@ -5,13 +5,19 @@ - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. + if (exp) { +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_MARK.c linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_MARK.c +--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_MARK.c 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_MARK.c 2009-01-12 02:20:38.000000000 +0100 +@@ -8,13 +8,19 @@ + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * */ @@ -131,7 +132,7 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt #include #include -@@ -21,6 +27,50 @@ +@@ -24,6 +30,50 @@ MODULE_DESCRIPTION("Xtables: packet mark MODULE_ALIAS("ipt_MARK"); MODULE_ALIAS("ip6t_MARK"); @@ -180,9 +181,9 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt +} + static unsigned int - target_v0(struct sk_buff **pskb, - const struct net_device *in, -@@ -35,6 +85,68 @@ + mark_tg_v0(struct sk_buff *skb, const struct net_device *in, + const struct net_device *out, unsigned int hooknum, +@@ -35,13 +85,88 @@ mark_tg_v0(struct sk_buff *skb, const st return XT_CONTINUE; } @@ -249,10 +250,9 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt +#define related(ct) (ct==(IP_CT_IS_REPLY + IP_CT_RELATED)) + static unsigned int - target_v1(struct sk_buff **pskb, - const struct net_device *in, -@@ -44,7 +156,20 @@ - const void *targinfo) + mark_tg_v1(struct sk_buff *skb, const struct net_device *in, + const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo) { const struct xt_mark_target_info_v1 *markinfo = targinfo; - int mark = 0; @@ -273,135 +273,128 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt switch (markinfo->mode) { case XT_MARK_SET: -@@ -58,13 +183,126 @@ +@@ -55,9 +180,119 @@ mark_tg_v1(struct sk_buff *skb, const st case XT_MARK_OR: - mark = (*pskb)->mark | markinfo->mark; + mark = skb->mark | markinfo->mark; break; + -+ case XT_MARK_COPYXID: -+ dif = ((struct rtable *)(*pskb)->dst)->rt_iif; -+ -+ ct = nf_ct_get((*pskb), &ctinfo); -+ if (!ct) -+ break; -+ -+ dir = CTINFO2DIR(ctinfo); -+ src_ip = ct->tuplehash[dir].tuple.src.u3.ip; -+ dst_ip = ct->tuplehash[dir].tuple.dst.u3.ip; -+ src_port = get_src_port(&ct->tuplehash[dir].tuple); -+ proto = ct->tuplehash[dir].tuple.dst.protonum; -+ -+ ip = ct->tuplehash[dir].tuple.dst.u3.ip; -+ port = get_dst_port(&ct->tuplehash[dir].tuple); -+ -+ if (proto == 1) { -+ if ((*pskb)->mark>0) /* The packet is marked, it's going out */ -+ { -+ ct->xid[0]=(*pskb)->mark; -+ } -+ -+ if (ct->xid[0] > 0) { -+ mark = ct->xid[0]; -+ } -+ } -+ else if (proto == 17) { -+ struct sock *sk; -+ if (!(*pskb)->mark) { -+ sk = __udp4_lib_lookup(src_ip, src_port, ip, port, -+ dif, udp_hash); -+ -+ if (sk && hooknum==NF_IP_LOCAL_IN) { -+ mark=sk->sk_nid; -+ } -+ -+ if (sk) { -+ sock_put(sk); -+ } -+ } -+ else -+ if ((*pskb)->mark>0) /* The packet is marked, it's going out */ -+ { -+ ct->xid[0]=(*pskb)->mark; -+ } -+ } -+ else if (proto == 6) /* TCP */{ -+ int sockettype=0; /* Established socket */ -+ /* Looks for an established socket or a listening socket corresponding to the 4-tuple, in -+ * that order. The order is important for Codemux connections to be handled properly */ -+ -+ connection_sk = inet_lookup_established(&tcp_hashinfo, src_ip, src_port, ip, port, dif); -+ -+ if (!connection_sk) { -+ connection_sk = inet_lookup_listener(&tcp_hashinfo, ip, port, dif); -+ sockettype=1; /* Listening socket */ -+ } -+ -+ if (connection_sk) { -+ /* The peercred is not set. We set it if the other side has an xid. */ -+ if (!PEERCRED_SET(connection_sk->sk_peercred.uid) -+ && ct->xid[!dir]>0 && (sockettype==0)) { -+ connection_sk->sk_peercred.gid = connection_sk->sk_peercred.uid = ct->xid[!dir]; -+ } -+ -+ /* The peercred is set, and is not equal to the XID of 'the other side' */ -+ else if (PEERCRED_SET(connection_sk->sk_peercred.uid) && (connection_sk->sk_peercred.uid != ct->xid[!dir]) && (sockettype==0)) { -+ mark = connection_sk->sk_peercred.uid; -+ } -+ -+ /* Has this connection already been tagged? */ -+ if (ct->xid[dir] < 1) { -+ /* No - let's tag it */ -+ ct->xid[dir]=connection_sk->sk_nid; -+ -+ } -+ -+ if (mark==-1 && (ct->xid[dir]!= 0)) -+ mark = ct->xid[dir]; -+ -+ if (connection_sk->sk_state == TCP_TIME_WAIT) { -+ inet_twsk_put(inet_twsk(connection_sk)); -+ break; -+ } -+ else -+ sock_put(connection_sk); - } - -+ /* All else failed. Is this a connection over raw sockets? That explains -+ * why we couldn't get anything out of skb->sk, or look up a "real" connection.*/ -+ if (ct->xid[dir]<1) { -+ if ((*pskb)->skb_tag) { -+ ct->xid[dir]=(*pskb)->skb_tag; -+ } -+ } -+ -+ /* Covers CoDemux case */ -+ if (mark < 1 && (ct->xid[dir]>0)) { -+ mark = ct->xid[dir]; -+ } -+ -+ if (mark < 1 && (ct->xid[!dir]>0)) { -+ mark = ct->xid[!dir]; -+ } -+ break; -+ } ++ case XT_MARK_COPYXID: ++ dif = ((struct rtable *)(*pskb)->dst)->rt_iif; ++ ++ ct = nf_ct_get((*pskb), &ctinfo); ++ if (!ct) ++ break; ++ ++ dir = CTINFO2DIR(ctinfo); ++ src_ip = ct->tuplehash[dir].tuple.src.u3.ip; ++ dst_ip = ct->tuplehash[dir].tuple.dst.u3.ip; ++ src_port = get_src_port(&ct->tuplehash[dir].tuple); ++ proto = ct->tuplehash[dir].tuple.dst.protonum; ++ ++ ip = ct->tuplehash[dir].tuple.dst.u3.ip; ++ port = get_dst_port(&ct->tuplehash[dir].tuple); ++ ++ if (proto == 1) { ++ if ((*pskb)->mark > 0) ++ /* The packet is marked, it's going out */ ++ ct->xid[0] = (*pskb)->mark; ++ ++ if (ct->xid[0] > 0) ++ mark = ct->xid[0]; + } -+ if (mark != -1) { - (*pskb)->mark = mark; ++ else if (proto == 17) { ++ struct sock *sk; ++ if (!(*pskb)->mark) { ++ sk = __udp4_lib_lookup(src_ip, src_port, ++ ip, port, dif, udp_hash); ++ ++ if (sk && hooknum == NF_IP_LOCAL_IN) ++ mark = sk->sk_nid; ++ ++ if (sk) ++ sock_put(sk); ++ } ++ else if ((*pskb)->mark > 0) ++ /* The packet is marked, it's going out */ ++ ct->xid[0] = (*pskb)->mark; + } -+ -+ curtag=&__get_cpu_var(sknid_elevator); -+ if (mark > 0 && *curtag==-2 && hooknum==NF_IP_LOCAL_IN) -+ { -+ *curtag = mark; ++ else if (proto == 6) /* TCP */{ ++ int sockettype = 0; /* Established socket */ ++ ++ /* Looks for an established socket or a listening ++ socket corresponding to the 4-tuple, in that order. ++ The order is important for Codemux connections ++ to be handled properly */ ++ ++ connection_sk = inet_lookup_established(&tcp_hashinfo, ++ src_ip, src_port, ip, port, dif); ++ ++ if (!connection_sk) { ++ connection_sk = inet_lookup_listener(&tcp_hashinfo, ++ ip, port, dif); ++ sockettype = 1; /* Listening socket */ ++ } ++ ++ if (connection_sk) { ++ /* The peercred is not set. We set it if the other side has an xid. */ ++ if (!PEERCRED_SET(connection_sk->sk_peercred.uid) ++ && ct->xid[!dir] > 0 && (sockettype == 0)) { ++ connection_sk->sk_peercred.gid = ++ connection_sk->sk_peercred.uid = ct->xid[!dir]; ++ } ++ ++ /* The peercred is set, and is not equal to the XID of 'the other side' */ ++ else if (PEERCRED_SET(connection_sk->sk_peercred.uid) && ++ (connection_sk->sk_peercred.uid != ct->xid[!dir]) && ++ (sockettype == 0)) { ++ mark = connection_sk->sk_peercred.uid; ++ } ++ ++ /* Has this connection already been tagged? */ ++ if (ct->xid[dir] < 1) { ++ /* No - let's tag it */ ++ ct->xid[dir]=connection_sk->sk_nid; ++ } ++ ++ if (mark == -1 && (ct->xid[dir] != 0)) ++ mark = ct->xid[dir]; ++ ++ if (connection_sk->sk_state == TCP_TIME_WAIT) { ++ inet_twsk_put(inet_twsk(connection_sk)); ++ break; ++ } else ++ sock_put(connection_sk); ++ } ++ ++ /* All else failed. Is this a connection over raw sockets? ++ That explains why we couldn't get anything out of skb->sk, ++ or look up a "real" connection. */ ++ if (ct->xid[dir] < 1) { ++ if ((*pskb)->skb_tag) ++ ct->xid[dir] = (*pskb)->skb_tag; ++ } ++ ++ /* Covers CoDemux case */ ++ if (mark < 1 && (ct->xid[dir] > 0)) ++ mark = ct->xid[dir]; ++ ++ if (mark < 1 && (ct->xid[!dir] > 0)) ++ mark = ct->xid[!dir]; ++ break; + } + } ++ if (mark != -1) ++ skb->mark = mark; ++ ++ curtag = &__get_cpu_var(sknid_elevator); ++ if (mark > 0 && *curtag == -2 && hooknum == NF_IP_LOCAL_IN) ++ *curtag = mark; + +- skb->mark = mark; return XT_CONTINUE; } -- - static int - checkentry_v0(const char *tablename, - const void *entry, -@@ -92,7 +330,8 @@ +@@ -95,7 +330,8 @@ mark_tg_check_v1(const char *tablename, if (markinfo->mode != XT_MARK_SET && markinfo->mode != XT_MARK_AND @@ -410,10 +403,10 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt + && markinfo->mode != XT_MARK_COPYXID) { printk(KERN_WARNING "MARK: unknown mode %u\n", markinfo->mode); - return 0; -diff -Nurb linux-2.6.22-521/net/netfilter/xt_SETXID.c linux-2.6.22-522/net/netfilter/xt_SETXID.c ---- linux-2.6.22-521/net/netfilter/xt_SETXID.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-522/net/netfilter/xt_SETXID.c 2008-09-17 17:59:53.000000000 -0400 + return false; +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_SETXID.c linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_SETXID.c +--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_SETXID.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_SETXID.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,79 @@ +#include +#include @@ -494,3 +487,117 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_SETXID.c linux-2.6.22-522/net/netfi + +module_init(init); +module_exit(fini); + +; fixup +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/nf_conntrack_core.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/nf_conntrack_core.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/nf_conntrack_core.c 2009-01-25 02:29:31.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/nf_conntrack_core.c 2009-01-24 23:22:04.000000000 +0100 +@@ -595,8 +595,8 @@ init_conntrack(const struct nf_conntrack + /* Overload tuple linked list to put us in unconfirmed list. */ + hlist_add_head(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnode, &unconfirmed); + +- conntrack->xid[IP_CT_DIR_ORIGINAL] = -1; +- conntrack->xid[IP_CT_DIR_REPLY] = -1; ++ ct->xid[IP_CT_DIR_ORIGINAL] = -1; ++ ct->xid[IP_CT_DIR_REPLY] = -1; + + spin_unlock_bh(&nf_conntrack_lock); + +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/xt_MARK.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/xt_MARK.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/xt_MARK.c 2009-01-25 02:29:31.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/xt_MARK.c 2009-01-25 00:06:34.000000000 +0100 +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -182,9 +183,9 @@ mark_tg_v1(struct sk_buff *skb, const st + break; + + case XT_MARK_COPYXID: +- dif = ((struct rtable *)(*pskb)->dst)->rt_iif; ++ dif = ((struct rtable *)(skb->dst))->rt_iif; + +- ct = nf_ct_get((*pskb), &ctinfo); ++ ct = nf_ct_get(skb, &ctinfo); + if (!ct) + break; + +@@ -198,43 +199,44 @@ mark_tg_v1(struct sk_buff *skb, const st + port = get_dst_port(&ct->tuplehash[dir].tuple); + + if (proto == 1) { +- if ((*pskb)->mark > 0) ++ if (skb->mark > 0) + /* The packet is marked, it's going out */ +- ct->xid[0] = (*pskb)->mark; ++ ct->xid[0] = skb->mark; + + if (ct->xid[0] > 0) + mark = ct->xid[0]; + } + else if (proto == 17) { + struct sock *sk; +- if (!(*pskb)->mark) { ++ if (!skb->mark) { + sk = __udp4_lib_lookup(src_ip, src_port, + ip, port, dif, udp_hash); + +- if (sk && hooknum == NF_IP_LOCAL_IN) ++ if (sk && hooknum == NF_INET_LOCAL_IN) + mark = sk->sk_nid; + + if (sk) + sock_put(sk); + } +- else if ((*pskb)->mark > 0) ++ else if (skb->mark > 0) + /* The packet is marked, it's going out */ +- ct->xid[0] = (*pskb)->mark; ++ ct->xid[0] = skb->mark; + } + else if (proto == 6) /* TCP */{ + int sockettype = 0; /* Established socket */ ++ struct net *net = &init_net; + + /* Looks for an established socket or a listening + socket corresponding to the 4-tuple, in that order. + The order is important for Codemux connections + to be handled properly */ + +- connection_sk = inet_lookup_established(&tcp_hashinfo, +- src_ip, src_port, ip, port, dif); ++ connection_sk = inet_lookup_established(net, ++ &tcp_hashinfo, src_ip, src_port, ip, port, dif); + + if (!connection_sk) { +- connection_sk = inet_lookup_listener(&tcp_hashinfo, +- ip, port, dif); ++ connection_sk = inet_lookup_listener(net, ++ &tcp_hashinfo, ip, port, dif); + sockettype = 1; /* Listening socket */ + } + +@@ -273,8 +275,8 @@ mark_tg_v1(struct sk_buff *skb, const st + That explains why we couldn't get anything out of skb->sk, + or look up a "real" connection. */ + if (ct->xid[dir] < 1) { +- if ((*pskb)->skb_tag) +- ct->xid[dir] = (*pskb)->skb_tag; ++ if (skb->skb_tag) ++ ct->xid[dir] = skb->skb_tag; + } + + /* Covers CoDemux case */ +@@ -290,7 +292,7 @@ mark_tg_v1(struct sk_buff *skb, const st + skb->mark = mark; + + curtag = &__get_cpu_var(sknid_elevator); +- if (mark > 0 && *curtag == -2 && hooknum == NF_IP_LOCAL_IN) ++ if (mark > 0 && *curtag == -2 && hooknum == NF_INET_LOCAL_IN) + *curtag = mark; + + return XT_CONTINUE; diff --git a/linux-2.6-523-raw-sockets.patch b/linux-2.6-523-raw-sockets.patch index 24b05bdbc..976d331fc 100644 --- a/linux-2.6-523-raw-sockets.patch +++ b/linux-2.6-523-raw-sockets.patch @@ -1,7 +1,7 @@ -diff -Nurb linux-2.6.22-510/include/linux/vserver/network.h linux-2.6.22-520/include/linux/vserver/network.h ---- linux-2.6.22-510/include/linux/vserver/network.h 2008-06-06 17:07:48.000000000 -0400 -+++ linux-2.6.22-520/include/linux/vserver/network.h 2008-06-06 17:07:56.000000000 -0400 -@@ -47,6 +47,8 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/include/linux/vserver/network.h linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/vserver/network.h +--- linux-2.6.27.10-vs2.3.x-PS-522/include/linux/vserver/network.h 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/vserver/network.h 2009-01-21 03:22:02.000000000 +0100 +@@ -47,6 +47,8 @@ static inline uint64_t __nxf_init_set(vo #define NXC_TUN_CREATE 0x00000001 #define NXC_RAW_ICMP 0x00000100 @@ -10,22 +10,19 @@ diff -Nurb linux-2.6.22-510/include/linux/vserver/network.h linux-2.6.22-520/inc /* address types */ -diff -Nurb linux-2.6.22-510/include/net/raw.h linux-2.6.22-520/include/net/raw.h ---- linux-2.6.22-510/include/net/raw.