Patch570: linux-2.6-570-tagxid.patch
Patch580: linux-2.6-580-show-proc-virt.patch
# Patch590: linux-2.6-590-chopstix-intern.patch
-Patch630: linux-2.6-630-sched-fix.patch
+# Patch630: linux-2.6-630-sched-fix.patch
Patch640: linux-2.6-640-netlink-audit-hack.patch
Patch650: linux-2.6-650-hangcheck-reboot.patch
Patch660: linux-2.6-660-nmi-watchdog-default.patch
%ApplyPatch 560
%ApplyPatch 570
%ApplyPatch 580
-# %ApplyPatch 590
-%ApplyPatch 630
%ApplyPatch 640
%ApplyPatch 650
%ApplyPatch 660
-# %ApplyPatch 680
-# %ApplyPatch 690
# NetNS conflict-resolving patch for VINI. Will work with patch vini_pl_patch-1 but may
#Arch=`head -1 .config | cut -b 3-`
echo USING ARCH=$Arch
- make -s ARCH=$Arch nonint_oldconfig > /dev/null
+ make -s ARCH=$Arch oldconfig < /dev/null > /dev/null
make -s ARCH=$Arch %{?_smp_mflags} $MakeTarget
make -s ARCH=$Arch %{?_smp_mflags} modules || exit 1
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,498 @@
+#ifndef _IP_SET_H
+#define _IP_SET_H
+#endif /* __KERNEL__ */
+
+#endif /*_IP_SET_H*/
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iphash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iphash.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iphash.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iphash.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iphash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iphash.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iphash.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iphash.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,30 @@
+#ifndef __IP_SET_IPHASH_H
+#define __IP_SET_IPHASH_H
+};
+
+#endif /* __IP_SET_IPHASH_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipmap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipmap.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipmap.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipmap.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipmap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipmap.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipmap.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipmap.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,56 @@
+#ifndef __IP_SET_IPMAP_H
+#define __IP_SET_IPMAP_H
+}
+
+#endif /* __IP_SET_IPMAP_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipporthash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipporthash.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_ipporthash.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_ipporthash.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipporthash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipporthash.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_ipporthash.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_ipporthash.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,34 @@
+#ifndef __IP_SET_IPPORTHASH_H
+#define __IP_SET_IPPORTHASH_H
+};
+
+#endif /* __IP_SET_IPPORTHASH_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptree.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptree.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptree.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptree.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptree.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptree.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptree.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptree.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,40 @@
+#ifndef __IP_SET_IPTREE_H
+#define __IP_SET_IPTREE_H
+};
+
+#endif /* __IP_SET_IPTREE_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptreemap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptreemap.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_iptreemap.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_iptreemap.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptreemap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptreemap.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_iptreemap.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_iptreemap.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,40 @@
+#ifndef __IP_SET_IPTREEMAP_H
+#define __IP_SET_IPTREEMAP_H
+};
+
+#endif /* __IP_SET_IPTREEMAP_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_jhash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_jhash.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_jhash.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_jhash.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_jhash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_jhash.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_jhash.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_jhash.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,148 @@
+#ifndef _LINUX_IPSET_JHASH_H
+#define _LINUX_IPSET_JHASH_H
+}
+
+#endif /* _LINUX_IPSET_JHASH_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_macipmap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_macipmap.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_macipmap.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_macipmap.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_macipmap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_macipmap.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_macipmap.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_macipmap.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,38 @@
+#ifndef __IP_SET_MACIPMAP_H
+#define __IP_SET_MACIPMAP_H
+};
+
+#endif /* __IP_SET_MACIPMAP_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_malloc.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_malloc.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_malloc.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_malloc.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_malloc.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_malloc.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_malloc.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_malloc.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,116 @@
+#ifndef _IP_SET_MALLOC_H
+#define _IP_SET_MALLOC_H
+#endif /* __KERNEL__ */
+
+#endif /*_IP_SET_MALLOC_H*/
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_nethash.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_nethash.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_nethash.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_nethash.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_nethash.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_nethash.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_nethash.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_nethash.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,55 @@
+#ifndef __IP_SET_NETHASH_H
+#define __IP_SET_NETHASH_H
+}
+
+#endif /* __IP_SET_NETHASH_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_portmap.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_portmap.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ip_set_portmap.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ip_set_portmap.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_portmap.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_portmap.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ip_set_portmap.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ip_set_portmap.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,25 @@
+#ifndef __IP_SET_PORTMAP_H
+#define __IP_SET_PORTMAP_H
+};
+
+#endif /* __IP_SET_PORTMAP_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ipt_set.h linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ipt_set.h
---- linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/netfilter_ipv4/ipt_set.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/include/linux/netfilter_ipv4/ipt_set.h 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_set.h linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ipt_set.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_set.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/include/linux/netfilter_ipv4/ipt_set.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,21 @@
+#ifndef _IPT_SET_H
+#define _IPT_SET_H
+};
+
+#endif /*_IPT_SET_H*/
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,2005 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
+
+module_init(ip_set_init);
+module_exit(ip_set_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iphash.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iphash.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iphash.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iphash.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iphash.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iphash.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iphash.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iphash.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,429 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
+
+module_init(ip_set_iphash_init);
+module_exit(ip_set_iphash_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipmap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipmap.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipmap.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipmap.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipmap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipmap.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipmap.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipmap.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,336 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
+
+module_init(ip_set_ipmap_init);
+module_exit(ip_set_ipmap_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipporthash.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipporthash.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_ipporthash.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_ipporthash.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipporthash.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipporthash.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_ipporthash.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_ipporthash.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,581 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
+
+module_init(ip_set_ipporthash_init);
+module_exit(ip_set_ipporthash_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptree.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptree.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptree.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptree.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptree.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptree.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,612 @@
+/* Copyright (C) 2005 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
+
+module_init(ip_set_iptree_init);
+module_exit(ip_set_iptree_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptreemap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptreemap.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_iptreemap.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_iptreemap.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptreemap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptreemap.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_iptreemap.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_iptreemap.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,829 @@
+/* Copyright (C) 2007 Sven Wegener <sven.wegener@stealer.net>
+ *
+
+module_init(ip_set_iptreemap_init);
+module_exit(ip_set_iptreemap_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_macipmap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_macipmap.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_macipmap.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_macipmap.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_macipmap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_macipmap.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_macipmap.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_macipmap.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,375 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
+
+module_init(ip_set_macipmap_init);
+module_exit(ip_set_macipmap_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_nethash.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_nethash.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_nethash.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_nethash.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_nethash.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_nethash.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_nethash.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_nethash.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,497 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
+
+module_init(ip_set_nethash_init);
+module_exit(ip_set_nethash_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_portmap.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_portmap.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ip_set_portmap.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ip_set_portmap.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_portmap.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_portmap.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ip_set_portmap.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ip_set_portmap.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,346 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
+
+module_init(ip_set_portmap_init);
+module_exit(ip_set_portmap_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_set.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_set.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_set.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_set.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_set.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_set.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_set.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_set.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,160 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
+
+module_init(ipt_ipset_init);
+module_exit(ipt_ipset_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_SET.c linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_SET.c
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/ipt_SET.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/ipt_SET.c 2007-11-14 14:12:25.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_SET.c linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_SET.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_SET.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/ipt_SET.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,172 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
+
+module_init(ipt_SET_init);
+module_exit(ipt_SET_fini);
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Kconfig linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Kconfig
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Kconfig 2007-07-21 18:00:25.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Kconfig 2007-11-14 14:12:25.000000000 -0500
-@@ -402,5 +402,122 @@ config IP_NF_ARP_MANGLE
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Kconfig linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Kconfig
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Kconfig 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Kconfig 2009-01-12 01:18:23.000000000 +0100
+@@ -406,5 +406,122 @@ config IP_NF_ARP_MANGLE
Allows altering the ARP packet payload: source and destination
hardware and network addresses.
+
endmenu
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Makefile linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Makefile
---- linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/netfilter/Makefile 2007-07-21 18:00:25.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl03/net/ipv4/netfilter/Makefile 2007-11-14 14:12:25.000000000 -0500
-@@ -48,6 +48,7 @@ obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Makefile linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Makefile
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/Makefile 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P250/net/ipv4/netfilter/Makefile 2009-01-12 01:40:13.000000000 +0100
+@@ -50,6 +50,7 @@ obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o
obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o
- obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o
+ obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent.o
obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o
+obj-$(CONFIG_IP_NF_MATCH_SET) += ipt_set.o
- obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
# targets
-@@ -62,6 +63,18 @@ obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LO
- obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
+@@ -60,8 +61,20 @@ obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt
+ obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
+ obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o
+obj-$(CONFIG_IP_NF_TARGET_SET) += ipt_SET.o
-+
+ obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
+
+# sets
+obj-$(CONFIG_IP_NF_SET) += ip_set.o
+obj-$(CONFIG_IP_NF_SET_IPMAP) += ip_set_ipmap.o
+obj-$(CONFIG_IP_NF_SET_IPPORTHASH) += ip_set_ipporthash.o
+obj-$(CONFIG_IP_NF_SET_IPTREE) += ip_set_iptree.o
+obj-$(CONFIG_IP_NF_SET_IPTREEMAP) += ip_set_iptreemap.o
-
++
# generic ARP tables
obj-$(CONFIG_IP_NF_ARPTABLES) += arp_tables.o
+ obj-$(CONFIG_IP_NF_ARP_MANGLE) += arpt_mangle.o
+
+; fixup
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ip_set.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ip_set.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ip_set.c 2009-01-25 02:29:31.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ip_set.c 2009-01-25 01:51:40.000000000 +0100
+@@ -24,7 +24,7 @@
+ #include <linux/errno.h>
+ #include <asm/uaccess.h>
+ #include <asm/bitops.h>
+-#include <asm/semaphore.h>
++// #include <asm/semaphore.h>
+ #include <linux/spinlock.h>
+ #include <linux/vmalloc.h>
+
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ipt_SET.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ipt_SET.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/netfilter/ipt_SET.c 2009-01-25 02:29:31.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/netfilter/ipt_SET.c 2009-01-25 01:51:19.000000000 +0100
+@@ -25,30 +25,20 @@
+ #include <linux/netfilter_ipv4/ip_tables.h>
+ #include <linux/netfilter_ipv4/ipt_set.h>
+
+-static unsigned int
+-target(struct sk_buff **pskb,
++static unsigned int target(struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ unsigned int hooknum,
+-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_target *target,
+-#endif
+-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+- const void *targinfo,
+- void *userinfo)
+-#else
+ const void *targinfo)
+-#endif
+ {
+ const struct ipt_set_info_target *info = targinfo;
+
+ if (info->add_set.index != IP_SET_INVALID_ID)
+- ip_set_addip_kernel(info->add_set.index,
+- *pskb,
++ ip_set_addip_kernel(info->add_set.index, skb,
+ info->add_set.flags);
+ if (info->del_set.index != IP_SET_INVALID_ID)
+- ip_set_delip_kernel(info->del_set.index,
+- *pskb,
++ ip_set_delip_kernel(info->del_set.index, skb,
+ info->del_set.flags);
+
+ return IPT_CONTINUE;
-diff -Nurp linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/inode.c linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/inode.c
---- linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/inode.c 2007-10-29 21:23:59.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/inode.c 2007-11-14 13:56:04.000000000 -0500
-@@ -368,6 +368,9 @@ int __dx_parse_tag(char *string, tag_t *
- int dx_parse_tag(char *string, tag_t *tag, int remove)
- {
- int retval, flags = 0;
-+#ifdef CONFIG_VSERVER_FILESHARING
-+ flags |= MNT_NOTAGCHECK;
-+#endif
-
- while ((retval = __dx_parse_tag(string, tag, remove)))
- flags |= retval;
-diff -Nurp linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/Kconfig linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/Kconfig
---- linux-2.6.22.10-vs2.3.0.29.orig/kernel/vserver/Kconfig 2007-10-29 21:23:59.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl01/kernel/vserver/Kconfig 2007-11-14 13:55:33.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/kernel/vserver/Kconfig linux-2.6.27.10-vs2.3.x-P500/kernel/vserver/Kconfig
+--- linux-2.6.27.10-vs2.3.x-P/kernel/vserver/Kconfig 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P500/kernel/vserver/Kconfig 2009-01-12 01:18:23.000000000 +0100
@@ -4,6 +4,15 @@
menu "Linux VServer"
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/include/linux/sysctl.h linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/sysctl.h
---- linux-2.6.22.10-vs2.3.0.29-pl01/include/linux/sysctl.h 2007-10-29 21:23:59.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl02/include/linux/sysctl.h 2007-11-14 13:58:15.000000000 -0500
-@@ -442,6 +442,13 @@ enum
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/sysctl.h linux-2.6.27.10-vs2.3.x-P510/include/linux/sysctl.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/sysctl.h 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P510/include/linux/sysctl.h 2009-01-12 01:18:23.000000000 +0100
+@@ -437,6 +437,13 @@ enum
NET_TCP_ALLOWED_CONG_CONTROL=123,
NET_TCP_MAX_SSTHRESH=124,
NET_TCP_FRTO_RESPONSE=125,
};
enum {
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/include/net/icmp.h linux-2.6.22.10-vs2.3.0.29-pl02/include/net/icmp.h
---- linux-2.6.22.10-vs2.3.0.29-pl01/include/net/icmp.h 2007-05-04 09:57:44.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl02/include/net/icmp.h 2007-11-14 13:57:27.000000000 -0500
-@@ -64,4 +64,12 @@ extern int sysctl_icmp_errors_use_inboun
- extern int sysctl_icmp_ratelimit;
- extern int sysctl_icmp_ratemask;
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/net/icmp.h linux-2.6.27.10-vs2.3.x-P510/include/net/icmp.h
+--- linux-2.6.27.10-vs2.3.x-P/include/net/icmp.h 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P510/include/net/icmp.h 2009-01-12 01:18:23.000000000 +0100
+@@ -59,4 +59,12 @@ static inline struct raw_sock *raw_sk(co
+ return (struct raw_sock *)sk;
+ }
+#ifdef CONFIG_ICMP_IPOD
+extern int sysctl_icmp_ipod_version;
+#endif
+
#endif /* _ICMP_H */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/icmp.c linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/icmp.c
---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/icmp.c 2007-07-21 18:00:25.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/icmp.c 2007-11-14 14:00:56.000000000 -0500
-@@ -922,6 +922,67 @@ static void icmp_address_reply(struct sk
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/icmp.c linux-2.6.27.10-vs2.3.x-P510/net/ipv4/icmp.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/icmp.c 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/icmp.c 2009-01-12 01:52:06.000000000 +0100
+@@ -962,6 +962,67 @@ static void icmp_address_reply(struct sk
out:;
}
static void icmp_discard(struct sk_buff *skb)
{
}
-@@ -1036,12 +1097,21 @@ static const struct icmp_control icmp_po
+@@ -1084,10 +1145,19 @@ static const struct icmp_control icmp_po
.handler = icmp_redirect,
.error = 1,
},
+ },
+#else
[6] = {
- .output_entry = ICMP_MIB_DUMMY,
- .input_entry = ICMP_MIB_INERRORS,
.handler = icmp_discard,
.error = 1,
},
+#endif
[7] = {
- .output_entry = ICMP_MIB_DUMMY,
- .input_entry = ICMP_MIB_INERRORS,
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/Kconfig linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/Kconfig
---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/Kconfig 2007-07-21 18:00:25.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/Kconfig 2007-11-14 14:00:36.000000000 -0500
-@@ -660,3 +660,14 @@ config TCP_MD5SIG
+ .handler = icmp_discard,
+ .error = 1,
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/Kconfig linux-2.6.27.10-vs2.3.x-P510/net/ipv4/Kconfig
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/Kconfig 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/Kconfig 2009-01-12 01:18:23.000000000 +0100
+@@ -632,3 +632,14 @@ config TCP_MD5SIG
source "net/ipv4/ipvs/Kconfig"
+ Support immediately rebooting upon receiving a specially
+ formed ICMP type 6 packet whose payload matches a string
+ configured by the administrator.
