gmane.linux.kernel.containers

[RFC][PATCH 1/4] checkpoint/restart: fix code to handle open symlinks

Dave Hansen — 2008-12-02T18:57:34

There's no such thing as an opened symlink. --- linux-2.6.git-dave/checkpoint/ckpt_file.c | 3 --- linux-2.6.git-dave/checkpoint/rstr_file.c | 1 - linux-2.6.git-dave/include/linux/checkpoint_hdr.h | 1 - 3 files changed, 5 deletions(-) diff -puN checkpoint/ckpt_file.c~fix-no-opened-symlinks checkpoint/ckpt_file.c --- linux-2.6.git/checkpoint/ckpt_file.c~fix-no-opened-symlinks2008-12-02 10:13:34.000000000 -0800 +++ linux-2.6.git-dave/checkpoint/ckpt_file.c2008-12-02 10:14:08.000000000 -0800 < at >< at > -104,9 +104,6 < at >< at > static int cr_write_fd_data(struct cr_ct case S_IFDIR: fd_type = CR_FD_DIR; break; -case S_IFLNK: -fd_type = CR_FD_LINK; -break; default: cr_hbuf_put(ctx, sizeof(*hh)); return -EBADF; diff -puN checkpoint/rstr_file.c~fix-no-opened-symlinks checkpoint/rstr_file.c --- linux-2.6.git/checkpoint/rstr_file.c~fix-no-opened-symlinks2008-12-02 10:13:34.000000000 -0800 +++ linux-2.6.git-dave/checkpoint/rstr_file.c2008-12-02 10:14:07.000000000 -0800 < at >< at > -94,7 +94,6 < at >< at > cr_read_fd_data(struct cr_ctx *ctx, stru switch (hh->fd_type) { case CR_FD_FILE: case CR_FD_DIR: -case CR_FD_LINK: file = cr_read_open_fname(ctx, hh->f_flags, hh->f_mode); break; default: diff -puN include/linux/checkpoint_hdr.h~fix-no-opened-symlinks include/linux/checkpoint_hdr.h --- linux-2.6.git/include/linux/checkpoint_hdr.h~fix-no-opened-symlinks2008-12-02 10:13:34.000000000 -0800 +++ linux-2.6.git-dave/include/linux/checkpoint_hdr.h2008-12-02 10:13:34.000000000 -0800 < at >< at > -137,7 +137,6 < at >< at > struct cr_hdr_fd_ent { enum fd_type { CR_FD_FILE = 1, CR_FD_DIR, -CR_FD_LINK }; struct cr_hdr_fd_data { _

[PATCH] user namespaces: require cap_set{ug}id for CLONE_NEWUSER

Serge E. Hallyn — 2008-12-01T18:52:15

thoughts? (patch is on top of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6.git#next) thanks, -serge Subject: [PATCH] user namespaces: require cap_set{ug}id for CLONE_NEWUSER While ideally CLONE_NEWUSER will eventually require no privilege, the required permission checks are currently not there. As a result, CLONE_NEWUSER has the same effect as a setuid(0)+setgroups(1,"0"). While we already require CAP_SYS_ADMIN, requiring CAP_SETUID and CAP_SETGID seems appropriate. Signed-off-by: Serge E. Hallyn public.gmane.org> --- kernel/fork.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) 32c36be0621dba3bf05af3d2df843ce803d25831 diff --git a/kernel/fork.c b/kernel/fork.c index 1dd8945..e3a85b3 100644 --- a/kernel/fork.c +++ b/kernel/fork.c < at >< at > -1344,7 +1344,8 < at >< at > long do_fork(unsigned long clone_flags, /* hopefully this check will go away when userns support is * complete */ -if (!capable(CAP_SYS_ADMIN)) +if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SETUID) || +!capable(CAP_SETGID)) return -EPERM; }