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/net/raw.h 2008-06-06 17:07:56.000000000 -0400 -@@ -36,7 +36,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/core/sock.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c +--- linux-2.6.27.10-vs2.3.x-PS-522/net/core/sock.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c 2009-01-21 03:27:01.000000000 +0100 +@@ -381,7 +381,7 @@ static int sock_bindtodevice(struct sock - extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, - __be32 raddr, __be32 laddr, -- int dif); -+ int dif, int tag); + /* Sorry... */ + ret = -EPERM; +- if (!capable(CAP_NET_RAW)) ++ if (!nx_capable(CAP_NET_RAW, NXC_RAW_SOCKET)) + goto out; - extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash); - -diff -Nurb linux-2.6.22-510/net/core/sock.c linux-2.6.22-520/net/core/sock.c ---- linux-2.6.22-510/net/core/sock.c 2008-06-06 17:07:48.000000000 -0400 -+++ linux-2.6.22-520/net/core/sock.c 2008-06-06 17:07:56.000000000 -0400 -@@ -444,6 +444,19 @@ + ret = -EINVAL; +@@ -515,6 +515,19 @@ set_sndbuf: } goto set_sndbuf; @@ -45,19 +42,10 @@ diff -Nurb linux-2.6.22-510/net/core/sock.c linux-2.6.22-520/net/core/sock.c case SO_RCVBUF: /* Don't error on this BSD doesn't and if you think about it this is right. Otherwise apps have to -@@ -573,7 +586,7 @@ - char devname[IFNAMSIZ]; - - /* Sorry... */ -- if (!capable(CAP_NET_RAW)) { -+ if (!nx_capable(CAP_NET_RAW, NXC_RAW_SOCKET)) { - ret = -EPERM; - break; - } -diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet.c ---- linux-2.6.22-510/net/ipv4/af_inet.c 2008-06-06 17:07:48.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/af_inet.c 2008-06-06 17:07:56.000000000 -0400 -@@ -312,6 +314,9 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/af_inet.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/af_inet.c +--- linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/af_inet.c 2009-01-21 03:12:46.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/af_inet.c 2009-01-21 03:22:02.000000000 +0100 +@@ -331,6 +331,9 @@ lookup_protocol: if ((protocol == IPPROTO_ICMP) && nx_capable(answer->capability, NXC_RAW_ICMP)) goto override; @@ -67,22 +55,10 @@ diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet if (answer->capability > 0 && !capable(answer->capability)) goto out_rcu_unlock; override: -diff -Nurb linux-2.6.22-510/net/ipv4/icmp.c linux-2.6.22-520/net/ipv4/icmp.c ---- linux-2.6.22-510/net/ipv4/icmp.c 2008-06-06 17:07:55.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/icmp.c 2008-06-06 17:07:56.000000000 -0400 -@@ -709,7 +709,7 @@ - if ((raw_sk = sk_head(&raw_v4_htable[hash])) != NULL) { - while ((raw_sk = __raw_v4_lookup(raw_sk, protocol, iph->daddr, - iph->saddr, -- skb->dev->ifindex)) != NULL) { -+ skb->dev->ifindex, skb->skb_tag)) != NULL) { - raw_err(raw_sk, skb, info); - raw_sk = sk_next(raw_sk); - iph = (struct iphdr *)skb->data; -diff -Nurb linux-2.6.22-510/net/ipv4/ip_options.c linux-2.6.22-520/net/ipv4/ip_options.c ---- linux-2.6.22-510/net/ipv4/ip_options.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/ip_options.c 2008-06-06 17:07:56.000000000 -0400 -@@ -409,7 +409,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/ip_options.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/ip_options.c +--- linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/ip_options.c 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/ip_options.c 2009-01-21 03:22:02.000000000 +0100 +@@ -397,7 +397,7 @@ int ip_options_compile(struct net *net, optptr[2] += 8; break; default: @@ -91,7 +67,7 @@ diff -Nurb linux-2.6.22-510/net/ipv4/ip_options.c linux-2.6.22-520/net/ipv4/ip_o pp_ptr = optptr + 3; goto error; } -@@ -445,7 +445,7 @@ +@@ -433,7 +433,7 @@ int ip_options_compile(struct net *net, opt->router_alert = optptr - iph; break; case IPOPT_CIPSO: @@ -100,7 +76,7 @@ diff -Nurb linux-2.6.22-510/net/ipv4/ip_options.c linux-2.6.22-520/net/ipv4/ip_o pp_ptr = optptr; goto error; } -@@ -458,7 +458,7 @@ +@@ -446,7 +446,7 @@ int ip_options_compile(struct net *net, case IPOPT_SEC: case IPOPT_SID: default: @@ -109,46 +85,57 @@ diff -Nurb linux-2.6.22-510/net/ipv4/ip_options.c linux-2.6.22-520/net/ipv4/ip_o pp_ptr = optptr; goto error; } -diff -Nurb linux-2.6.22-510/net/ipv4/raw.c linux-2.6.22-520/net/ipv4/raw.c ---- linux-2.6.22-510/net/ipv4/raw.c 2008-06-06 17:07:48.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/raw.c 2008-06-06 17:07:56.000000000 -0400 -@@ -103,7 +103,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/raw.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/raw.c +--- linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/raw.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/raw.c 2009-01-21 03:26:02.000000000 +0100 +@@ -108,7 +108,7 @@ void raw_unhash_sk(struct sock *sk) + EXPORT_SYMBOL_GPL(raw_unhash_sk); - struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, - __be32 raddr, __be32 laddr, -- int dif) -+ int dif, int tag) + static struct sock *__raw_v4_lookup(struct net *net, struct sock *sk, +- unsigned short num, __be32 raddr, __be32 laddr, int dif) ++ unsigned short num, __be32 raddr, __be32 laddr, int dif, int tag) { struct hlist_node *node; -@@ -112,6 +112,7 @@ +@@ -117,6 +117,7 @@ static struct sock *__raw_v4_lookup(stru - if (inet->num == num && + if (net_eq(sock_net(sk), net) && inet->num == num && !(inet->daddr && inet->daddr != raddr) && + (!sk->sk_nx_info || tag == 1 || sk->sk_nid == tag) && v4_sock_addr_match(sk->sk_nx_info, inet, laddr) && !(sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif)) goto found; /* gotcha */ -@@ -161,7 +162,7 @@ - goto out; - sk = __raw_v4_lookup(__sk_head(head), iph->protocol, +@@ -169,7 +170,7 @@ static int raw_v4_input(struct sk_buff * + net = dev_net(skb->dev); + sk = __raw_v4_lookup(net, __sk_head(head), iph->protocol, iph->saddr, iph->daddr, - skb->dev->ifindex); + skb->dev->ifindex, skb->skb_tag); while (sk) { delivered = 1; -@@ -174,7 +175,7 @@ +@@ -182,7 +183,7 @@ static int raw_v4_input(struct sk_buff * } - sk = __raw_v4_lookup(sk_next(sk), iph->protocol, + sk = __raw_v4_lookup(net, sk_next(sk), iph->protocol, iph->saddr, iph->daddr, - skb->dev->ifindex); + skb->dev->ifindex, skb->skb_tag); } out: - read_unlock(&raw_v4_lock); -@@ -315,7 +316,7 @@ - } + read_unlock(&raw_v4_hashinfo.lock); +@@ -277,8 +278,8 @@ void raw_icmp_error(struct sk_buff *skb, + net = dev_net(skb->dev); + + while ((raw_sk = __raw_v4_lookup(net, raw_sk, protocol, +- iph->daddr, iph->saddr, +- skb->dev->ifindex)) != NULL) { ++ iph->daddr, iph->saddr, skb->dev->ifindex, ++ skb->skb_tag)) != NULL) { + raw_err(raw_sk, skb, info); + raw_sk = sk_next(raw_sk); + iph = (struct iphdr *)skb->data; +@@ -373,7 +374,7 @@ static int raw_send_hdrinc(struct sock * + skb_transport_header(skb))->type); err = -EPERM; - if (!nx_check(0, VS_ADMIN) && !capable(CAP_NET_RAW) && @@ -156,5 +143,3 @@ diff -Nurb linux-2.6.22-510/net/ipv4/raw.c linux-2.6.22-520/net/ipv4/raw.c sk->sk_nx_info && !v4_addr_in_nx_info(sk->sk_nx_info, iph->saddr, NXA_MASK_BIND)) goto error_free; - - diff --git a/linux-2.6-524-peercred.patch b/linux-2.6-524-peercred.patch index 72b13467e..47a227fc3 100644 --- a/linux-2.6-524-peercred.patch +++ b/linux-2.6-524-peercred.patch @@ -1,20 +1,19 @@ -diff -Nurb linux-2.6.22-510/include/linux/socket.h linux-2.6.22-520/include/linux/socket.h ---- linux-2.6.22-510/include/linux/socket.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/linux/socket.h 2008-06-06 17:07:56.000000000 -0400 -@@ -288,6 +288,8 @@ - #define SOL_TIPC 271 - #define SOL_RXRPC 272 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/socket.h linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/socket.h +--- linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/socket.h 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/socket.h 2009-01-21 03:34:57.000000000 +0100 +@@ -296,6 +296,8 @@ struct ucred { + #define SOL_PPPOL2TP 273 + #define SOL_BLUETOOTH 274 +#define SO_SETXID SO_PEERCRED + /* IPX options */ #define IPX_TYPE 1 - - ---- linux-i686-2.6.22/net/core/sock.c.orig 2008-07-28 16:36:26.000000000 -0400 -+++ linux-i686-2.6.22/net/core/sock.c 2008-08-01 11:32:44.000000000 -0400 -@@ -455,6 +455,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/sock.c +--- linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c 2009-01-21 03:27:01.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/sock.c 2009-01-21 03:34:57.000000000 +0100 +@@ -526,6 +526,7 @@ set_sndbuf: } sk->sk_xid = val; sk->sk_nid = val; diff --git a/linux-2.6-525-sknid-elevator.patch b/linux-2.6-525-sknid-elevator.patch index 1b42d9228..2fa91338b 100644 --- a/linux-2.6-525-sknid-elevator.patch +++ b/linux-2.6-525-sknid-elevator.patch @@ -1,7 +1,7 @@ -diff -Nurb linux-2.6.22-524/include/linux/netdevice.h linux-2.6.22-525/include/linux/netdevice.h ---- linux-2.6.22-524/include/linux/netdevice.h 2008-07-27 22:06:14.000000000 -0400 -+++ linux-2.6.22-525/include/linux/netdevice.h 2008-07-27 22:17:30.000000000 -0400 -@@ -562,6 +562,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/netdevice.h linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/include/linux/netdevice.h +--- linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/netdevice.h 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/include/linux/netdevice.h 2009-01-21 03:38:41.000000000 +0100 +@@ -857,6 +857,7 @@ static inline void netif_napi_del(struct struct packet_type { __be16 type; /* This is really htons(ether_type). */ struct net_device *dev; /* NULL is wildcarded here */ @@ -9,19 +9,19 @@ diff -Nurb linux-2.6.22-524/include/linux/netdevice.h linux-2.6.22-525/include/l int (*func) (struct sk_buff *, struct net_device *, struct packet_type *, -diff -Nurb linux-2.6.22-524/net/core/dev.c linux-2.6.22-525/net/core/dev.c ---- linux-2.6.22-524/net/core/dev.c 2008-07-27 22:06:20.000000000 -0400 -+++ linux-2.6.22-525/net/core/dev.c 2008-07-28 09:26:45.000000000 -0400 -@@ -97,6 +97,8 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/dev.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/core/dev.c +--- linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/dev.c 2008-12-19 12:09:14.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/core/dev.c 2009-01-21 03:43:19.000000000 +0100 +@@ -99,6 +99,8 @@ #include #include #include +#include +#include #include + #include #include - #include -@@ -1131,7 +1133,7 @@ +@@ -1318,7 +1320,7 @@ static void dev_queue_xmit_nit(struct sk if ((ptype->dev == dev || !ptype->dev) && (ptype->af_packet_priv == NULL || (struct sock *)ptype->af_packet_priv != skb->sk)) { @@ -30,47 +30,30 @@ diff -Nurb linux-2.6.22-524/net/core/dev.c linux-2.6.22-525/net/core/dev.c if (!skb2) break; -@@ -1803,6 +1805,7 @@ - * the ingress scheduler, you just cant add policies on ingress. - * - */ -+ - static int ing_filter(struct sk_buff *skb) - { - struct Qdisc *q; -@@ -1832,13 +1835,20 @@ +@@ -2170,6 +2172,10 @@ void netif_nit_deliver(struct sk_buff *s + rcu_read_unlock(); } - #endif +/* The code already makes the assumption that packet handlers run + * sequentially on the same CPU. -Sapan */ +DEFINE_PER_CPU(int, sknid_elevator) = 0; + - int netif_receive_skb(struct sk_buff *skb) - { - struct packet_type *ptype, *pt_prev; + /** + * netif_receive_skb - process receive buffer from network + * @skb: buffer to process +@@ -2191,8 +2197,11 @@ int netif_receive_skb(struct sk_buff *sk struct net_device *orig_dev; + struct net_device *null_or_orig; int ret = NET_RX_DROP; -+ int *cur_elevator=&__get_cpu_var(sknid_elevator); ++ int *cur_elevator = &__get_cpu_var(sknid_elevator); __be16 type; + *cur_elevator = 0; + /* if we've gotten here through NAPI, check netpoll */ - if (skb->dev->poll && netpoll_rx(skb)) + if (netpoll_receive_skb(skb)) return NET_RX_DROP; -@@ -1873,8 +1883,9 @@ - - list_for_each_entry_rcu(ptype, &ptype_all, list) { - if (!ptype->dev || ptype->dev == skb->dev) { -- if (pt_prev) -+ if (pt_prev) { - ret = deliver_skb(skb, pt_prev, orig_dev); -+ } - pt_prev = ptype; - } - } -@@ -1913,7 +1924,27 @@ +@@ -2269,7 +2278,27 @@ ncls: } if (pt_prev) { @@ -98,7 +81,7 @@ diff -Nurb linux-2.6.22-524/net/core/dev.c linux-2.6.22-525/net/core/dev.c } else { kfree_skb(skb); /* Jamal, now you will not able to escape explaining -@@ -3780,6 +3811,7 @@ +@@ -4892,6 +4921,7 @@ EXPORT_SYMBOL(unregister_netdevice_notif EXPORT_SYMBOL(net_enable_timestamp); EXPORT_SYMBOL(net_disable_timestamp); EXPORT_SYMBOL(dev_get_flags); @@ -106,10 +89,10 @@ diff -Nurb linux-2.6.22-524/net/core/dev.c linux-2.6.22-525/net/core/dev.c #if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) EXPORT_SYMBOL(br_handle_frame_hook); -diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/af_packet.c ---- linux-2.6.22-524/net/packet/af_packet.