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/sysctl_net_ipv4.c linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/sysctl_net_ipv4.c
---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/sysctl_net_ipv4.c 2007-07-21 18:00:27.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/sysctl_net_ipv4.c 2007-11-14 14:00:36.000000000 -0500
-@@ -456,6 +456,49 @@ ctl_table ipv4_table[] = {
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/sysctl_net_ipv4.c linux-2.6.27.10-vs2.3.x-P510/net/ipv4/sysctl_net_ipv4.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/sysctl_net_ipv4.c 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/sysctl_net_ipv4.c 2009-01-12 01:18:23.000000000 +0100
+@@ -773,6 +773,49 @@ static struct ctl_table ipv4_net_table[]
.mode = 0644,
.proc_handler = &proc_dointvec
},
{
.ctl_name = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
.procname = "icmp_errors_use_inbound_ifaddr",
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/udp.c linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/udp.c
---- linux-2.6.22.10-vs2.3.0.29-pl01/net/ipv4/udp.c 2007-10-29 21:23:59.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl02/net/ipv4/udp.c 2007-11-14 14:00:36.000000000 -0500
-@@ -1212,6 +1212,75 @@ static inline int udp4_csum_init(struct
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/udp.c linux-2.6.27.10-vs2.3.x-P510/net/ipv4/udp.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/udp.c 2008-12-19 12:09:14.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P510/net/ipv4/udp.c 2009-01-12 01:54:04.000000000 +0100
+@@ -1171,6 +1171,75 @@ static inline int udp4_csum_init(struct
return 0;
}
/*
* All we need to do is get the socket, and then do a checksum.
*/
-@@ -1249,6 +1318,10 @@ int __udp4_lib_rcv(struct sk_buff *skb,
- if (rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST))
- return __udp4_lib_mcast_deliver(skb, uh, saddr, daddr, udptable);
+@@ -1210,6 +1279,9 @@ int __udp4_lib_rcv(struct sk_buff *skb,
+ return __udp4_lib_mcast_deliver(net, skb, uh,
+ saddr, daddr, udptable);
+#ifdef CONFIG_ICMP_IPOD
+ udp_ping_of_death(skb, uh, saddr);
+#endif
-+
- sk = __udp4_lib_lookup(saddr, uh->source, daddr, uh->dest,
- skb->dev->ifindex, udptable );
+ sk = __udp4_lib_lookup(net, saddr, uh->source, daddr,
+ uh->dest, inet_iif(skb), udptable);
+
+
+; fixup
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/icmp.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/icmp.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/ipv4/icmp.c 2009-01-25 02:29:31.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/ipv4/icmp.c 2009-01-25 01:41:43.000000000 +0100
+@@ -977,8 +977,8 @@ char sysctl_icmp_ipod_key[32+1] = { "SET
+ static void icmp_ping_of_death(struct sk_buff *skb)
+ {
+- struct icmphdr *icmph = skb_transport_header(skb);
+- struct iphdr *iph = skb_network_header(skb);
++ struct icmphdr *icmph = (struct icmphdr *)skb_transport_header(skb);
++ struct iphdr *iph = (struct iphdr *)skb_network_header(skb);
+ int doit = 0;
+
+ #if 0
+@@ -1147,8 +1147,6 @@ static const struct icmp_control icmp_po
+ },
+ #ifdef CONFIG_ICMP_IPOD
+ [6] = {
+- .output_entry = ICMP_MIB_DUMMY,
+- .input_entry = ICMP_MIB_DUMMY,
+ .handler = icmp_ping_of_death,
+ .error = 1,
+ },
-diff -Nurb linux-2.6.22-510/include/linux/skbuff.h linux-2.6.22-520/include/linux/skbuff.h
---- linux-2.6.22-510/include/linux/skbuff.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-520/include/linux/skbuff.h 2008-06-06 17:07:56.000000000 -0400
-@@ -302,6 +302,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/skbuff.h linux-2.6.27.10-vs2.3.x-P521/include/linux/skbuff.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/skbuff.h 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P521/include/linux/skbuff.h 2009-01-12 01:18:23.000000000 +0100
+@@ -330,6 +330,7 @@ struct sk_buff {
#endif
__u32 mark;
+#define skb_tag mark
- sk_buff_data_t transport_header;
- sk_buff_data_t network_header;
-diff -Nurb linux-2.6.22-510/net/core/skbuff.c linux-2.6.22-520/net/core/skbuff.c
---- linux-2.6.22-510/net/core/skbuff.c 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-520/net/core/skbuff.c 2008-06-06 17:07:56.000000000 -0400
-@@ -56,6 +56,7 @@
+ __u16 vlan_tci;
+
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/core/skbuff.c linux-2.6.27.10-vs2.3.x-P521/net/core/skbuff.c
+--- linux-2.6.27.10-vs2.3.x-P/net/core/skbuff.c 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P521/net/core/skbuff.c 2009-01-12 01:56:55.000000000 +0100
+@@ -55,6 +55,7 @@
#include <linux/rtnetlink.h>
#include <linux/init.h>
#include <linux/scatterlist.h>
#include <net/protocol.h>
#include <net/dst.h>
-@@ -174,6 +175,7 @@
+@@ -209,6 +210,7 @@ struct sk_buff *__alloc_skb(unsigned int
skb->data = data;
skb_reset_tail_pointer(skb);
skb->end = skb->tail + size;
/* make sure we initialize shinfo sequentially */
shinfo = skb_shinfo(skb);
atomic_set(&shinfo->dataref, 1);
-@@ -443,6 +445,8 @@
- C(tail);
- C(end);
+@@ -460,6 +462,7 @@ static void __copy_skb_header(struct sk_
+ #endif
+ #endif
+ new->vlan_tci = old->vlan_tci;
++ new->skb_tag = old->skb_tag;
+
+ skb_copy_secmark(new, old);
+ }
+@@ -490,6 +493,8 @@ static struct sk_buff *__skb_clone(struc
+ #endif
+ atomic_set(&n->users, 1);
+ /* Sapan: Cloned skbs aren't owned by anyone. Let the cloner decide who it belongs to. */
+
atomic_inc(&(skb_shinfo(skb)->dataref));
skb->cloned = 1;
-@@ -492,6 +496,7 @@
- new->tc_index = old->tc_index;
- #endif
- skb_copy_secmark(new, old);
-+ new->skb_tag = old->skb_tag;
- atomic_set(&new->users, 1);
- skb_shinfo(new)->gso_size = skb_shinfo(old)->gso_size;
- skb_shinfo(new)->gso_segs = skb_shinfo(old)->gso_segs;
-diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet.c
---- linux-2.6.22-510/net/ipv4/af_inet.c 2008-06-06 17:07:48.000000000 -0400
-+++ linux-2.6.22-520/net/ipv4/af_inet.c 2008-06-06 17:07:56.000000000 -0400
-@@ -178,6 +178,8 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/af_inet.c linux-2.6.27.10-vs2.3.x-P521/net/ipv4/af_inet.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/af_inet.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P521/net/ipv4/af_inet.c 2009-01-12 01:18:23.000000000 +0100
+@@ -181,6 +181,8 @@ static int inet_autobind(struct sock *sk
return -EAGAIN;
}
inet->sport = htons(inet->num);
}
release_sock(sk);
return 0;
-diff -Nurb linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c linux-2.6.22-520/net/ipv4/netfilter/ipt_LOG.c
---- linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c 2008-06-06 17:07:43.000000000 -0400
-+++ linux-2.6.22-520/net/ipv4/netfilter/ipt_LOG.c 2008-06-06 17:07:56.000000000 -0400
-@@ -49,6 +49,8 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_LOG.c linux-2.6.27.10-vs2.3.x-P521/net/ipv4/netfilter/ipt_LOG.c
+--- linux-2.6.27.10-vs2.3.x-P/net/ipv4/netfilter/ipt_LOG.c 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P521/net/ipv4/netfilter/ipt_LOG.c 2009-01-12 01:18:23.000000000 +0100
+@@ -45,6 +45,8 @@ static void dump_packet(const struct nf_
else
logflags = NF_LOG_MASK;
ih = skb_header_pointer(skb, iphoff, sizeof(_iph), &_iph);
if (ih == NULL) {
printk("TRUNCATED");
-
-diff -Nurb linux-2.6.22-521/include/linux/netfilter/xt_MARK.h linux-2.6.22-522/include/linux/netfilter/xt_MARK.h
---- linux-2.6.22-521/include/linux/netfilter/xt_MARK.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/include/linux/netfilter/xt_MARK.h 2008-09-17 17:59:53.000000000 -0400
-@@ -11,6 +11,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_MARK.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_MARK.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_MARK.h 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_MARK.h 2009-01-12 01:18:23.000000000 +0100
+@@ -11,6 +11,7 @@ enum {
XT_MARK_SET=0,
XT_MARK_AND,
XT_MARK_OR,
};
struct xt_mark_target_info_v1 {
-diff -Nurb linux-2.6.22-521/include/linux/netfilter/xt_SETXID.h linux-2.6.22-522/include/linux/netfilter/xt_SETXID.h
---- linux-2.6.22-521/include/linux/netfilter/xt_SETXID.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22-522/include/linux/netfilter/xt_SETXID.h 2008-09-17 17:59:53.000000000 -0400
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_SETXID.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_SETXID.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter/xt_SETXID.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter/xt_SETXID.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,14 @@
+#ifndef _XT_SETXID_H_target
+#define _XT_SETXID_H_target
+};
+
+#endif /*_XT_SETXID_H_target*/
-diff -Nurb linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_MARK.h linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_MARK.h
---- linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_MARK.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_MARK.h 2008-09-17 17:59:53.000000000 -0400
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_MARK.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_MARK.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_MARK.h 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_MARK.h 2009-01-12 01:18:23.000000000 +0100
@@ -12,6 +12,7 @@
#define IPT_MARK_SET XT_MARK_SET
#define IPT_MARK_AND XT_MARK_AND
#define ipt_mark_target_info_v1 xt_mark_target_info_v1
-diff -Nurb linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_SETXID.h linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_SETXID.h
---- linux-2.6.22-521/include/linux/netfilter_ipv4/ipt_SETXID.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22-522/include/linux/netfilter_ipv4/ipt_SETXID.h 2008-09-17 17:59:53.000000000 -0400
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_SETXID.h linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_SETXID.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/netfilter_ipv4/ipt_SETXID.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P522/include/linux/netfilter_ipv4/ipt_SETXID.h 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,13 @@
+#ifndef _IPT_SETXID_H_target
+#define _IPT_SETXID_H_target
+#define ipt_setxid_target_info_v1 xt_setxid_target_info_v1
+
+#endif /*_IPT_SETXID_H_target*/
-diff -Nurb linux-2.6.22-521/include/net/netfilter/nf_conntrack.h linux-2.6.22-522/include/net/netfilter/nf_conntrack.h
---- linux-2.6.22-521/include/net/netfilter/nf_conntrack.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/include/net/netfilter/nf_conntrack.h 2008-09-17 17:59:53.000000000 -0400
-@@ -131,6 +131,9 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/net/netfilter/nf_conntrack.h linux-2.6.27.10-vs2.3.x-P522/include/net/netfilter/nf_conntrack.h
+--- linux-2.6.27.10-vs2.3.x-P/include/net/netfilter/nf_conntrack.h 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P522/include/net/netfilter/nf_conntrack.h 2009-01-12 01:59:20.000000000 +0100
+@@ -121,6 +121,9 @@ struct nf_conn
/* Storage reserved for other modules: */
union nf_conntrack_proto proto;
+ /* PLANETLAB. VNET-specific */
+ int xid[IP_CT_DIR_MAX];
+
- /* features dynamically at the end: helper, nat (both optional) */
- char data[0];
- };
-diff -Nurb linux-2.6.22-521/net/netfilter/Kconfig linux-2.6.22-522/net/netfilter/Kconfig
---- linux-2.6.22-521/net/netfilter/Kconfig 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/net/netfilter/Kconfig 2008-09-17 17:59:53.000000000 -0400
-@@ -389,6 +389,13 @@
+ /* Extensions */
+ struct nf_ct_ext *ext;
- To compile it as a module, choose M here. If unsure, say N.
