linux-2.6-750-vserver-setspace.patch

   1 diff -Nurb linux-2.6.22-594/arch/i386/kernel/syscall_table.S linux-2.6.22-595/arch/i386/kernel/syscall_table.S
   2 --- linux-2.6.22-594/arch/i386/kernel/syscall_table.S   2008-03-21 15:19:20.000000000 -0400
   3 +++ linux-2.6.22-595/arch/i386/kernel/syscall_table.S   2008-03-21 15:19:27.000000000 -0400
   4 @@ -326,3 +326,4 @@
   5         .long sys_revokeat
   6         .long sys_frevoke               /* 325 */
   7         .long sys_fallocate
   8 +       .long sys_set_space
   9 diff -Nurb linux-2.6.22-594/kernel/nsproxy.c linux-2.6.22-595/kernel/nsproxy.c
  10 --- linux-2.6.22-594/kernel/nsproxy.c   2008-03-21 15:19:21.000000000 -0400
  11 +++ linux-2.6.22-595/kernel/nsproxy.c   2008-03-21 15:26:13.000000000 -0400
  12 @@ -23,11 +23,59 @@
  13  #include <linux/pid_namespace.h>
  14  #include <linux/vserver/global.h>
  15  #include <linux/vserver/debug.h>
  16 +#include <linux/sched.h>
  17 +
  18 +#include <net/net_namespace.h>
  19 +
  20 +int vx_enter_space(struct task_struct *, struct vx_info *, unsigned long);
  21
  22  static struct kmem_cache *nsproxy_cachep;
  23
  24  struct nsproxy init_nsproxy = INIT_NSPROXY(init_nsproxy);
  25
  26 +asmlinkage long sys_set_space(int pid, int id, int toggle, unsigned long unshare_flags) {
  27 +       struct task_struct *p;
  28 +       struct fs_struct *fs_cur;
  29 +       struct nsproxy *proxy_cur;
  30 +       int ret = 0;
  31 +
  32 +       if (unshare_flags & ~CLONE_NEWNET) {
  33 +               printk(KERN_ALERT "sys_set_space currently only supports CLONE_NEWNET\n");
  34 +               return -EINVAL;
  35 +       }
  36 +       else {
  37 +               p = find_task_by_pid(pid);
  38 +               if (p && (p->xid == id)) {
  39 +                       struct vx_info *vxi;
  40 +                       task_lock(p);
  41 +                       fs_cur = p->fs;
  42 +                       atomic_inc(&fs_cur->count);
  43 +                       proxy_cur = p->nsproxy;
  44 +                       get_nsproxy(proxy_cur);
  45 +                       task_unlock(p);
  46 +                       if (toggle) {
  47 +                               vxi = p->vx_info;
  48 +                               ret = vx_enter_space(p, vxi, unshare_flags);
  49 +                       }
  50 +                       else {
  51 +                               /* Major hack - use nsproxy not namespaces here */
  52 +                               if (unshare_flags & CLONE_NEWNET) {
  53 +                                       struct net *old_net = proxy_cur->net_ns;
  54 +                                       proxy_cur->net_ns = &init_net;
  55 +                                       get_net(proxy_cur->net_ns);
  56 +                               }
  57 +                       }
  58 +                       atomic_dec(&fs_cur->count);
  59 +                       put_nsproxy(proxy_cur);
  60 +               }
  61 +               else {
  62 +                       printk(KERN_ALERT "Invalid process id\n");
  63 +                       return -EINVAL;
  64 +               }
  65 +       }
  66 +       return ret;
  67 +}
  68 +
  69  void get_task_namespaces(struct task_struct *tsk)
  70  {
  71         struct nsproxy *ns = tsk->nsproxy;
  72 diff -Nurb linux-2.6.22-594/kernel/vserver/space.c linux-2.6.22-595/kernel/vserver/space.c
  73 --- linux-2.6.22-594/kernel/vserver/space.c     2008-03-21 15:19:25.000000000 -0400
  74 +++ linux-2.6.22-595/kernel/vserver/space.c     2008-03-21 15:19:27.000000000 -0400
  75 @@ -141,7 +141,7 @@
  76  }
  77
  78
  79 -int vx_enter_space(struct vx_info *vxi, unsigned long mask)
  80 +int vx_enter_space(struct task_struct *p, struct vx_info *vxi, unsigned long mask)
  81  {
  82         struct nsproxy *proxy, *proxy_cur, *proxy_new;
  83         struct fs_struct *fs, *fs_cur, *fs_new;
  84 @@ -159,12 +159,12 @@