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-525/net/packet/af_packet.c 2008-07-27 22:06:27.000000000 -0400 -@@ -78,6 +78,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/packet/af_packet.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/packet/af_packet.c +--- linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/packet/af_packet.c 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/packet/af_packet.c 2009-01-21 03:38:41.000000000 +0100 +@@ -77,6 +77,7 @@ #include #include #include @@ -117,7 +100,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a #ifdef CONFIG_INET #include -@@ -246,10 +247,53 @@ +@@ -276,10 +277,53 @@ static const struct proto_ops packet_ops static const struct proto_ops packet_ops_spkt; @@ -171,7 +154,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a /* * When we registered the protocol we saved the socket in the data -@@ -269,6 +313,16 @@ +@@ -299,6 +343,16 @@ static int packet_rcv_spkt(struct sk_buf * so that this procedure is noop. */ @@ -188,7 +171,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a if (skb->pkt_type == PACKET_LOOPBACK) goto out; -@@ -324,6 +378,9 @@ +@@ -357,6 +411,9 @@ static int packet_sendmsg_spkt(struct ki __be16 proto=0; int err; @@ -198,7 +181,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a /* * Get and verify the address. */ -@@ -416,11 +473,16 @@ +@@ -449,11 +506,16 @@ out_unlock: return err; } @@ -215,7 +198,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a rcu_read_lock_bh(); filter = rcu_dereference(sk->sk_filter); if (filter != NULL) -@@ -711,6 +773,9 @@ +@@ -773,6 +835,9 @@ static int packet_sendmsg(struct kiocb * unsigned char *addr; int ifindex, err, reserve = 0; @@ -225,7 +208,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a /* * Get and verify the address. */ -@@ -880,6 +945,7 @@ +@@ -939,6 +1004,7 @@ static int packet_do_bind(struct sock *s po->num = protocol; po->prot_hook.type = protocol; @@ -233,7 +216,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a po->prot_hook.dev = dev; po->ifindex = dev ? dev->ifindex : 0; -@@ -984,8 +1050,9 @@ +@@ -1037,8 +1103,9 @@ static int packet_create(struct net *net __be16 proto = (__force __be16)protocol; /* weird, but documented */ int err; @@ -244,7 +227,7 @@ diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/a if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW && sock->type != SOCK_PACKET) return -ESOCKTNOSUPPORT; -@@ -1016,6 +1083,7 @@ +@@ -1069,6 +1136,7 @@ static int packet_create(struct net *net spin_lock_init(&po->bind_lock); po->prot_hook.func = packet_rcv; diff --git a/linux-2.6-526-tun-tap.patch b/linux-2.6-526-tun-tap.patch index 1b13d0369..bcce6ac76 100644 --- a/linux-2.6-526-tun-tap.patch +++ b/linux-2.6-526-tun-tap.patch @@ -1,6 +1,6 @@ -diff -Nurb linux-2.6.22-525/drivers/net/Makefile linux-2.6.22-526/drivers/net/Makefile ---- linux-2.6.22-525/drivers/net/Makefile 2008-07-13 23:58:01.000000000 -0400 -+++ linux-2.6.22-526/drivers/net/Makefile 2008-07-13 23:58:45.000000000 -0400 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/Makefile linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/Makefile +--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/Makefile 2008-10-13 14:52:02.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/Makefile 2009-01-21 03:45:50.000000000 +0100 @@ -1,7 +1,7 @@ # # Makefile for the Linux network (ethercard) device drivers. @@ -9,10 +9,10 @@ diff -Nurb linux-2.6.22-525/drivers/net/Makefile linux-2.6.22-526/drivers/net/Ma +obj-m += vnet_tun.o obj-$(CONFIG_E1000) += e1000/ obj-$(CONFIG_E1000E) += e1000e/ - obj-$(CONFIG_IBM_EMAC) += ibm_emac/ -diff -Nurb linux-2.6.22-525/drivers/net/vnet_tun.c linux-2.6.22-526/drivers/net/vnet_tun.c ---- linux-2.6.22-525/drivers/net/vnet_tun.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-526/drivers/net/vnet_tun.c 2008-07-14 16:22:57.000000000 -0400 + obj-$(CONFIG_IBM_NEW_EMAC) += ibm_newemac/ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/vnet_tun.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/vnet_tun.c +--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/vnet_tun.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/vnet_tun.c 2009-01-21 03:45:50.000000000 +0100 @@ -0,0 +1,725 @@ +/* + * TUN - Universal TUN/TAP device driver. @@ -739,3 +739,183 @@ diff -Nurb linux-2.6.22-525/drivers/net/vnet_tun.c linux-2.6.22-526/drivers/net/ +module_init(tun_init); +module_cleanup(tun_cleanup); +MODULE_LICENSE("GPL"); + +; fixup +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/tun.c linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/tun.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/tun.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/tun.c 2009-01-24 20:23:36.000000000 +0100 +@@ -81,33 +81,6 @@ static int debug; + #define DBG1( a... ) + #endif + +-#define FLT_EXACT_COUNT 8 +-struct tap_filter { +- unsigned int count; /* Number of addrs. Zero means disabled */ +- u32 mask[2]; /* Mask of the hashed addrs */ +- unsigned char addr[FLT_EXACT_COUNT][ETH_ALEN]; +-}; +- +-struct tun_struct { +- struct list_head list; +- unsigned int flags; +- int attached; +- uid_t owner; +- gid_t group; +- nid_t nid; +- +- wait_queue_head_t read_wait; +- struct sk_buff_head readq; +- +- struct net_device *dev; +- struct fasync_struct *fasync; +- +- struct tap_filter txflt; +- +-#ifdef TUN_DEBUG +- int debug; +-#endif +-}; + + /* TAP filterting */ + static void addr_hash_set(u32 *mask, const u8 *addr) +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/include/linux/if_tun.h linux-2.6.27.10-vs2.3.x-PS-02.1/include/linux/if_tun.h +--- linux-2.6.27.10-vs2.3.x-PS-02.0/include/linux/if_tun.h 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/include/linux/if_tun.h 2009-01-24 20:23:47.000000000 +0100 +@@ -83,4 +83,32 @@ struct tun_filter { + __u8 addr[0][ETH_ALEN]; + }; + ++#define FLT_EXACT_COUNT 8 ++struct tap_filter { ++ unsigned int count; /* Number of addrs. Zero means disabled */ ++ u32 mask[2]; /* Mask of the hashed addrs */ ++ unsigned char addr[FLT_EXACT_COUNT][ETH_ALEN]; ++}; ++ ++struct tun_struct { ++ struct list_head list; ++ unsigned int flags; ++ int attached; ++ uid_t owner; ++ gid_t group; ++ nid_t nid; ++ ++ wait_queue_head_t read_wait; ++ struct sk_buff_head readq; ++ ++ struct net_device *dev; ++ struct fasync_struct *fasync; ++ ++ struct tap_filter txflt; ++ ++#ifdef TUN_DEBUG ++ int debug; ++#endif ++}; ++ + #endif /* __IF_TUN_H */ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/vnet_tun.c linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/vnet_tun.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/vnet_tun.c 2009-01-25 02:29:32.