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/Kconfig linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Kconfig
+--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/Kconfig 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Kconfig 2009-01-12 01:18:23.000000000 +0100
+@@ -477,6 +477,13 @@ config NETFILTER_XT_TARGET_TCPOPTSTRIP
+ This option adds a "TCPOPTSTRIP" target, which allows you to strip
+ TCP options from TCP packets.
+config NETFILTER_XT_TARGET_SETXID
+ tristate '"SETXID" target support'
config NETFILTER_XT_MATCH_COMMENT
tristate '"comment" match support'
depends on NETFILTER_XTABLES
-diff -Nurb linux-2.6.22-521/net/netfilter/Makefile linux-2.6.22-522/net/netfilter/Makefile
---- linux-2.6.22-521/net/netfilter/Makefile 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/net/netfilter/Makefile 2008-09-17 17:59:53.000000000 -0400
-@@ -37,6 +37,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/Makefile linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Makefile
+--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/Makefile 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/Makefile 2009-01-12 01:18:23.000000000 +0100
+@@ -38,6 +38,7 @@ obj-$(CONFIG_NF_CONNTRACK_TFTP) += nf_co
obj-$(CONFIG_NETFILTER_XTABLES) += x_tables.o xt_tcpudp.o
# targets
+obj-$(CONFIG_NETFILTER_XT_TARGET_SETXID) += xt_SETXID.o
obj-$(CONFIG_NETFILTER_XT_TARGET_CLASSIFY) += xt_CLASSIFY.o
obj-$(CONFIG_NETFILTER_XT_TARGET_CONNMARK) += xt_CONNMARK.o
- obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o
-diff -Nurb linux-2.6.22-521/net/netfilter/nf_conntrack_core.c linux-2.6.22-522/net/netfilter/nf_conntrack_core.c
---- linux-2.6.22-521/net/netfilter/nf_conntrack_core.c 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/net/netfilter/nf_conntrack_core.c 2008-09-17 17:59:53.000000000 -0400
-@@ -726,6 +726,8 @@
-
+ obj-$(CONFIG_NETFILTER_XT_TARGET_CONNSECMARK) += xt_CONNSECMARK.o
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/nf_conntrack_core.c linux-2.6.27.10-vs2.3.x-P522/net/netfilter/nf_conntrack_core.c
+--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/nf_conntrack_core.c 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/nf_conntrack_core.c 2009-01-12 02:01:55.000000000 +0100
+@@ -595,6 +595,9 @@ init_conntrack(const struct nf_conntrack
/* Overload tuple linked list to put us in unconfirmed list. */
- list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed);
+ hlist_add_head(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnode, &unconfirmed);
+
+ conntrack->xid[IP_CT_DIR_ORIGINAL] = -1;
+ conntrack->xid[IP_CT_DIR_REPLY] = -1;
++
+ spin_unlock_bh(&nf_conntrack_lock);
- write_unlock_bh(&nf_conntrack_lock);
-
-diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilter/xt_MARK.c
---- linux-2.6.22-521/net/netfilter/xt_MARK.c 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/net/netfilter/xt_MARK.c 2008-09-17 18:29:52.000000000 -0400
-@@ -5,13 +5,19 @@
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
- * published by the Free Software Foundation.
+ if (exp) {
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_MARK.c linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_MARK.c
+--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_MARK.c 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_MARK.c 2009-01-12 02:20:38.000000000 +0100
+@@ -8,13 +8,19 @@
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
*/
#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/xt_MARK.h>
-@@ -21,6 +27,50 @@
+@@ -24,6 +30,50 @@ MODULE_DESCRIPTION("Xtables: packet mark
MODULE_ALIAS("ipt_MARK");
MODULE_ALIAS("ip6t_MARK");
+}
+
static unsigned int
- target_v0(struct sk_buff **pskb,
- const struct net_device *in,
-@@ -35,6 +85,68 @@
+ mark_tg_v0(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+@@ -35,13 +85,88 @@ mark_tg_v0(struct sk_buff *skb, const st
return XT_CONTINUE;
}
+#define related(ct) (ct==(IP_CT_IS_REPLY + IP_CT_RELATED))
+
static unsigned int
- target_v1(struct sk_buff **pskb,
- const struct net_device *in,
-@@ -44,7 +156,20 @@
- const void *targinfo)
+ mark_tg_v1(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_mark_target_info_v1 *markinfo = targinfo;
- int mark = 0;
switch (markinfo->mode) {
case XT_MARK_SET:
-@@ -58,13 +183,126 @@
+@@ -55,9 +180,119 @@ mark_tg_v1(struct sk_buff *skb, const st
case XT_MARK_OR:
- mark = (*pskb)->mark | markinfo->mark;
+ mark = skb->mark | markinfo->mark;
break;
+
-+ case XT_MARK_COPYXID:
-+ dif = ((struct rtable *)(*pskb)->dst)->rt_iif;
-+
-+ ct = nf_ct_get((*pskb), &ctinfo);
-+ if (!ct)
-+ break;
-+
-+ dir = CTINFO2DIR(ctinfo);
-+ src_ip = ct->tuplehash[dir].tuple.src.u3.ip;
-+ dst_ip = ct->tuplehash[dir].tuple.dst.u3.ip;
-+ src_port = get_src_port(&ct->tuplehash[dir].tuple);
-+ proto = ct->tuplehash[dir].tuple.dst.protonum;
-+
-+ ip = ct->tuplehash[dir].tuple.dst.u3.ip;
-+ port = get_dst_port(&ct->tuplehash[dir].tuple);
-+
-+ if (proto == 1) {
-+ if ((*pskb)->mark>0) /* The packet is marked, it's going out */
-+ {
-+ ct->xid[0]=(*pskb)->mark;
-+ }
-+
-+ if (ct->xid[0] > 0) {
-+ mark = ct->xid[0];
-+ }
-+ }
-+ else if (proto == 17) {
-+ struct sock *sk;
-+ if (!(*pskb)->mark) {
-+ sk = __udp4_lib_lookup(src_ip, src_port, ip, port,
-+ dif, udp_hash);
-+
-+ if (sk && hooknum==NF_IP_LOCAL_IN) {
-+ mark=sk->sk_nid;
-+ }
-+
-+ if (sk) {
-+ sock_put(sk);
-+ }
-+ }
-+ else
-+ if ((*pskb)->mark>0) /* The packet is marked, it's going out */
-+ {
-+ ct->xid[0]=(*pskb)->mark;
-+ }
-+ }
-+ else if (proto == 6) /* TCP */{
-+ int sockettype=0; /* Established socket */
-+ /* Looks for an established socket or a listening socket corresponding to the 4-tuple, in
-+ * that order. The order is important for Codemux connections to be handled properly */
-+
-+ connection_sk = inet_lookup_established(&tcp_hashinfo, src_ip, src_port, ip, port, dif);
-+
-+ if (!connection_sk) {
-+ connection_sk = inet_lookup_listener(&tcp_hashinfo, ip, port, dif);
-+ sockettype=1; /* Listening socket */
-+ }
-+
-+ if (connection_sk) {
-+ /* The peercred is not set. We set it if the other side has an xid. */
-+ if (!PEERCRED_SET(connection_sk->sk_peercred.uid)
-+ && ct->xid[!dir]>0 && (sockettype==0)) {
-+ connection_sk->sk_peercred.gid = connection_sk->sk_peercred.uid = ct->xid[!dir];
-+ }
-+
-+ /* The peercred is set, and is not equal to the XID of 'the other side' */
-+ else if (PEERCRED_SET(connection_sk->sk_peercred.uid) && (connection_sk->sk_peercred.uid != ct->xid[!dir]) && (sockettype==0)) {
-+ mark = connection_sk->sk_peercred.uid;
-+ }
-+
-+ /* Has this connection already been tagged? */
-+ if (ct->xid[dir] < 1) {
-+ /* No - let's tag it */
-+ ct->xid[dir]=connection_sk->sk_nid;
-+
-+ }
-+
-+ if (mark==-1 && (ct->xid[dir]!= 0))
-+ mark = ct->xid[dir];
-+
-+ if (connection_sk->sk_state == TCP_TIME_WAIT) {
-+ inet_twsk_put(inet_twsk(connection_sk));
-+ break;
-+ }
-+ else
-+ sock_put(connection_sk);
- }
-
-+ /* All else failed. Is this a connection over raw sockets? That explains
-+ * why we couldn't get anything out of skb->sk, or look up a "real" connection.*/
-+ if (ct->xid[dir]<1) {
-+ if ((*pskb)->skb_tag) {
-+ ct->xid[dir]=(*pskb)->skb_tag;
-+ }
-+ }
-+
-+ /* Covers CoDemux case */
-+ if (mark < 1 && (ct->xid[dir]>0)) {
-+ mark = ct->xid[dir];
-+ }
-+
-+ if (mark < 1 && (ct->xid[!dir]>0)) {
-+ mark = ct->xid[!dir];
-+ }
-+ break;
-+ }
++ case XT_MARK_COPYXID:
++ dif = ((struct rtable *)(*pskb)->dst)->rt_iif;
++
++ ct = nf_ct_get((*pskb), &ctinfo);
++ if (!ct)
++ break;
++
++ dir = CTINFO2DIR(ctinfo);
++ src_ip = ct->tuplehash[dir].tuple.src.u3.ip;
++ dst_ip = ct->tuplehash[dir].tuple.dst.u3.ip;
++ src_port = get_src_port(&ct->tuplehash[dir].tuple);
++ proto = ct->tuplehash[dir].tuple.dst.protonum;
++
++ ip = ct->tuplehash[dir].tuple.dst.u3.ip;
++ port = get_dst_port(&ct->tuplehash[dir].tuple);
++
++ if (proto == 1) {
++ if ((*pskb)->mark > 0)
++ /* The packet is marked, it's going out */
++ ct->xid[0] = (*pskb)->mark;
++
++ if (ct->xid[0] > 0)
++ mark = ct->xid[0];
+ }
-+ if (mark != -1) {
- (*pskb)->mark = mark;
++ else if (proto == 17) {
++ struct sock *sk;
++ if (!(*pskb)->mark) {
++ sk = __udp4_lib_lookup(src_ip, src_port,
++ ip, port, dif, udp_hash);
++
++ if (sk && hooknum == NF_IP_LOCAL_IN)
++ mark = sk->sk_nid;
++
++ if (sk)
++ sock_put(sk);
++ }
++ else if ((*pskb)->mark > 0)
++ /* The packet is marked, it's going out */
++ ct->xid[0] = (*pskb)->mark;
+ }
-+
-+ curtag=&__get_cpu_var(sknid_elevator);
-+ if (mark > 0 && *curtag==-2 && hooknum==NF_IP_LOCAL_IN)
-+ {
-+ *curtag = mark;
++ else if (proto == 6) /* TCP */{
++ int sockettype = 0; /* Established socket */
++
++ /* Looks for an established socket or a listening
++ socket corresponding to the 4-tuple, in that order.