  85         proxy = vxi->vx_nsproxy;
  86         fs = vxi->vx_fs;
  87
  88 -       task_lock(current);
  89 -       fs_cur = current->fs;
  90 +       task_lock(p);
  91 +       fs_cur = p->fs;
  92         atomic_inc(&fs_cur->count);
  93 -       proxy_cur = current->nsproxy;
  94 +       proxy_cur = p->nsproxy;
  95         get_nsproxy(proxy_cur);
  96 -       task_unlock(current);
  97 +       task_unlock(p);
  98
  99         fs_new = __vs_merge_fs(fs_cur, fs, mask);
 100         if (IS_ERR(fs_new)) {
 101 @@ -178,8 +178,8 @@
 102                 goto out_put_fs;
 103         }
 104
 105 -       fs_new = xchg(&current->fs, fs_new);
 106 -       proxy_new = xchg(&current->nsproxy, proxy_new);
 107 +       fs_new = xchg(&p->fs, fs_new);
 108 +       proxy_new = xchg(&p->nsproxy, proxy_new);
 109         ret = 0;
 110
 111         if (proxy_new)
 112 @@ -256,7 +256,7 @@
 113         if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
 114                 return -EFAULT;
 115
 116 -       return vx_enter_space(vxi, vc_data.mask);
 117 +       return vx_enter_space(current, vxi, vc_data.mask);
 118  }
 119
 120  int vc_set_space(struct vx_info *vxi, void __user *data)
 121 diff -Nurb linux-2.6.22-594/net/core/dev.c linux-2.6.22-595/net/core/dev.c
 122 --- linux-2.6.22-594/net/core/dev.c     2008-03-21 15:19:25.000000000 -0400
 123 +++ linux-2.6.22-595/net/core/dev.c     2008-03-21 15:19:27.000000000 -0400
 124 @@ -2207,7 +2207,7 @@
 125
 126         total = 0;
 127         for_each_netdev(net, dev) {
 128 -               if (!nx_dev_visible(current->nx_info, dev))
 129 +               if (net==&init_net && !nx_dev_visible(current->nx_info, dev))
 130                         continue;
 131                 for (i = 0; i < NPROTO; i++) {
 132                         if (gifconf_list[i]) {
 133 @@ -2274,8 +2274,9 @@
 134  static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev)
 135  {
 136         struct net_device_stats *stats = dev->get_stats(dev);
 137 +       struct net *net = seq->private;
 138
 139 -       if (!nx_dev_visible(current->nx_info, dev))
 140 +       if (net==&init_net && !nx_dev_visible(current->nx_info, dev))
 141                 return;
 142
 143         seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu "
 144 diff -Nurb linux-2.6.22-594/net/core/net_namespace.c linux-2.6.22-595/net/core/net_namespace.c
 145 --- linux-2.6.22-594/net/core/net_namespace.c   2008-03-21 15:19:21.000000000 -0400
 146 +++ linux-2.6.22-595/net/core/net_namespace.c   2008-03-21 15:19:27.000000000 -0400
 147 @@ -112,10 +112,12 @@
 148                 ops = list_entry(ptr, struct pernet_operations, list);
 149                 if (ops->init) {
 150                         error = ops->init(net);
 151 -                       if (error < 0)
 152 +                       if (error < 0) {
 153 +                               printk(KERN_ALERT "Error setting up netns: %x\n", ops->init);
 154                                 goto out_undo;
 155                 }
 156         }
 157 +       }
 158  out:
 159         return error;
 160  out_undo:
 161 diff -Nurb linux-2.6.22-594/net/socket.c linux-2.6.22-595/net/socket.c
 162 --- linux-2.6.22-594/net/socket.c       2008-03-21 15:19:24.000000000 -0400
 163 +++ linux-2.6.22-595/net/socket.c       2008-03-21 15:19:27.000000000 -0400
 164 @@ -1122,12 +1122,17 @@
 165         if (type < 0 || type >= SOCK_MAX)
 166                 return -EINVAL;
 167
 168 +       /*
 169 +        * Hack no. 2 - Sapan
 170 +        * Clean this up later
 171 +        *
 172         if (!nx_check(0, VS_ADMIN)) {
 173                 if (family == PF_INET && !current_nx_info_has_v4())
 174                         return -EAFNOSUPPORT;
 175                 if (family == PF_INET6 && !current_nx_info_has_v6())
 176                         return -EAFNOSUPPORT;
 177         }
 178 +       */
 179
 180         /* Compatibility.
 181