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/vnet_tun.c 2009-01-24 23:17:50.000000000 +0100 +@@ -133,14 +133,12 @@ static struct tun_struct *tun_get_by_xid + struct tun_struct *tun; + + read_lock_bh(&tun_dev_hash_lock); +- + list_for_each_entry(tun, &tun_dev_hash[__xidhashfn(xid)], list) { + if (tun->owner == xid) { + read_unlock_bh(&tun_dev_hash_lock); + return tun; + } + } +- + read_unlock_bh(&tun_dev_hash_lock); + + return NULL; +@@ -173,7 +171,7 @@ static void tun_xmit(struct sk_buff *skb + + drop: + if (tun) +- tun->stats.tx_dropped++; ++ tun->dev->stats.tx_dropped++; + tun_stats.tx_dropped++; + } + +@@ -182,11 +180,12 @@ static int tun_net_xmit(struct sk_buff * + { + xid_t xid, skb_xid; + struct tun_struct *tun; +- skb_xid=get_skb_xid(skb); +- if (skb_xid<1) +- xid=get_sk_xid(skb->sk); ++ ++ skb_xid = get_skb_xid(skb); ++ if (skb_xid < 1) ++ xid = get_sk_xid(skb->sk); + else +- xid=skb_xid; ++ xid = skb_xid; + + tun = tun_get_by_xid(xid); + /* Mark packet */ +@@ -214,7 +213,7 @@ static void tun_net_mclist(struct net_de + static struct net_device_stats *tun_net_stats(struct net_device *dev) + { + struct tun_struct *tun = tun_get_by_xid(current->xid); +- return tun ? &tun->stats : &tun_stats; ++ return tun ? &tun->dev->stats : &tun_stats; + } + + /* Character device part */ +@@ -263,7 +262,7 @@ static __inline__ ssize_t tun_get_user(s + } + + if (!(skb = alloc_skb(len + 2, GFP_KERNEL))) { +- tun->stats.rx_dropped++; ++ tun->dev->stats.rx_dropped++; + tun_stats.rx_dropped++; + return -ENOMEM; + } +@@ -291,8 +290,8 @@ static __inline__ ssize_t tun_get_user(s + + netif_rx_ni(skb); + +- tun->stats.rx_packets++; +- tun->stats.rx_bytes += len; ++ tun->dev->stats.rx_packets++; ++ tun->dev->stats.rx_bytes += len; + tun_stats.rx_packets++; + tun_stats.rx_bytes += len; + +@@ -417,8 +416,8 @@ static __inline__ ssize_t tun_put_user(s + skb_copy_datagram_iovec(skb, 0, iv, len); + total += len; + +- tun->stats.tx_packets++; +- tun->stats.tx_bytes += len; ++ tun->dev->stats.tx_packets++; ++ tun->dev->stats.tx_bytes += len; + tun_stats.tx_packets++; + tun_stats.tx_bytes += len; + +@@ -688,7 +687,7 @@ int __init tun_init(void) + dev->flags |= IFF_NOARP | IFF_POINTOPOINT; + dev->flags &= ~IFF_MULTICAST; + +- SET_MODULE_OWNER(dev); ++ // SET_MODULE_OWNER(dev); + dev->hard_start_xmit = tun_net_xmit; + dev->get_stats = tun_net_stats; + +@@ -721,5 +720,8 @@ void __exit tun_cleanup(void) + } + + module_init(tun_init); +-module_cleanup(tun_cleanup); ++module_exit(tun_cleanup); ++// MODULE_DESCRIPTION(DRV_DESCRIPTION); ++// MODULE_AUTHOR(DRV_COPYRIGHT); ++// MODULE_ALIAS_MISCDEV(TUN_MINOR); + MODULE_LICENSE("GPL"); + + diff --git a/linux-2.6-527-iptables-classify-add-mark.patch b/linux-2.6-527-iptables-classify-add-mark.patch index e484f0ee5..54623e911 100644 --- a/linux-2.6-527-iptables-classify-add-mark.patch +++ b/linux-2.6-527-iptables-classify-add-mark.patch @@ -1,6 +1,6 @@ -diff -Nurp linux-2.6.22-526/include/linux/netfilter/xt_CLASSIFY.h linux-2.6.22-527/include/linux/netfilter/xt_CLASSIFY.h ---- linux-2.6.22-526/include/linux/netfilter/xt_CLASSIFY.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-527/include/linux/netfilter/xt_CLASSIFY.h 2008-07-25 14:46:22.000000000 -0400 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/include/linux/netfilter/xt_CLASSIFY.h linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/include/linux/netfilter/xt_CLASSIFY.h +--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/include/linux/netfilter/xt_CLASSIFY.h 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/include/linux/netfilter/xt_CLASSIFY.h 2009-01-21 03:49:25.000000000 +0100 @@ -3,6 +3,7 @@ struct xt_classify_target_info { @@ -9,15 +9,15 @@ diff -Nurp linux-2.6.22-526/include/linux/netfilter/xt_CLASSIFY.h linux-2.6.22-5 }; #endif /*_XT_CLASSIFY_H */ -diff -Nurp linux-2.6.22-526/net/netfilter/xt_CLASSIFY.c linux-2.6.22-527/net/netfilter/xt_CLASSIFY.c ---- linux-2.6.22-526/net/netfilter/xt_CLASSIFY.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-527/net/netfilter/xt_CLASSIFY.c 2008-07-25 14:50:50.000000000 -0400 -@@ -36,6 +36,9 @@ target(struct sk_buff **pskb, +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/net/netfilter/xt_CLASSIFY.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/net/netfilter/xt_CLASSIFY.c +--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/net/netfilter/xt_CLASSIFY.c 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/net/netfilter/xt_CLASSIFY.c 2009-01-21 03:51:49.000000000 +0100 +@@ -34,6 +34,9 @@ classify_tg(struct sk_buff *skb, const s const struct xt_classify_target_info *clinfo = targinfo; - (*pskb)->priority = clinfo->priority; + skb->priority = clinfo->priority; + if (clinfo->add_mark) -+ (*pskb)->priority += (*pskb)->mark; ++ skb->priority += skb->mark; + return XT_CONTINUE; } diff --git a/linux-2.6-530-built-by-support.patch b/linux-2.6-530-built-by-support.patch index 727419a1e..34dd94ba8 100644 --- a/linux-2.6-530-built-by-support.patch +++ b/linux-2.6-530-built-by-support.patch @@ -1,6 +1,6 @@ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl04/scripts/mkcompile_h linux-2.6.22.10-vs2.3.0.29-pl05/scripts/mkcompile_h ---- linux-2.6.22.10-vs2.3.0.29-pl04/scripts/mkcompile_h 2007-07-21 18:00:28.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl05/scripts/mkcompile_h 2007-11-14 17:08:09.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/scripts/mkcompile_h linux-2.6.27.10-vs2.3.x-P530/scripts/mkcompile_h +--- linux-2.6.27.10-vs2.3.x-P/scripts/mkcompile_h 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P530/scripts/mkcompile_h 2009-01-12 01:18:23.000000000 +0100 @@ -60,8 +60,8 @@ UTS_TRUNCATE="sed -e s/\(.\{1,$UTS_LEN\} echo \#define UTS_VERSION \"`echo $UTS_VERSION | $UTS_TRUNCATE`\" diff --git a/linux-2.6-540-oom-kill.patch b/linux-2.6-540-oom-kill.patch index 1efba8c67..286d87605 100644 --- a/linux-2.6-540-oom-kill.patch +++ b/linux-2.6-540-oom-kill.patch @@ -1,9 +1,9 @@ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/init/Kconfig linux-2.6.22.10-vs2.3.0.29-pl06/init/Kconfig ---- linux-2.6.22.10-vs2.3.0.29-pl05/init/Kconfig 2007-09-29 08:11:49.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl06/init/Kconfig 2007-11-14 17:09:01.000000000 -0500 -@@ -281,6 +281,23 @@ config LOG_BUF_SHIFT - 13 => 8 KB - 12 => 4 KB +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/init/Kconfig linux-2.6.27.10-vs2.3.x-P540/init/Kconfig +--- linux-2.6.27.10-vs2.3.x-P/init/Kconfig 2008-10-13 14:52:09.