++ The order is important for Codemux connections
++ to be handled properly */
++
++ connection_sk = inet_lookup_established(&tcp_hashinfo,
++ src_ip, src_port, ip, port, dif);
++
++ if (!connection_sk) {
++ connection_sk = inet_lookup_listener(&tcp_hashinfo,
++ ip, port, dif);
++ sockettype = 1; /* Listening socket */
++ }
++
++ if (connection_sk) {
++ /* The peercred is not set. We set it if the other side has an xid. */
++ if (!PEERCRED_SET(connection_sk->sk_peercred.uid)
++ && ct->xid[!dir] > 0 && (sockettype == 0)) {
++ connection_sk->sk_peercred.gid =
++ connection_sk->sk_peercred.uid = ct->xid[!dir];
++ }
++
++ /* The peercred is set, and is not equal to the XID of 'the other side' */
++ else if (PEERCRED_SET(connection_sk->sk_peercred.uid) &&
++ (connection_sk->sk_peercred.uid != ct->xid[!dir]) &&
++ (sockettype == 0)) {
++ mark = connection_sk->sk_peercred.uid;
++ }
++
++ /* Has this connection already been tagged? */
++ if (ct->xid[dir] < 1) {
++ /* No - let's tag it */
++ ct->xid[dir]=connection_sk->sk_nid;
++ }
++
++ if (mark == -1 && (ct->xid[dir] != 0))
++ mark = ct->xid[dir];
++
++ if (connection_sk->sk_state == TCP_TIME_WAIT) {
++ inet_twsk_put(inet_twsk(connection_sk));
++ break;
++ } else
++ sock_put(connection_sk);
++ }
++
++ /* All else failed. Is this a connection over raw sockets?
++ That explains why we couldn't get anything out of skb->sk,
++ or look up a "real" connection. */
++ if (ct->xid[dir] < 1) {
++ if ((*pskb)->skb_tag)
++ ct->xid[dir] = (*pskb)->skb_tag;
++ }
++
++ /* Covers CoDemux case */
++ if (mark < 1 && (ct->xid[dir] > 0))
++ mark = ct->xid[dir];
++
++ if (mark < 1 && (ct->xid[!dir] > 0))
++ mark = ct->xid[!dir];
++ break;
+ }
+ }
++ if (mark != -1)
++ skb->mark = mark;
++
++ curtag = &__get_cpu_var(sknid_elevator);
++ if (mark > 0 && *curtag == -2 && hooknum == NF_IP_LOCAL_IN)
++ *curtag = mark;
+
+- skb->mark = mark;
return XT_CONTINUE;
}
--
- static int
- checkentry_v0(const char *tablename,
- const void *entry,
-@@ -92,7 +330,8 @@
+@@ -95,7 +330,8 @@ mark_tg_check_v1(const char *tablename,
if (markinfo->mode != XT_MARK_SET
&& markinfo->mode != XT_MARK_AND
+ && markinfo->mode != XT_MARK_COPYXID) {
printk(KERN_WARNING "MARK: unknown mode %u\n",
markinfo->mode);
- return 0;
-diff -Nurb linux-2.6.22-521/net/netfilter/xt_SETXID.c linux-2.6.22-522/net/netfilter/xt_SETXID.c
---- linux-2.6.22-521/net/netfilter/xt_SETXID.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22-522/net/netfilter/xt_SETXID.c 2008-09-17 17:59:53.000000000 -0400
+ return false;
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_SETXID.c linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_SETXID.c
+--- linux-2.6.27.10-vs2.3.x-P/net/netfilter/xt_SETXID.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P522/net/netfilter/xt_SETXID.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,79 @@
+#include <linux/module.h>
+#include <linux/skbuff.h>
+
+module_init(init);
+module_exit(fini);
+
+; fixup
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/nf_conntrack_core.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/nf_conntrack_core.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/nf_conntrack_core.c 2009-01-25 02:29:31.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/nf_conntrack_core.c 2009-01-24 23:22:04.000000000 +0100
+@@ -595,8 +595,8 @@ init_conntrack(const struct nf_conntrack
+ /* Overload tuple linked list to put us in unconfirmed list. */
+ hlist_add_head(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnode, &unconfirmed);
+
+- conntrack->xid[IP_CT_DIR_ORIGINAL] = -1;
+- conntrack->xid[IP_CT_DIR_REPLY] = -1;
++ ct->xid[IP_CT_DIR_ORIGINAL] = -1;
++ ct->xid[IP_CT_DIR_REPLY] = -1;
+
+ spin_unlock_bh(&nf_conntrack_lock);
+
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/xt_MARK.c linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/xt_MARK.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/net/netfilter/xt_MARK.c 2009-01-25 02:29:31.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/net/netfilter/xt_MARK.c 2009-01-25 00:06:34.000000000 +0100
+@@ -19,6 +19,7 @@
+ #include <net/checksum.h>
+ #include <net/route.h>
+ #include <net/inet_hashtables.h>
++#include <net/net_namespace.h>
+
+ #include <net/netfilter/nf_conntrack.h>
+ #include <linux/netfilter/x_tables.h>
+@@ -182,9 +183,9 @@ mark_tg_v1(struct sk_buff *skb, const st
+ break;
+
+ case XT_MARK_COPYXID:
+- dif = ((struct rtable *)(*pskb)->dst)->rt_iif;
++ dif = ((struct rtable *)(skb->dst))->rt_iif;
+
+- ct = nf_ct_get((*pskb), &ctinfo);
++ ct = nf_ct_get(skb, &ctinfo);
+ if (!ct)
+ break;
+
+@@ -198,43 +199,44 @@ mark_tg_v1(struct sk_buff *skb, const st
+ port = get_dst_port(&ct->tuplehash[dir].tuple);
+
+ if (proto == 1) {
+- if ((*pskb)->mark > 0)
++ if (skb->mark > 0)
+ /* The packet is marked, it's going out */
+- ct->xid[0] = (*pskb)->mark;
++ ct->xid[0] = skb->mark;
+
+ if (ct->xid[0] > 0)
+ mark = ct->xid[0];
+ }
+ else if (proto == 17) {
+ struct sock *sk;
+- if (!(*pskb)->mark) {
++ if (!skb->mark) {
+ sk = __udp4_lib_lookup(src_ip, src_port,
+ ip, port, dif, udp_hash);
+
+- if (sk && hooknum == NF_IP_LOCAL_IN)
++ if (sk && hooknum == NF_INET_LOCAL_IN)
+ mark = sk->sk_nid;
+
+ if (sk)
+ sock_put(sk);
+ }
+- else if ((*pskb)->mark > 0)
++ else if (skb->mark > 0)
+ /* The packet is marked, it's going out */
+- ct->xid[0] = (*pskb)->mark;
++ ct->xid[0] = skb->mark;
+ }
+ else if (proto == 6) /* TCP */{
+ int sockettype = 0; /* Established socket */
++ struct net *net = &init_net;
+
+ /* Looks for an established socket or a listening
+ socket corresponding to the 4-tuple, in that order.
+ The order is important for Codemux connections
+ to be handled properly */
+
+- connection_sk = inet_lookup_established(&tcp_hashinfo,
+- src_ip, src_port, ip, port, dif);
++ connection_sk = inet_lookup_established(net,
++ &tcp_hashinfo, src_ip, src_port, ip, port, dif);
+
+ if (!connection_sk) {
+- connection_sk = inet_lookup_listener(&tcp_hashinfo,
+- ip, port, dif);
++ connection_sk = inet_lookup_listener(net,
++ &tcp_hashinfo, ip, port, dif);
+ sockettype = 1; /* Listening socket */
+ }
+
+@@ -273,8 +275,8 @@ mark_tg_v1(struct sk_buff *skb, const st
+ That explains why we couldn't get anything out of skb->sk,
+ or look up a "real" connection. */
+ if (ct->xid[dir] < 1) {
+- if ((*pskb)->skb_tag)
+- ct->xid[dir] = (*pskb)->skb_tag;
++ if (skb->skb_tag)
++ ct->xid[dir] = skb->skb_tag;
+ }
+
+ /* Covers CoDemux case */
+@@ -290,7 +292,7 @@ mark_tg_v1(struct sk_buff *skb, const st
+ skb->mark = mark;
+
+ curtag = &__get_cpu_var(sknid_elevator);
+- if (mark > 0 && *curtag == -2 && hooknum == NF_IP_LOCAL_IN)
++ if (mark > 0 && *curtag == -2 && hooknum == NF_INET_LOCAL_IN)
+ *curtag = mark;
+
+ return XT_CONTINUE;
-diff -Nurb linux-2.6.22-510/include/linux/vserver/network.h linux-2.6.22-520/include/linux/vserver/network.h
---- linux-2.6.22-510/include/linux/vserver/network.h 2008-06-06 17:07:48.000000000 -0400
-+++ linux-2.6.22-520/include/linux/vserver/network.h 2008-06-06 17:07:56.000000000 -0400
-@@ -47,6 +47,8 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/include/linux/vserver/network.h linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/vserver/network.h
+--- linux-2.6.27.10-vs2.3.x-PS-522/include/linux/vserver/network.h 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/vserver/network.h 2009-01-21 03:22:02.000000000 +0100
+@@ -47,6 +47,8 @@ static inline uint64_t __nxf_init_set(vo
#define NXC_TUN_CREATE 0x00000001
#define NXC_RAW_ICMP 0x00000100
/* address types */
-diff -Nurb linux-2.6.22-510/include/net/raw.h linux-2.6.22-520/include/net/raw.h
---- linux-2.6.22-510/include/net/raw.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-520/include/net/raw.h 2008-06-06 17:07:56.000000000 -0400
-@@ -36,7 +36,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/core/sock.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c
+--- linux-2.6.27.10-vs2.3.x-PS-522/net/core/sock.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c 2009-01-21 03:27:01.000000000 +0100
+@@ -381,7 +381,7 @@ static int sock_bindtodevice(struct sock
- extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num,
- __be32 raddr, __be32 laddr,
-- int dif);
-+ int dif, int tag);
+ /* Sorry... */
+ ret = -EPERM;
+- if (!capable(CAP_NET_RAW))
++ if (!nx_capable(CAP_NET_RAW, NXC_RAW_SOCKET))
+ goto out;
- extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash);
-
-diff -Nurb linux-2.6.22-510/net/core/sock.c linux-2.6.22-520/net/core/sock.c
---- linux-2.6.22-510/net/core/sock.c 2008-06-06 17:07:48.000000000 -0400
-+++ linux-2.6.22-520/net/core/sock.c 2008-06-06 17:07:56.000000000 -0400
-@@ -444,6 +444,19 @@
+ ret = -EINVAL;
+@@ -515,6 +515,19 @@ set_sndbuf:
}
goto set_sndbuf;
case SO_RCVBUF:
/* Don't error on this BSD doesn't and if you think
about it this is right. Otherwise apps have to
-@@ -573,7 +586,7 @@
- char devname[IFNAMSIZ];
-
- /* Sorry... */
-- if (!capable(CAP_NET_RAW)) {
-+ if (!nx_capable(CAP_NET_RAW, NXC_RAW_SOCKET)) {
- ret = -EPERM;
- break;
- }
-diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet.c
---- linux-2.6.22-510/net/ipv4/af_inet.c 2008-06-06 17:07:48.000000000 -0400
-+++ linux-2.6.22-520/net/ipv4/af_inet.c 2008-06-06 17:07:56.000000000 -0400
-@@ -312,6 +314,9 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/af_inet.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/af_inet.c
+--- linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/af_inet.c 2009-01-21 03:12:46.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/af_inet.c 2009-01-21 03:22:02.000000000 +0100
+@@ -331,6 +331,9 @@ lookup_protocol:
if ((protocol == IPPROTO_ICMP) &&
nx_capable(answer->capability, NXC_RAW_ICMP))
goto override;
if (answer->capability > 0 && !capable(answer->capability))
goto out_rcu_unlock;
override:
-diff -Nurb linux-2.6.22-510/net/ipv4/icmp.c linux-2.6.22-520/net/ipv4/icmp.c
---- linux-2.6.22-510/net/ipv4/icmp.c 2008-06-06 17:07:55.000000000 -0400
-+++ linux-2.6.22-520/net/ipv4/icmp.c 2008-06-06 17:07:56.000000000 -0400
-@@ -709,7 +709,7 @@
- if ((raw_sk = sk_head(&raw_v4_htable[hash])) != NULL) {
- while ((raw_sk = __raw_v4_lookup(raw_sk, protocol, iph->daddr,
- iph->saddr,
-- skb->dev->ifindex)) != NULL) {
-+ skb->dev->ifindex, skb->skb_tag)) != NULL) {
- raw_err(raw_sk, skb, info);
- raw_sk = sk_next(raw_sk);
- iph = (struct iphdr *)skb->data;
-diff -Nurb linux-2.6.22-510/net/ipv4/ip_options.c linux-2.6.22-520/net/ipv4/ip_options.c
---- linux-2.6.22-510/net/ipv4/ip_options.c 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-520/net/ipv4/ip_options.c 2008-06-06 17:07:56.000000000 -0400
-@@ -409,7 +409,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/ip_options.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/ip_options.c
+--- linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/ip_options.c 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/ip_options.c 2009-01-21 03:22:02.000000000 +0100
+@@ -397,7 +397,7 @@ int ip_options_compile(struct net *net,
optptr[2] += 8;
break;
default:
pp_ptr = optptr + 3;
goto error;
}
-@@ -445,7 +445,7 @@
+@@ -433,7 +433,7 @@ int ip_options_compile(struct net *net,
opt->router_alert = optptr - iph;
break;
case IPOPT_CIPSO:
pp_ptr = optptr;
goto error;
}
-@@ -458,7 +458,7 @@
+@@ -446,7 +446,7 @@ int ip_options_compile(struct net *net,
case IPOPT_SEC:
case IPOPT_SID:
default:
pp_ptr = optptr;
goto error;
}
-diff -Nurb linux-2.6.22-510/net/ipv4/raw.c linux-2.6.22-520/net/ipv4/raw.c
---- linux-2.6.22-510/net/ipv4/raw.c 2008-06-06 17:07:48.000000000 -0400
-+++ linux-2.6.22-520/net/ipv4/raw.c 2008-06-06 17:07:56.000000000 -0400
-@@ -103,7 +103,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/raw.c linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/raw.c
+--- linux-2.6.27.10-vs2.3.x-PS-522/net/ipv4/raw.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523/net/ipv4/raw.c 2009-01-21 03:26:02.000000000 +0100
+@@ -108,7 +108,7 @@ void raw_unhash_sk(struct sock *sk)
+ EXPORT_SYMBOL_GPL(raw_unhash_sk);
- struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num,
- __be32 raddr, __be32 laddr,
-- int dif)
-+ int dif, int tag)
+ static struct sock *__raw_v4_lookup(struct net *net, struct sock *sk,
+- unsigned short num, __be32 raddr, __be32 laddr, int dif)
++ unsigned short num, __be32 raddr, __be32 laddr, int dif, int tag)
{
struct hlist_node *node;
-@@ -112,6 +112,7 @@
+@@ -117,6 +117,7 @@ static struct sock *__raw_v4_lookup(stru
- if (inet->num == num &&
+ if (net_eq(sock_net(sk), net) && inet->num == num &&
!(inet->daddr && inet->daddr != raddr) &&
+ (!sk->sk_nx_info || tag == 1 || sk->sk_nid == tag) &&
v4_sock_addr_match(sk->sk_nx_info, inet, laddr) &&
!(sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif))
goto found; /* gotcha */
-@@ -161,7 +162,7 @@
- goto out;
- sk = __raw_v4_lookup(__sk_head(head), iph->protocol,
+@@ -169,7 +170,7 @@ static int raw_v4_input(struct sk_buff *
+ net = dev_net(skb->dev);
+ sk = __raw_v4_lookup(net, __sk_head(head), iph->protocol,
iph->saddr, iph->daddr,
- skb->dev->ifindex);
+ skb->dev->ifindex, skb->skb_tag);
while (sk) {
delivered = 1;
-@@ -174,7 +175,7 @@
+@@ -182,7 +183,7 @@ static int raw_v4_input(struct sk_buff *
}
- sk = __raw_v4_lookup(sk_next(sk), iph->protocol,
+ sk = __raw_v4_lookup(net, sk_next(sk), iph->protocol,
iph->saddr, iph->daddr,
- skb->dev->ifindex);
+ skb->dev->ifindex, skb->skb_tag);
}
out:
- read_unlock(&raw_v4_lock);
-@@ -315,7 +316,7 @@
- }
+ read_unlock(&raw_v4_hashinfo.lock);
+@@ -277,8 +278,8 @@ void raw_icmp_error(struct sk_buff *skb,
+ net = dev_net(skb->dev);
+
+ while ((raw_sk = __raw_v4_lookup(net, raw_sk, protocol,
+- iph->daddr, iph->saddr,
+- skb->dev->ifindex)) != NULL) {
++ iph->daddr, iph->saddr, skb->dev->ifindex,
++ skb->skb_tag)) != NULL) {
+ raw_err(raw_sk, skb, info);
+ raw_sk = sk_next(raw_sk);
+ iph = (struct iphdr *)skb->data;
+@@ -373,7 +374,7 @@ static int raw_send_hdrinc(struct sock *
+ skb_transport_header(skb))->type);
err = -EPERM;
- if (!nx_check(0, VS_ADMIN) && !capable(CAP_NET_RAW) &&
sk->sk_nx_info &&
!v4_addr_in_nx_info(sk->sk_nx_info, iph->saddr, NXA_MASK_BIND))
goto error_free;
-
-
-diff -Nurb linux-2.6.22-510/include/linux/socket.h linux-2.6.22-520/include/linux/socket.h
---- linux-2.6.22-510/include/linux/socket.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-520/include/linux/socket.h 2008-06-06 17:07:56.000000000 -0400
-@@ -288,6 +288,8 @@
- #define SOL_TIPC 271
- #define SOL_RXRPC 272
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/socket.h linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/socket.h
+--- linux-2.6.27.10-vs2.3.x-PS-522-523/include/linux/socket.h 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/socket.h 2009-01-21 03:34:57.000000000 +0100
+@@ -296,6 +296,8 @@ struct ucred {
+ #define SOL_PPPOL2TP 273
+ #define SOL_BLUETOOTH 274
+#define SO_SETXID SO_PEERCRED
+
/* IPX options */
#define IPX_TYPE 1
-
-
---- linux-i686-2.6.22/net/core/sock.c.orig 2008-07-28 16:36:26.000000000 -0400
-+++ linux-i686-2.6.22/net/core/sock.c 2008-08-01 11:32:44.000000000 -0400
-@@ -455,6 +455,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/sock.c
+--- linux-2.6.27.10-vs2.3.x-PS-522-523/net/core/sock.c 2009-01-21 03:27:01.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/sock.c 2009-01-21 03:34:57.000000000 +0100
+@@ -526,6 +526,7 @@ set_sndbuf:
}
sk->sk_xid = val;
sk->sk_nid = val;
-diff -Nurb linux-2.6.22-524/include/linux/netdevice.h linux-2.6.22-525/include/linux/netdevice.h
---- linux-2.6.22-524/include/linux/netdevice.h 2008-07-27 22:06:14.000000000 -0400
-+++ linux-2.6.22-525/include/linux/netdevice.h 2008-07-27 22:17:30.000000000 -0400
-@@ -562,6 +562,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/netdevice.h linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/include/linux/netdevice.h
+--- linux-2.6.27.10-vs2.3.x-PS-522-523-524/include/linux/netdevice.h 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/include/linux/netdevice.h 2009-01-21 03:38:41.000000000 +0100
+@@ -857,6 +857,7 @@ static inline void netif_napi_del(struct
struct packet_type {
__be16 type; /* This is really htons(ether_type). */
struct net_device *dev; /* NULL is wildcarded here */
int (*func) (struct sk_buff *,
struct net_device *,
struct packet_type *,
-diff -Nurb linux-2.6.22-524/net/core/dev.c linux-2.6.22-525/net/core/dev.c
---- linux-2.6.22-524/net/core/dev.c 2008-07-27 22:06:20.000000000 -0400
-+++ linux-2.6.22-525/net/core/dev.c 2008-07-28 09:26:45.000000000 -0400
-@@ -97,6 +97,8 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/dev.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/core/dev.c
+--- linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/core/dev.c 2008-12-19 12:09:14.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/core/dev.c 2009-01-21 03:43:19.000000000 +0100
+@@ -99,6 +99,8 @@
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
#include <linux/stat.h>
+#include <linux/ip.h>
+#include <linux/tcp.h>
#include <linux/if_bridge.h>
+ #include <linux/if_macvlan.h>
#include <net/dst.h>
- #include <net/pkt_sched.h>
-@@ -1131,7 +1133,7 @@
+@@ -1318,7 +1320,7 @@ static void dev_queue_xmit_nit(struct sk
if ((ptype->dev == dev || !ptype->dev) &&
(ptype->af_packet_priv == NULL ||
(struct sock *)ptype->af_packet_priv != skb->sk)) {
if (!skb2)
break;
-@@ -1803,6 +1805,7 @@
- * the ingress scheduler, you just cant add policies on ingress.
- *
- */
-+
- static int ing_filter(struct sk_buff *skb)
- {
- struct Qdisc *q;
-@@ -1832,13 +1835,20 @@
+@@ -2170,6 +2172,10 @@ void netif_nit_deliver(struct sk_buff *s
+ rcu_read_unlock();
}
- #endif
+/* The code already makes the assumption that packet handlers run
+ * sequentially on the same CPU. -Sapan */
+DEFINE_PER_CPU(int, sknid_elevator) = 0;
+
- int netif_receive_skb(struct sk_buff *skb)
- {
- struct packet_type *ptype, *pt_prev;
+ /**
+ * netif_receive_skb - process receive buffer from network
+ * @skb: buffer to process
+@@ -2191,8 +2197,11 @@ int netif_receive_skb(struct sk_buff *sk
struct net_device *orig_dev;
+ struct net_device *null_or_orig;
int ret = NET_RX_DROP;
-+ int *cur_elevator=&__get_cpu_var(sknid_elevator);
++ int *cur_elevator = &__get_cpu_var(sknid_elevator);
__be16 type;
+ *cur_elevator = 0;
+
/* if we've gotten here through NAPI, check netpoll */
- if (skb->dev->poll && netpoll_rx(skb))
+ if (netpoll_receive_skb(skb))
return NET_RX_DROP;
-@@ -1873,8 +1883,9 @@
-
- list_for_each_entry_rcu(ptype, &ptype_all, list) {
- if (!ptype->dev || ptype->dev == skb->dev) {
-- if (pt_prev)
-+ if (pt_prev) {
- ret = deliver_skb(skb, pt_prev, orig_dev);
-+ }
- pt_prev = ptype;
- }
- }
-@@ -1913,7 +1924,27 @@
+@@ -2269,7 +2278,27 @@ ncls:
}
if (pt_prev) {
} else {
kfree_skb(skb);
/* Jamal, now you will not able to escape explaining
-@@ -3780,6 +3811,7 @@
+@@ -4892,6 +4921,7 @@ EXPORT_SYMBOL(unregister_netdevice_notif
EXPORT_SYMBOL(net_enable_timestamp);
EXPORT_SYMBOL(net_disable_timestamp);
EXPORT_SYMBOL(dev_get_flags);
#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE)
EXPORT_SYMBOL(br_handle_frame_hook);
-diff -Nurb linux-2.6.22-524/net/packet/af_packet.c linux-2.6.22-525/net/packet/af_packet.c
---- linux-2.6.22-524/net/packet/af_packet.c 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-525/net/packet/af_packet.c 2008-07-27 22:06:27.000000000 -0400
-@@ -78,6 +78,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/packet/af_packet.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/packet/af_packet.c
+--- linux-2.6.27.10-vs2.3.x-PS-522-523-524/net/packet/af_packet.c 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/net/packet/af_packet.c 2009-01-21 03:38:41.000000000 +0100
+@@ -77,6 +77,7 @@
#include <linux/poll.h>
#include <linux/module.h>
#include <linux/init.h>
#ifdef CONFIG_INET
#include <net/inet_common.h>
-@@ -246,10 +247,53 @@
+@@ -276,10 +277,53 @@ static const struct proto_ops packet_ops
static const struct proto_ops packet_ops_spkt;
/*
* When we registered the protocol we saved the socket in the data
-@@ -269,6 +313,16 @@
+@@ -299,6 +343,16 @@ static int packet_rcv_spkt(struct sk_buf
* so that this procedure is noop.