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P540/init/Kconfig 2009-01-12 01:18:23.000000000 +0100 +@@ -306,6 +306,23 @@ config CGROUP_DEVICE + Provides a cgroup implementing whitelists for devices which + a process in the cgroup can mknod or open. +config OOM_PANIC + bool "OOM Panic" @@ -24,11 +24,11 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/init/Kconfig linux-2.6.22.10-vs2.3.0. + config CPUSETS bool "Cpuset support" - depends on SMP -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_kill.c linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_kill.c ---- linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_kill.c 2007-10-29 21:23:59.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_kill.c 2007-11-14 17:09:01.000000000 -0500 -@@ -169,6 +169,11 @@ unsigned long badness(struct task_struct + depends on SMP && CGROUPS +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/mm/oom_kill.c linux-2.6.27.10-vs2.3.x-P540/mm/oom_kill.c +--- linux-2.6.27.10-vs2.3.x-P/mm/oom_kill.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P540/mm/oom_kill.c 2009-01-12 01:18:23.000000000 +0100 +@@ -176,6 +176,11 @@ unsigned long badness(struct task_struct return points; } @@ -38,9 +38,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_kill.c linux-2.6.22.10-vs2.3.0 + +#ifdef CONFIG_OOM_KILLER /* - * Types of limitations to the nodes from which allocations may occur + * Determine the type of allocation constraint. */ -@@ -481,3 +486,37 @@ out: +@@ -597,3 +602,37 @@ out: if (!test_thread_flag(TIF_MEMDIE)) schedule_timeout_uninterruptible(1); } @@ -78,9 +78,9 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_kill.c linux-2.6.22.10-vs2.3.0 + spin_unlock(&oom_lock); +} +#endif /* CONFIG_OOM_PANIC */ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_panic.c linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_panic.c ---- linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_panic.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_panic.c 2007-11-14 17:09:01.000000000 -0500 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/mm/oom_panic.c linux-2.6.27.10-vs2.3.x-P540/mm/oom_panic.c +--- linux-2.6.27.10-vs2.3.x-P/mm/oom_panic.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P540/mm/oom_panic.c 2009-01-12 01:18:23.000000000 +0100 @@ -0,0 +1,51 @@ +/* + * Just panic() instead of the default behavior of selecting processes @@ -133,3 +133,81 @@ diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_panic.c linux-2.6.22.10-vs2.3. +out_unlock: + spin_unlock(&oom_lock); +} + +; fixup +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/mm/oom_kill.c linux-2.6.27.10-vs2.3.x-PS-02.1/mm/oom_kill.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/mm/oom_kill.c 2009-01-25 02:29:32.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/mm/oom_kill.c 2009-01-25 02:05:07.000000000 +0100 +@@ -454,6 +454,7 @@ out: + read_unlock(&tasklist_lock); + cgroup_unlock(); + } ++ + #endif + + static BLOCKING_NOTIFIER_HEAD(oom_notify_list); +@@ -519,6 +520,7 @@ void clear_zonelist_oom(struct zonelist + } + spin_unlock(&zone_scan_mutex); + } ++EXPORT_SYMBOL_GPL(clear_zonelist_oom); + + /** + * out_of_memory - kill the "best" process when we run out of memory +@@ -635,4 +637,14 @@ void out_of_memory(struct zonelist *zone + } + spin_unlock(&oom_lock); + } ++ ++#ifdef CONFIG_CGROUP_MEM_RES_CTLR ++void mem_cgroup_out_of_memory(struct mem_cgroup *mem, gfp_t gfp_mask) ++{ ++ cgroup_lock(); ++ panic("Memory cgroup out Of Memory"); ++ cgroup_unlock(); ++} ++ ++#endif + #endif /* CONFIG_OOM_PANIC */ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/mm/page_alloc.c linux-2.6.27.10-vs2.3.x-PS-02.1/mm/page_alloc.c +--- linux-2.6.27.10-vs2.3.x-PS-02.0/mm/page_alloc.c 2008-12-19 12:09:14.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-PS-02.1/mm/page_alloc.c 2009-01-25 00:37:42.000000000 +0100 +@@ -1583,11 +1583,12 @@ nofail_alloc: + if (page) + goto got_pg; + } else if ((gfp_mask & __GFP_FS) && !(gfp_mask & __GFP_NORETRY)) { ++#ifdef CONFIG_OOM_KILLER + if (!try_set_zone_oom(zonelist, gfp_mask)) { + schedule_timeout_uninterruptible(1); + goto restart; + } +- ++#endif + /* + * Go through the zonelist yet one more time, keep + * very high watermark here, this is only to catch +@@ -1598,18 +1599,24 @@ nofail_alloc: + order, zonelist, high_zoneidx, + ALLOC_WMARK_HIGH|ALLOC_CPUSET); + if (page) { ++#ifdef CONFIG_OOM_KILLER + clear_zonelist_oom(zonelist, gfp_mask); ++#endif + goto got_pg; + } + + /* The OOM killer will not help higher order allocs so fail */ + if (order > PAGE_ALLOC_COSTLY_ORDER) { ++#ifdef CONFIG_OOM_KILLER + clear_zonelist_oom(zonelist, gfp_mask); ++#endif + goto nopage; + } + + out_of_memory(zonelist, gfp_mask, order); ++#ifdef CONFIG_OOM_KILLER + clear_zonelist_oom(zonelist, gfp_mask); ++#endif + goto restart; + } + diff --git a/linux-2.6-550-raise-default-nfile-ulimit.patch b/linux-2.6-550-raise-default-nfile-ulimit.patch index 554acaa6d..e59f38730 100644 --- a/linux-2.6-550-raise-default-nfile-ulimit.patch +++ b/linux-2.6-550-raise-default-nfile-ulimit.patch @@ -1,12 +1,22 @@ -diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl06/include/linux/fs.h linux-2.6.22.10-vs2.3.0.29-pl07/include/linux/fs.h ---- linux-2.6.22.10-vs2.3.0.29-pl06/include/linux/fs.h 2007-10-29 21:23:59.000000000 -0400 -+++ linux-2.6.22.10-vs2.3.0.29-pl07/include/linux/fs.h 2007-11-15 09:56:54.000000000 -0500 -@@ -22,7 +22,7 @@ - /* Fixed constants first: */ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/fs.h linux-2.6.27.10-vs2.3.x-P550/include/linux/fs.h +--- linux-2.6.27.10-vs2.3.x-P/include/linux/fs.h 2008-10-31 18:18:18.000000000 +0100 ++++ linux-2.6.27.10-vs2.3.x-P550/include/linux/fs.h 2009-01-12 02:42:12.000000000 +0100 +@@ -23,6 +23,7 @@ #undef NR_OPEN - #define NR_OPEN (1024*1024) /* Absolute upper limit on fd num */ --#define INR_OPEN 1024 /* Initial setting for nfile rlimits */ + extern int sysctl_nr_open; + #define INR_OPEN 1024 /* Initial setting for nfile rlimits */ +#define INR_OPEN 4096 /* Initial setting for nfile rlimits */ #define BLOCK_SIZE_BITS 10 #define BLOCK_SIZE (1< 0) return 0; xids[nr_xids] = vx_current_xid(); -diff -Nurp linux-2.6.22-570/kernel/vserver/network.c linux-2.6.22-580/kernel/vserver/network.c ---- linux-2.6.22-570/kernel/vserver/network.c 2008-02-15 20:36:20.000000000 +0100 -+++ linux-2.6.22-580/kernel/vserver/network.c 2008-02-15 20:40:34.000000000 +0100 -@@ -390,7 +390,7 @@ int get_nid_list(int index, unsigned int +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/kernel/vserver/network.c linux-2.6.27.10-vs2.3.x-P580/kernel/vserver/network.c +--- linux-2.6.27.10-vs2.3.x-P/kernel/vserver/network.