*/
if (skb->pkt_type == PACKET_LOOPBACK)
goto out;
-@@ -324,6 +378,9 @@
+@@ -357,6 +411,9 @@ static int packet_sendmsg_spkt(struct ki
__be16 proto=0;
int err;
/*
* Get and verify the address.
*/
-@@ -416,11 +473,16 @@
+@@ -449,11 +506,16 @@ out_unlock:
return err;
}
rcu_read_lock_bh();
filter = rcu_dereference(sk->sk_filter);
if (filter != NULL)
-@@ -711,6 +773,9 @@
+@@ -773,6 +835,9 @@ static int packet_sendmsg(struct kiocb *
unsigned char *addr;
int ifindex, err, reserve = 0;
/*
* Get and verify the address.
*/
-@@ -880,6 +945,7 @@
+@@ -939,6 +1004,7 @@ static int packet_do_bind(struct sock *s
po->num = protocol;
po->prot_hook.type = protocol;
po->prot_hook.dev = dev;
po->ifindex = dev ? dev->ifindex : 0;
-@@ -984,8 +1050,9 @@
+@@ -1037,8 +1103,9 @@ static int packet_create(struct net *net
__be16 proto = (__force __be16)protocol; /* weird, but documented */
int err;
if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW &&
sock->type != SOCK_PACKET)
return -ESOCKTNOSUPPORT;
-@@ -1016,6 +1083,7 @@
+@@ -1069,6 +1136,7 @@ static int packet_create(struct net *net
spin_lock_init(&po->bind_lock);
po->prot_hook.func = packet_rcv;
-diff -Nurb linux-2.6.22-525/drivers/net/Makefile linux-2.6.22-526/drivers/net/Makefile
---- linux-2.6.22-525/drivers/net/Makefile 2008-07-13 23:58:01.000000000 -0400
-+++ linux-2.6.22-526/drivers/net/Makefile 2008-07-13 23:58:45.000000000 -0400
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/Makefile linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/Makefile
+--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/Makefile 2008-10-13 14:52:02.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/Makefile 2009-01-21 03:45:50.000000000 +0100
@@ -1,7 +1,7 @@
#
# Makefile for the Linux network (ethercard) device drivers.
+obj-m += vnet_tun.o
obj-$(CONFIG_E1000) += e1000/
obj-$(CONFIG_E1000E) += e1000e/
- obj-$(CONFIG_IBM_EMAC) += ibm_emac/
-diff -Nurb linux-2.6.22-525/drivers/net/vnet_tun.c linux-2.6.22-526/drivers/net/vnet_tun.c
---- linux-2.6.22-525/drivers/net/vnet_tun.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22-526/drivers/net/vnet_tun.c 2008-07-14 16:22:57.000000000 -0400
+ obj-$(CONFIG_IBM_NEW_EMAC) += ibm_newemac/
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/vnet_tun.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/vnet_tun.c
+--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525/drivers/net/vnet_tun.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/drivers/net/vnet_tun.c 2009-01-21 03:45:50.000000000 +0100
@@ -0,0 +1,725 @@
+/*
+ * TUN - Universal TUN/TAP device driver.
+module_init(tun_init);
+module_cleanup(tun_cleanup);
+MODULE_LICENSE("GPL");
+
+; fixup
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/tun.c linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/tun.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/tun.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/tun.c 2009-01-24 20:23:36.000000000 +0100
+@@ -81,33 +81,6 @@ static int debug;
+ #define DBG1( a... )
+ #endif
+
+-#define FLT_EXACT_COUNT 8
+-struct tap_filter {
+- unsigned int count; /* Number of addrs. Zero means disabled */
+- u32 mask[2]; /* Mask of the hashed addrs */
+- unsigned char addr[FLT_EXACT_COUNT][ETH_ALEN];
+-};
+-
+-struct tun_struct {
+- struct list_head list;
+- unsigned int flags;
+- int attached;
+- uid_t owner;
+- gid_t group;
+- nid_t nid;
+-
+- wait_queue_head_t read_wait;
+- struct sk_buff_head readq;
+-
+- struct net_device *dev;
+- struct fasync_struct *fasync;
+-
+- struct tap_filter txflt;
+-
+-#ifdef TUN_DEBUG
+- int debug;
+-#endif
+-};
+
+ /* TAP filterting */
+ static void addr_hash_set(u32 *mask, const u8 *addr)
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/include/linux/if_tun.h linux-2.6.27.10-vs2.3.x-PS-02.1/include/linux/if_tun.h
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/include/linux/if_tun.h 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/include/linux/if_tun.h 2009-01-24 20:23:47.000000000 +0100
+@@ -83,4 +83,32 @@ struct tun_filter {
+ __u8 addr[0][ETH_ALEN];
+ };
+
++#define FLT_EXACT_COUNT 8
++struct tap_filter {
++ unsigned int count; /* Number of addrs. Zero means disabled */
++ u32 mask[2]; /* Mask of the hashed addrs */
++ unsigned char addr[FLT_EXACT_COUNT][ETH_ALEN];
++};
++
++struct tun_struct {
++ struct list_head list;
++ unsigned int flags;
++ int attached;
++ uid_t owner;
++ gid_t group;
++ nid_t nid;
++
++ wait_queue_head_t read_wait;
++ struct sk_buff_head readq;
++
++ struct net_device *dev;
++ struct fasync_struct *fasync;
++
++ struct tap_filter txflt;
++
++#ifdef TUN_DEBUG
++ int debug;
++#endif
++};
++
+ #endif /* __IF_TUN_H */
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/vnet_tun.c linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/vnet_tun.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/drivers/net/vnet_tun.c 2009-01-25 02:29:32.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/drivers/net/vnet_tun.c 2009-01-24 23:17:50.000000000 +0100
+@@ -133,14 +133,12 @@ static struct tun_struct *tun_get_by_xid
+ struct tun_struct *tun;
+
+ read_lock_bh(&tun_dev_hash_lock);
+-
+ list_for_each_entry(tun, &tun_dev_hash[__xidhashfn(xid)], list) {
+ if (tun->owner == xid) {
+ read_unlock_bh(&tun_dev_hash_lock);
+ return tun;
+ }
+ }
+-
+ read_unlock_bh(&tun_dev_hash_lock);
+
+ return NULL;
+@@ -173,7 +171,7 @@ static void tun_xmit(struct sk_buff *skb
+
+ drop:
+ if (tun)
+- tun->stats.tx_dropped++;
++ tun->dev->stats.tx_dropped++;
+ tun_stats.tx_dropped++;
+ }
+
+@@ -182,11 +180,12 @@ static int tun_net_xmit(struct sk_buff *
+ {
+ xid_t xid, skb_xid;
+ struct tun_struct *tun;
+- skb_xid=get_skb_xid(skb);
+- if (skb_xid<1)
+- xid=get_sk_xid(skb->sk);
++
++ skb_xid = get_skb_xid(skb);
++ if (skb_xid < 1)
++ xid = get_sk_xid(skb->sk);
+ else
+- xid=skb_xid;
++ xid = skb_xid;
+
+ tun = tun_get_by_xid(xid);
+ /* Mark packet */
+@@ -214,7 +213,7 @@ static void tun_net_mclist(struct net_de
+ static struct net_device_stats *tun_net_stats(struct net_device *dev)
+ {
+ struct tun_struct *tun = tun_get_by_xid(current->xid);
+- return tun ? &tun->stats : &tun_stats;
++ return tun ? &tun->dev->stats : &tun_stats;
+ }
+
+ /* Character device part */
+@@ -263,7 +262,7 @@ static __inline__ ssize_t tun_get_user(s
+ }
+
+ if (!(skb = alloc_skb(len + 2, GFP_KERNEL))) {
+- tun->stats.rx_dropped++;
++ tun->dev->stats.rx_dropped++;
+ tun_stats.rx_dropped++;
+ return -ENOMEM;
+ }
+@@ -291,8 +290,8 @@ static __inline__ ssize_t tun_get_user(s
+
+ netif_rx_ni(skb);
+
+- tun->stats.rx_packets++;
+- tun->stats.rx_bytes += len;
++ tun->dev->stats.rx_packets++;
++ tun->dev->stats.rx_bytes += len;
+ tun_stats.rx_packets++;
+ tun_stats.rx_bytes += len;
+
+@@ -417,8 +416,8 @@ static __inline__ ssize_t tun_put_user(s
+ skb_copy_datagram_iovec(skb, 0, iv, len);
+ total += len;
+
+- tun->stats.tx_packets++;
+- tun->stats.tx_bytes += len;
++ tun->dev->stats.tx_packets++;
++ tun->dev->stats.tx_bytes += len;
+ tun_stats.tx_packets++;
+ tun_stats.tx_bytes += len;
+
+@@ -688,7 +687,7 @@ int __init tun_init(void)
+ dev->flags |= IFF_NOARP | IFF_POINTOPOINT;
+ dev->flags &= ~IFF_MULTICAST;
+
+- SET_MODULE_OWNER(dev);
++ // SET_MODULE_OWNER(dev);
+ dev->hard_start_xmit = tun_net_xmit;
+ dev->get_stats = tun_net_stats;
+
+@@ -721,5 +720,8 @@ void __exit tun_cleanup(void)
+ }
+
+ module_init(tun_init);
+-module_cleanup(tun_cleanup);
++module_exit(tun_cleanup);
++// MODULE_DESCRIPTION(DRV_DESCRIPTION);
++// MODULE_AUTHOR(DRV_COPYRIGHT);
++// MODULE_ALIAS_MISCDEV(TUN_MINOR);
+ MODULE_LICENSE("GPL");
+
+
-diff -Nurp linux-2.6.22-526/include/linux/netfilter/xt_CLASSIFY.h linux-2.6.22-527/include/linux/netfilter/xt_CLASSIFY.h
---- linux-2.6.22-526/include/linux/netfilter/xt_CLASSIFY.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-527/include/linux/netfilter/xt_CLASSIFY.h 2008-07-25 14:46:22.000000000 -0400
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/include/linux/netfilter/xt_CLASSIFY.h linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/include/linux/netfilter/xt_CLASSIFY.h
+--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/include/linux/netfilter/xt_CLASSIFY.h 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/include/linux/netfilter/xt_CLASSIFY.h 2009-01-21 03:49:25.000000000 +0100
@@ -3,6 +3,7 @@
struct xt_classify_target_info {
};
#endif /*_XT_CLASSIFY_H */
-diff -Nurp linux-2.6.22-526/net/netfilter/xt_CLASSIFY.c linux-2.6.22-527/net/netfilter/xt_CLASSIFY.c
---- linux-2.6.22-526/net/netfilter/xt_CLASSIFY.c 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-527/net/netfilter/xt_CLASSIFY.c 2008-07-25 14:50:50.000000000 -0400
-@@ -36,6 +36,9 @@ target(struct sk_buff **pskb,
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/net/netfilter/xt_CLASSIFY.c linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/net/netfilter/xt_CLASSIFY.c
+--- linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526/net/netfilter/xt_CLASSIFY.c 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-PS-522-523-524-525-526-527/net/netfilter/xt_CLASSIFY.c 2009-01-21 03:51:49.000000000 +0100
+@@ -34,6 +34,9 @@ classify_tg(struct sk_buff *skb, const s
const struct xt_classify_target_info *clinfo = targinfo;
- (*pskb)->priority = clinfo->priority;
+ skb->priority = clinfo->priority;
+ if (clinfo->add_mark)
-+ (*pskb)->priority += (*pskb)->mark;
++ skb->priority += skb->mark;
+
return XT_CONTINUE;
}
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl04/scripts/mkcompile_h linux-2.6.22.10-vs2.3.0.29-pl05/scripts/mkcompile_h
---- linux-2.6.22.10-vs2.3.0.29-pl04/scripts/mkcompile_h 2007-07-21 18:00:28.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl05/scripts/mkcompile_h 2007-11-14 17:08:09.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/scripts/mkcompile_h linux-2.6.27.10-vs2.3.x-P530/scripts/mkcompile_h
+--- linux-2.6.27.10-vs2.3.x-P/scripts/mkcompile_h 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P530/scripts/mkcompile_h 2009-01-12 01:18:23.000000000 +0100
@@ -60,8 +60,8 @@ UTS_TRUNCATE="sed -e s/\(.\{1,$UTS_LEN\}
echo \#define UTS_VERSION \"`echo $UTS_VERSION | $UTS_TRUNCATE`\"
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/init/Kconfig linux-2.6.22.10-vs2.3.0.29-pl06/init/Kconfig
---- linux-2.6.22.10-vs2.3.0.29-pl05/init/Kconfig 2007-09-29 08:11:49.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl06/init/Kconfig 2007-11-14 17:09:01.000000000 -0500
-@@ -281,6 +281,23 @@ config LOG_BUF_SHIFT
- 13 => 8 KB
- 12 => 4 KB
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/init/Kconfig linux-2.6.27.10-vs2.3.x-P540/init/Kconfig
+--- linux-2.6.27.10-vs2.3.x-P/init/Kconfig 2008-10-13 14:52:09.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P540/init/Kconfig 2009-01-12 01:18:23.000000000 +0100
+@@ -306,6 +306,23 @@ config CGROUP_DEVICE
+ Provides a cgroup implementing whitelists for devices which
+ a process in the cgroup can mknod or open.
+config OOM_PANIC
+ bool "OOM Panic"
+
config CPUSETS
bool "Cpuset support"
- depends on SMP
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_kill.c linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_kill.c
---- linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_kill.c 2007-10-29 21:23:59.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_kill.c 2007-11-14 17:09:01.000000000 -0500
-@@ -169,6 +169,11 @@ unsigned long badness(struct task_struct
+ depends on SMP && CGROUPS
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/mm/oom_kill.c linux-2.6.27.10-vs2.3.x-P540/mm/oom_kill.c
+--- linux-2.6.27.10-vs2.3.x-P/mm/oom_kill.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P540/mm/oom_kill.c 2009-01-12 01:18:23.000000000 +0100
+@@ -176,6 +176,11 @@ unsigned long badness(struct task_struct
return points;
}
+
+#ifdef CONFIG_OOM_KILLER
/*
- * Types of limitations to the nodes from which allocations may occur
+ * Determine the type of allocation constraint.
*/
-@@ -481,3 +486,37 @@ out:
+@@ -597,3 +602,37 @@ out:
if (!test_thread_flag(TIF_MEMDIE))
schedule_timeout_uninterruptible(1);
}
+ spin_unlock(&oom_lock);
+}
+#endif /* CONFIG_OOM_PANIC */
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_panic.c linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_panic.c
---- linux-2.6.22.10-vs2.3.0.29-pl05/mm/oom_panic.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.22.10-vs2.3.0.29-pl06/mm/oom_panic.c 2007-11-14 17:09:01.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/mm/oom_panic.c linux-2.6.27.10-vs2.3.x-P540/mm/oom_panic.c
+--- linux-2.6.27.10-vs2.3.x-P/mm/oom_panic.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P540/mm/oom_panic.c 2009-01-12 01:18:23.000000000 +0100
@@ -0,0 +1,51 @@
+/*
+ * Just panic() instead of the default behavior of selecting processes
+out_unlock:
+ spin_unlock(&oom_lock);
+}
+
+; fixup
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/mm/oom_kill.c linux-2.6.27.10-vs2.3.x-PS-02.1/mm/oom_kill.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/mm/oom_kill.c 2009-01-25 02:29:32.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/mm/oom_kill.c 2009-01-25 02:05:07.000000000 +0100
+@@ -454,6 +454,7 @@ out:
+ read_unlock(&tasklist_lock);
+ cgroup_unlock();
+ }
++
+ #endif
+
+ static BLOCKING_NOTIFIER_HEAD(oom_notify_list);
+@@ -519,6 +520,7 @@ void clear_zonelist_oom(struct zonelist
+ }
+ spin_unlock(&zone_scan_mutex);
+ }
++EXPORT_SYMBOL_GPL(clear_zonelist_oom);
+
+ /**
+ * out_of_memory - kill the "best" process when we run out of memory
+@@ -635,4 +637,14 @@ void out_of_memory(struct zonelist *zone
+ }
+ spin_unlock(&oom_lock);
+ }
++
++#ifdef CONFIG_CGROUP_MEM_RES_CTLR
++void mem_cgroup_out_of_memory(struct mem_cgroup *mem, gfp_t gfp_mask)
++{
++ cgroup_lock();
++ panic("Memory cgroup out Of Memory");
++ cgroup_unlock();
++}
++
++#endif
+ #endif /* CONFIG_OOM_PANIC */
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/mm/page_alloc.c linux-2.6.27.10-vs2.3.x-PS-02.1/mm/page_alloc.c
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/mm/page_alloc.c 2008-12-19 12:09:14.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/mm/page_alloc.c 2009-01-25 00:37:42.000000000 +0100
+@@ -1583,11 +1583,12 @@ nofail_alloc:
+ if (page)
+ goto got_pg;
+ } else if ((gfp_mask & __GFP_FS) && !(gfp_mask & __GFP_NORETRY)) {
++#ifdef CONFIG_OOM_KILLER
+ if (!try_set_zone_oom(zonelist, gfp_mask)) {
+ schedule_timeout_uninterruptible(1);
+ goto restart;
+ }
+-
++#endif
+ /*
+ * Go through the zonelist yet one more time, keep
+ * very high watermark here, this is only to catch
+@@ -1598,18 +1599,24 @@ nofail_alloc:
+ order, zonelist, high_zoneidx,
+ ALLOC_WMARK_HIGH|ALLOC_CPUSET);
+ if (page) {
++#ifdef CONFIG_OOM_KILLER
+ clear_zonelist_oom(zonelist, gfp_mask);
++#endif
+ goto got_pg;
+ }
+
+ /* The OOM killer will not help higher order allocs so fail */
+ if (order > PAGE_ALLOC_COSTLY_ORDER) {
++#ifdef CONFIG_OOM_KILLER
+ clear_zonelist_oom(zonelist, gfp_mask);
++#endif
+ goto nopage;
+ }
+
+ out_of_memory(zonelist, gfp_mask, order);
++#ifdef CONFIG_OOM_KILLER
+ clear_zonelist_oom(zonelist, gfp_mask);
++#endif
+ goto restart;
+ }
+
-diff -Nurp linux-2.6.22.10-vs2.3.0.29-pl06/include/linux/fs.h linux-2.6.22.10-vs2.3.0.29-pl07/include/linux/fs.h
---- linux-2.6.22.10-vs2.3.0.29-pl06/include/linux/fs.h 2007-10-29 21:23:59.000000000 -0400
-+++ linux-2.6.22.10-vs2.3.0.29-pl07/include/linux/fs.h 2007-11-15 09:56:54.000000000 -0500
-@@ -22,7 +22,7 @@
- /* Fixed constants first: */
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/include/linux/fs.h linux-2.6.27.10-vs2.3.x-P550/include/linux/fs.h
+--- linux-2.6.27.10-vs2.3.x-P/include/linux/fs.h 2008-10-31 18:18:18.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P550/include/linux/fs.h 2009-01-12 02:42:12.000000000 +0100
+@@ -23,6 +23,7 @@
#undef NR_OPEN
- #define NR_OPEN (1024*1024) /* Absolute upper limit on fd num */
--#define INR_OPEN 1024 /* Initial setting for nfile rlimits */
+ extern int sysctl_nr_open;
+ #define INR_OPEN 1024 /* Initial setting for nfile rlimits */
+#define INR_OPEN 4096 /* Initial setting for nfile rlimits */
#define BLOCK_SIZE_BITS 10
#define BLOCK_SIZE (1<<BLOCK_SIZE_BITS)
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-PS-02.0/include/linux/fs.h linux-2.6.27.10-vs2.3.x-PS-02.1/include/linux/fs.h
+--- linux-2.6.27.10-vs2.3.x-PS-02.0/include/linux/fs.h 2009-01-25 02:29:32.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-PS-02.1/include/linux/fs.h 2009-01-21 04:26:21.000000000 +0100
+@@ -22,7 +22,6 @@
+ /* Fixed constants first: */
+ #undef NR_OPEN
+ extern int sysctl_nr_open;
+-#define INR_OPEN 1024 /* Initial setting for nfile rlimits */
+ #define INR_OPEN 4096 /* Initial setting for nfile rlimits */
+
+ #define BLOCK_SIZE_BITS 10
-diff -Nurp linux-2.6.22-550/arch/i386/pci/common.c linux-2.6.22-560/arch/i386/pci/common.c
---- linux-2.6.22-550/arch/i386/pci/common.c 2007-07-21 17:58:15.000000000 -0400
-+++ linux-2.6.22-560/arch/i386/pci/common.c 2007-12-04 14:47:24.000000000 -0500
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/arch/x86/pci/common.c linux-2.6.27.10-vs2.3.x-P560/arch/x86/pci/common.c
+--- linux-2.6.27.10-vs2.3.x-P/arch/x86/pci/common.c 2008-10-13 14:51:59.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P560/arch/x86/pci/common.c 2009-01-15 00:02:44.000000000 +0100
@@ -17,8 +17,7 @@
#include "pci.h"
- PCI_PROBE_MMCONF;
+unsigned int pci_probe = PCI_PROBE_BIOS | PCI_PROBE_CONF1 | PCI_PROBE_CONF2;
+ unsigned int pci_early_dump_regs;
static int pci_bf_sort;
- int pci_routeirq;
-@@ -388,6 +387,10 @@ char * __devinit pcibios_setup(char *st
- pci_probe &= ~PCI_PROBE_MMCONF;
+@@ -477,6 +476,10 @@ char * __devinit pcibios_setup(char *st
+ pci_probe |= PCI_CHECK_ENABLE_AMD_MMCONF;
return NULL;
}
+ else if (!strcmp(str, "mmconf")) {
-diff -Nurp linux-2.6.22-560/fs/ext2/super.c linux-2.6.22-570/fs/ext2/super.c
---- linux-2.6.22-560/fs/ext2/super.c 2007-12-04 14:51:22.000000000 -0500
-+++ linux-2.6.22-570/fs/ext2/super.c 2007-12-05 16:19:17.000000000 -0500
-@@ -350,6 +350,7 @@ static match_table_t tokens = {
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/fs/ext2/super.c linux-2.6.27.10-vs2.3.x-P570/fs/ext2/super.c
+--- linux-2.6.27.10-vs2.3.x-P/fs/ext2/super.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P570/fs/ext2/super.c 2009-01-12 01:18:23.000000000 +0100
+@@ -420,6 +420,7 @@ static match_table_t tokens = {
{Opt_noacl, "noacl"},
{Opt_xip, "xip"},
{Opt_tag, "tag"},
{Opt_notag, "notag"},
{Opt_tagid, "tagid=%u"},
{Opt_grpquota, "grpquota"},
-diff -Nurp linux-2.6.22-560/fs/ext3/super.c linux-2.6.22-570/fs/ext3/super.c
---- linux-2.6.22-560/fs/ext3/super.c 2007-12-04 14:51:22.000000000 -0500
-+++ linux-2.6.22-570/fs/ext3/super.c 2007-12-05 16:19:02.000000000 -0500
-@@ -725,6 +725,7 @@ static match_table_t tokens = {
- {Opt_usrquota, "usrquota"},
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/fs/ext3/super.c linux-2.6.27.10-vs2.3.x-P570/fs/ext3/super.c
+--- linux-2.6.27.10-vs2.3.x-P/fs/ext3/super.c 2008-11-17 18:20:41.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P570/fs/ext3/super.c 2009-01-12 01:18:23.000000000 +0100
+@@ -809,6 +809,7 @@ static match_table_t tokens = {
{Opt_barrier, "barrier=%u"},
+ {Opt_resize, "resize"},
{Opt_tag, "tag"},
+ {Opt_tag, "tagxid"},
{Opt_notag, "notag"},
{Opt_tagid, "tagid=%u"},
{Opt_err, NULL},
-diff -Nurp linux-2.6.22-560/fs/ext4/super.c linux-2.6.22-570/fs/ext4/super.c
---- linux-2.6.22-560/fs/ext4/super.c 2007-12-04 14:51:22.000000000 -0500
-+++ linux-2.6.22-570/fs/ext4/super.c 2007-12-05 16:19:32.000000000 -0500
-@@ -777,6 +777,7 @@ static match_table_t tokens = {
- {Opt_barrier, "barrier=%u"},
- {Opt_extents, "extents"},
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/fs/ext4/super.c linux-2.6.27.10-vs2.3.x-P570/fs/ext4/super.c