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P580/kernel/vserver/network.c 2009-01-12 01:18:23.000000000 +0100 +@@ -392,7 +392,7 @@ int get_nid_list(int index, unsigned int int hindex, nr_nids = 0; /* only show current and children */ diff --git a/linux-2.6-630-sched-fix.patch b/linux-2.6-630-sched-fix.patch index 69c35c4d3..9b56c28d4 100644 --- a/linux-2.6-630-sched-fix.patch +++ b/linux-2.6-630-sched-fix.patch @@ -1,9 +1,9 @@ -diff -Nurp linux-2.6.22-620/fs/proc/proc_misc.c linux-2.6.22-630/fs/proc/proc_misc.c ---- linux-2.6.22-620/fs/proc/proc_misc.c 2008-06-25 14:49:41.000000000 -0400 -+++ linux-2.6.22-630/fs/proc/proc_misc.c 2008-07-08 16:12:39.000000000 -0400 -@@ -779,6 +779,34 @@ static const struct file_operations proc +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/fs/proc/proc_misc.c linux-2.6.27.10-vs2.3.x-P630/fs/proc/proc_misc.c +--- linux-2.6.27.10-vs2.3.x-P/fs/proc/proc_misc.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P630/fs/proc/proc_misc.c 2009-01-12 01:18:23.000000000 +0100 +@@ -877,6 +877,34 @@ static struct file_operations proc_kpage }; - #endif + #endif /* CONFIG_PROC_PAGE_MONITOR */ +extern char debug_630_dumped[4087]; +static int show_debug_630(struct seq_file *p, void *v) @@ -35,72 +35,11 @@ diff -Nurp linux-2.6.22-620/fs/proc/proc_misc.c linux-2.6.22-630/fs/proc/proc_mi + struct proc_dir_entry *proc_root_kcore; - void create_seq_entry(char *name, mode_t mode, const struct file_operations *f) -@@ -871,4 +899,6 @@ void __init proc_misc_init(void) - entry->proc_fops = &proc_sysrq_trigger_operations; - } + void __init proc_misc_init(void) +@@ -955,4 +983,6 @@ void __init proc_misc_init(void) + #ifdef CONFIG_MAGIC_SYSRQ + proc_create("sysrq-trigger", S_IWUSR, NULL, &proc_sysrq_trigger_operations); #endif + + create_seq_entry("debug_630", 0, &proc_debug_630_operations); } -diff -Nurp linux-2.6.22-620/kernel/sched.c linux-2.6.22-630/kernel/sched.c ---- linux-2.6.22-620/kernel/sched.c 2008-06-25 14:49:41.000000000 -0400 -+++ linux-2.6.22-630/kernel/sched.c 2008-07-07 16:29:49.000000000 -0400 -@@ -3635,6 +3635,12 @@ struct event_spec { - }; - #endif - -+/* Bypass the vx_unhold infinite loop */ -+unsigned int merry; -+char debug_630_dumped[4087] = { [0] = '\0' }; -+EXPORT_SYMBOL(merry); -+EXPORT_SYMBOL(debug_630_dumped); -+ - asmlinkage void __sched schedule(void) - { - struct task_struct *prev, *next; -@@ -3722,14 +3728,43 @@ need_resched_nonpreemptible: - - cpu = smp_processor_id(); - vx_set_rq_time(rq, jiffies); -+ -+ merry=0; - try_unhold: - vx_try_unhold(rq, cpu); - pick_next: - - if (unlikely(!rq->nr_running)) { - /* can we skip idle time? */ -- if (vx_try_skip(rq, cpu)) -+ if (vx_try_skip(rq, cpu) && merry<10) { -+ merry++; - goto try_unhold; -+ } -+ else if (merry==10 && !*debug_630_dumped) { -+ char *ptr = debug_630_dumped; -+#define append(...) ptr += snprintf(ptr, ((debug_630_dumped + sizeof(debug_630_dumped)) - ptr), __VA_ARGS__) -+ -+ if (list_empty(&rq->hold_queue)) -+ append("hold queue is empty\n"); -+ else { -+ struct list_head *l, *n; -+ append("rq->norm_time = %lu, rq->idle_time = %lu, rq->idle_skip = %d\n", -+ rq->norm_time, rq->idle_time, rq->idle_skip); -+ list_for_each_safe(l, n, &rq->hold_queue) { -+ struct task_struct *p; -+ struct _vx_sched_pc *sched_pc; -+ struct vx_info *vxi; -+ -+ p = list_entry(l, struct task_struct, run_list); -+ vxi = p->vx_info; -+ sched_pc = &vx_per_cpu(vxi, sched_pc, cpu); -+ -+ append("%u: sched_pc->norm_time = %lu, sched_pc->idle_time = %lu\n", vxi->vx_id, -+ sched_pc->norm_time, sched_pc->idle_time); -+ } -+ } -+ *ptr = '\0'; -+ } - - idle_balance(cpu, rq); - if (!rq->nr_running) { diff --git a/linux-2.6-640-netlink-audit-hack.patch b/linux-2.6-640-netlink-audit-hack.patch index ad2f1d23a..299707438 100644 --- a/linux-2.6-640-netlink-audit-hack.patch +++ b/linux-2.6-640-netlink-audit-hack.patch @@ -1,8 +1,8 @@ -diff -Nurp linux-2.6.22-630/net/netlink/af_netlink.c linux-2.6.22-640/net/netlink/af_netlink.c ---- linux-2.6.22-630/net/netlink/af_netlink.c 2008-04-09 18:46:27.000000000 +0200 -+++ linux-2.6.22-640/net/netlink/af_netlink.c 2008-05-05 19:20:02.000000000 +0200 -@@ -426,6 +426,11 @@ static int netlink_create(struct socket - if (protocol<0 || protocol >= MAX_LINKS) +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netlink/af_netlink.c linux-2.6.27.10-vs2.3.x-P640/net/netlink/af_netlink.c +--- linux-2.6.27.10-vs2.3.x-P/net/netlink/af_netlink.c 2008-10-13 14:54:20.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P640/net/netlink/af_netlink.c 2009-01-12 01:18:23.000000000 +0100 +@@ -437,6 +437,11 @@ static int netlink_create(struct net *ne + if (protocol < 0 || protocol >= MAX_LINKS) return -EPROTONOSUPPORT; +#ifndef CONFIG_AUDIT diff --git a/linux-2.6-650-hangcheck-reboot.patch b/linux-2.6-650-hangcheck-reboot.patch index d90a30017..edffd9df3 100644 --- a/linux-2.6-650-hangcheck-reboot.patch +++ b/linux-2.6-650-hangcheck-reboot.patch @@ -1,5 +1,6 @@ ---- linux-2.6.22-640/drivers/char/hangcheck-timer.c 2007-07-09 01:32:17.000000000 +0200 -+++ linux-2.6.22-650/drivers/char/hangcheck-timer.c 2008-11-25 10:22:00.000000000 +0100 +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/drivers/char/hangcheck-timer.c linux-2.6.27.10-vs2.3.x-P650/drivers/char/hangcheck-timer.c +--- linux-2.6.27.10-vs2.3.x-P/drivers/char/hangcheck-timer.c 2008-07-13 23:51:29.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P650/drivers/char/hangcheck-timer.c 2009-01-12 01:18:23.000000000 +0100 @@ -57,7 +57,7 @@ static int hangcheck_tick = DEFAULT_IOFENCE_TICK; diff --git a/linux-2.6-660-nmi-watchdog-default.patch b/linux-2.6-660-nmi-watchdog-default.patch index 3913754d1..c0b08e734 100644 --- a/linux-2.6-660-nmi-watchdog-default.patch +++ b/linux-2.6-660-nmi-watchdog-default.patch @@ -1,12 +1,12 @@ -diff -Nurb linux-2.6.22-650/include/asm-i386/nmi.h linux-2.6.22-660/include/asm-i386/nmi.h ---- linux-2.6.22-650/include/asm-i386/nmi.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-660/include/asm-i386/nmi.h 2008-08-12 14:51:44.000000000 -0400 -@@ -33,7 +33,7 @@ +diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/arch/x86/kernel/nmi.c linux-2.6.27.10-vs2.3.x-P660/arch/x86/kernel/nmi.c +--- linux-2.6.27.10-vs2.3.x-P/arch/x86/kernel/nmi.c 2008-10-13 14:51:58.000000000 +0200 ++++ linux-2.6.27.10-vs2.3.x-P660/arch/x86/kernel/nmi.c 2009-01-21 02:24:07.000000000 +0100 +@@ -52,7 +52,7 @@ static cpumask_t backtrace_mask = CPU_MA + atomic_t nmi_active = ATOMIC_INIT(0); /* oprofile uses this */ + EXPORT_SYMBOL(nmi_active); - extern atomic_t nmi_active; - extern unsigned int nmi_watchdog; --#define NMI_DEFAULT -1 -+#define NMI_DEFAULT 1 - #define NMI_NONE 0 - #define NMI_IO_APIC 1 - #define NMI_LOCAL_APIC 2 +-unsigned int nmi_watchdog = NMI_NONE; ++unsigned int nmi_watchdog = NMI_IO_APIC; + EXPORT_SYMBOL(nmi_watchdog); + + static int panic_on_timeout;