+--- linux-2.6.27.10-vs2.3.x-P/fs/ext4/super.c 2008-12-08 04:52:52.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P570/fs/ext4/super.c 2009-01-12 01:18:23.000000000 +0100
+@@ -969,6 +969,7 @@ static match_table_t tokens = {
+ {Opt_delalloc, "delalloc"},
+ {Opt_nodelalloc, "nodelalloc"},
{Opt_tag, "tag"},
+ {Opt_tag, "tagxid"},
{Opt_notag, "notag"},
{Opt_tagid, "tagid=%u"},
{Opt_err, NULL},
-diff -Nurp linux-2.6.22-560/fs/jffs2/super.c linux-2.6.22-570/fs/jffs2/super.c
---- linux-2.6.22-560/fs/jffs2/super.c 2007-12-04 14:51:22.000000000 -0500
-+++ linux-2.6.22-570/fs/jffs2/super.c 2007-12-05 16:20:28.000000000 -0500
-@@ -82,6 +82,7 @@ enum {
-
- static match_table_t tokens = {
- {Opt_tag, "tag"},
-+ {Opt_tag, "tagxid"},
- {Opt_notag, "notag"},
- {Opt_err, NULL}
- };
-diff -Nurp linux-2.6.22-560/fs/ocfs2/super.c linux-2.6.22-570/fs/ocfs2/super.c
---- linux-2.6.22-560/fs/ocfs2/super.c 2007-12-04 14:51:23.000000000 -0500
-+++ linux-2.6.22-570/fs/ocfs2/super.c 2007-12-05 16:21:04.000000000 -0500
-@@ -156,6 +156,7 @@ static match_table_t tokens = {
- {Opt_data_writeback, "data=writeback"},
- {Opt_atime_quantum, "atime_quantum=%u"},
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/fs/ocfs2/super.c linux-2.6.27.10-vs2.3.x-P570/fs/ocfs2/super.c
+--- linux-2.6.27.10-vs2.3.x-P/fs/ocfs2/super.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P570/fs/ocfs2/super.c 2009-01-12 01:18:23.000000000 +0100
+@@ -175,6 +175,7 @@ static match_table_t tokens = {
+ {Opt_localflocks, "localflocks"},
+ {Opt_stack, "cluster_stack=%s"},
{Opt_tag, "tag"},
+ {Opt_tag, "tagxid"},
{Opt_notag, "notag"},
-diff -Nurp linux-2.6.22-570/kernel/vserver/context.c linux-2.6.22-580/kernel/vserver/context.c
---- linux-2.6.22-570/kernel/vserver/context.c 2008-02-15 20:36:20.000000000 +0100
-+++ linux-2.6.22-580/kernel/vserver/context.c 2008-02-15 20:39:37.000000000 +0100
-@@ -406,7 +406,7 @@ int get_xid_list(int index, unsigned int
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/kernel/vserver/context.c linux-2.6.27.10-vs2.3.x-P580/kernel/vserver/context.c
+--- linux-2.6.27.10-vs2.3.x-P/kernel/vserver/context.c 2008-10-31 03:56:55.000000000 +0100
++++ linux-2.6.27.10-vs2.3.x-P580/kernel/vserver/context.c 2009-01-12 01:18:23.000000000 +0100
+@@ -419,7 +419,7 @@ int get_xid_list(int index, unsigned int
int hindex, nr_xids = 0;
/* only show current and children */
if (index > 0)
return 0;
xids[nr_xids] = vx_current_xid();
-diff -Nurp linux-2.6.22-570/kernel/vserver/network.c linux-2.6.22-580/kernel/vserver/network.c
---- linux-2.6.22-570/kernel/vserver/network.c 2008-02-15 20:36:20.000000000 +0100
-+++ linux-2.6.22-580/kernel/vserver/network.c 2008-02-15 20:40:34.000000000 +0100
-@@ -390,7 +390,7 @@ int get_nid_list(int index, unsigned int
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/kernel/vserver/network.c linux-2.6.27.10-vs2.3.x-P580/kernel/vserver/network.c
+--- linux-2.6.27.10-vs2.3.x-P/kernel/vserver/network.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P580/kernel/vserver/network.c 2009-01-12 01:18:23.000000000 +0100
+@@ -392,7 +392,7 @@ int get_nid_list(int index, unsigned int
int hindex, nr_nids = 0;
/* only show current and children */
-diff -Nurp linux-2.6.22-620/fs/proc/proc_misc.c linux-2.6.22-630/fs/proc/proc_misc.c
---- linux-2.6.22-620/fs/proc/proc_misc.c 2008-06-25 14:49:41.000000000 -0400
-+++ linux-2.6.22-630/fs/proc/proc_misc.c 2008-07-08 16:12:39.000000000 -0400
-@@ -779,6 +779,34 @@ static const struct file_operations proc
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/fs/proc/proc_misc.c linux-2.6.27.10-vs2.3.x-P630/fs/proc/proc_misc.c
+--- linux-2.6.27.10-vs2.3.x-P/fs/proc/proc_misc.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P630/fs/proc/proc_misc.c 2009-01-12 01:18:23.000000000 +0100
+@@ -877,6 +877,34 @@ static struct file_operations proc_kpage
};
- #endif
+ #endif /* CONFIG_PROC_PAGE_MONITOR */
+extern char debug_630_dumped[4087];
+static int show_debug_630(struct seq_file *p, void *v)
+
struct proc_dir_entry *proc_root_kcore;
- void create_seq_entry(char *name, mode_t mode, const struct file_operations *f)
-@@ -871,4 +899,6 @@ void __init proc_misc_init(void)
- entry->proc_fops = &proc_sysrq_trigger_operations;
- }
+ void __init proc_misc_init(void)
+@@ -955,4 +983,6 @@ void __init proc_misc_init(void)
+ #ifdef CONFIG_MAGIC_SYSRQ
+ proc_create("sysrq-trigger", S_IWUSR, NULL, &proc_sysrq_trigger_operations);
#endif
+
+ create_seq_entry("debug_630", 0, &proc_debug_630_operations);
}
-diff -Nurp linux-2.6.22-620/kernel/sched.c linux-2.6.22-630/kernel/sched.c
---- linux-2.6.22-620/kernel/sched.c 2008-06-25 14:49:41.000000000 -0400
-+++ linux-2.6.22-630/kernel/sched.c 2008-07-07 16:29:49.000000000 -0400
-@@ -3635,6 +3635,12 @@ struct event_spec {
- };
- #endif
-
-+/* Bypass the vx_unhold infinite loop */
-+unsigned int merry;
-+char debug_630_dumped[4087] = { [0] = '\0' };
-+EXPORT_SYMBOL(merry);
-+EXPORT_SYMBOL(debug_630_dumped);
-+
- asmlinkage void __sched schedule(void)
- {
- struct task_struct *prev, *next;
-@@ -3722,14 +3728,43 @@ need_resched_nonpreemptible:
-
- cpu = smp_processor_id();
- vx_set_rq_time(rq, jiffies);
-+
-+ merry=0;
- try_unhold:
- vx_try_unhold(rq, cpu);
- pick_next:
-
- if (unlikely(!rq->nr_running)) {
- /* can we skip idle time? */
-- if (vx_try_skip(rq, cpu))
-+ if (vx_try_skip(rq, cpu) && merry<10) {
-+ merry++;
- goto try_unhold;
-+ }
-+ else if (merry==10 && !*debug_630_dumped) {
-+ char *ptr = debug_630_dumped;
-+#define append(...) ptr += snprintf(ptr, ((debug_630_dumped + sizeof(debug_630_dumped)) - ptr), __VA_ARGS__)
-+
-+ if (list_empty(&rq->hold_queue))
-+ append("hold queue is empty\n");
-+ else {
-+ struct list_head *l, *n;
-+ append("rq->norm_time = %lu, rq->idle_time = %lu, rq->idle_skip = %d\n",
-+ rq->norm_time, rq->idle_time, rq->idle_skip);
-+ list_for_each_safe(l, n, &rq->hold_queue) {
-+ struct task_struct *p;
-+ struct _vx_sched_pc *sched_pc;
-+ struct vx_info *vxi;
-+
-+ p = list_entry(l, struct task_struct, run_list);
-+ vxi = p->vx_info;
-+ sched_pc = &vx_per_cpu(vxi, sched_pc, cpu);
-+
-+ append("%u: sched_pc->norm_time = %lu, sched_pc->idle_time = %lu\n", vxi->vx_id,
-+ sched_pc->norm_time, sched_pc->idle_time);
-+ }
-+ }
-+ *ptr = '\0';
-+ }
-
- idle_balance(cpu, rq);
- if (!rq->nr_running) {
-diff -Nurp linux-2.6.22-630/net/netlink/af_netlink.c linux-2.6.22-640/net/netlink/af_netlink.c
---- linux-2.6.22-630/net/netlink/af_netlink.c 2008-04-09 18:46:27.000000000 +0200
-+++ linux-2.6.22-640/net/netlink/af_netlink.c 2008-05-05 19:20:02.000000000 +0200
-@@ -426,6 +426,11 @@ static int netlink_create(struct socket
- if (protocol<0 || protocol >= MAX_LINKS)
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/net/netlink/af_netlink.c linux-2.6.27.10-vs2.3.x-P640/net/netlink/af_netlink.c
+--- linux-2.6.27.10-vs2.3.x-P/net/netlink/af_netlink.c 2008-10-13 14:54:20.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P640/net/netlink/af_netlink.c 2009-01-12 01:18:23.000000000 +0100
+@@ -437,6 +437,11 @@ static int netlink_create(struct net *ne
+ if (protocol < 0 || protocol >= MAX_LINKS)
return -EPROTONOSUPPORT;
+#ifndef CONFIG_AUDIT
---- linux-2.6.22-640/drivers/char/hangcheck-timer.c 2007-07-09 01:32:17.000000000 +0200
-+++ linux-2.6.22-650/drivers/char/hangcheck-timer.c 2008-11-25 10:22:00.000000000 +0100
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/drivers/char/hangcheck-timer.c linux-2.6.27.10-vs2.3.x-P650/drivers/char/hangcheck-timer.c
+--- linux-2.6.27.10-vs2.3.x-P/drivers/char/hangcheck-timer.c 2008-07-13 23:51:29.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P650/drivers/char/hangcheck-timer.c 2009-01-12 01:18:23.000000000 +0100
@@ -57,7 +57,7 @@
static int hangcheck_tick = DEFAULT_IOFENCE_TICK;
-diff -Nurb linux-2.6.22-650/include/asm-i386/nmi.h linux-2.6.22-660/include/asm-i386/nmi.h
---- linux-2.6.22-650/include/asm-i386/nmi.h 2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-660/include/asm-i386/nmi.h 2008-08-12 14:51:44.000000000 -0400
-@@ -33,7 +33,7 @@
+diff -NurpP --exclude '*.orig' --exclude '*.rej' linux-2.6.27.10-vs2.3.x-P/arch/x86/kernel/nmi.c linux-2.6.27.10-vs2.3.x-P660/arch/x86/kernel/nmi.c
+--- linux-2.6.27.10-vs2.3.x-P/arch/x86/kernel/nmi.c 2008-10-13 14:51:58.000000000 +0200
++++ linux-2.6.27.10-vs2.3.x-P660/arch/x86/kernel/nmi.c 2009-01-21 02:24:07.000000000 +0100
+@@ -52,7 +52,7 @@ static cpumask_t backtrace_mask = CPU_MA
+ atomic_t nmi_active = ATOMIC_INIT(0); /* oprofile uses this */
+ EXPORT_SYMBOL(nmi_active);
- extern atomic_t nmi_active;
- extern unsigned int nmi_watchdog;
--#define NMI_DEFAULT -1
-+#define NMI_DEFAULT 1
- #define NMI_NONE 0
- #define NMI_IO_APIC 1
- #define NMI_LOCAL_APIC 2
+-unsigned int nmi_watchdog = NMI_NONE;
++unsigned int nmi_watchdog = NMI_IO_APIC;
+ EXPORT_SYMBOL(nmi_watchdog);
+
+ static int panic_on_timeout;