[PATCH] Unused check for thread group leader in mem_cgroup_move_task

Nikanth Karthikesan — 2008-11-29T07:29:27

Currently we just check for thread group leader in attach() handler but do nothing! Either (1) move it to can_attach handler or (2) remove the test itself. I am attaching patches for both below. Thanks Nikanth Karthikesan Move thread group leader check to can_attach handler, but this may prevent non thread group leaders to be moved at all! Signed-off-by: Nikanth Karthikesan public.gmane.org> --- diff --git a/mm/memcontrol.c b/mm/memcontrol.c index 866dcc7..26bc823 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c < at >< at > -1136,6 +1136,18 < at >< at > static int mem_cgroup_populate(struct cgroup_subsys *ss, ARRAY_SIZE(mem_cgroup_files)); } +static int mem_cgroup_can_attach(struct cgroup_subsys *ss, + struct cgroup *cgrp, struct task_struct *tsk) +{ +/* + * Only thread group leaders are allowed to migrate, the mm_struct is + * in effect owned by the leader + */ +if (!thread_group_leader(tsk)) +return -EINVAL; +return 0; +} + static void mem_cgroup_move_task(struct cgroup_subsys *ss, struct cgroup *cont, struct cgroup *old_cont, < at >< at > -1151,14 +1163,6 < at >< at > static void mem_cgroup_move_task(struct cgroup_subsys *ss, mem = mem_cgroup_from_cont(cont); old_mem = mem_cgroup_from_cont(old_cont); -/* - * Only thread group leaders are allowed to migrate, the mm_struct is - * in effect owned by the leader - */ -if (!thread_group_leader(p)) -goto out; - -out: mmput(mm); } < at >< at > -1169,6 +1173,7 < at >< at > struct cgroup_subsys mem_cgroup_subsys = { .pre_destroy = mem_cgroup_pre_destroy, .destroy = mem_cgroup_destroy, .populate = mem_cgroup_populate, +.can_attach = mem_cgroup_can_attach, .attach = mem_cgroup_move_task, .early_init = 0, }; The patch to remove unused code follows. Remove the unused test for thread group leader. Signed-off-by: Nikanth Karthikesan public.gmane.org> --- diff --git a/mm/memcontrol.c b/mm/memcontrol.c index 866dcc7..8e9287d 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c < at >< at > -1151,14 +1151,6 < at >< at > static void mem_cgroup_move_task(struct cgroup_subsys *ss, mem = mem_cgroup_from_cont(cont); old_mem = mem_cgroup_from_cont(old_cont); -/* - * Only thread group leaders are allowed to migrate, the mm_struct is - * in effect owned by the leader - */ -if (!thread_group_leader(p)) -goto out; - -out: mmput(mm); }

[PATCH 3/3] cgroups: introduce link_css_set() to remove duplicate code

Li Zefan — 2008-11-28T10:02:42

Add a common function link_css_set() to link a css_set to a cgroup. Signed-off-by: Li Zefan public.gmane.org> --- kernel/cgroup.c | 62 +++++++++++++++++++++--------------------------------- 1 files changed, 24 insertions(+), 38 deletions(-) diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 4e50e97..1442077 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -385,6 +385,19 < at >< at > static int allocate_cg_links(int count, struct list_head *tmp) return 0; } +static void link_css_set(struct list_head *tmp_cg_links, + struct css_set *cg, struct cgroup *cgrp) +{ +struct cg_cgroup_link *link; + +BUG_ON(list_empty(tmp_cg_links)); +link = list_first_entry(tmp_cg_links, struct cg_cgroup_link, +cgrp_link_list); +link->cg = cg; +list_move(&link->cgrp_link_list, &cgrp->css_sets); +list_add(&link->cg_link_list, &cg->cg_links); +} + /* * find_css_set() takes an existing cgroup group and a * cgroup object, and returns a css_set object that's < at >< at > -400,7 +413,6 < at >< at > static struct css_set *find_css_set( int i; struct list_head tmp_cg_links; -struct cg_cgroup_link *link; struct hlist_head *hhead; < at >< at > -445,26 +457,11 < at >< at > static struct css_set *find_css_set( * only do it for the first subsystem in each * hierarchy */ -if (ss->root->subsys_list.next == &ss->sibling) { -BUG_ON(list_empty(&tmp_cg_links)); -link = list_entry(tmp_cg_links.next, - struct cg_cgroup_link, - cgrp_link_list); -list_del(&link->cgrp_link_list); -list_add(&link->cgrp_link_list, &cgrp->css_sets); -link->cg = res; -list_add(&link->cg_link_list, &res->cg_links); -} -} -if (list_empty(&rootnode.subsys_list)) { -link = list_entry(tmp_cg_links.next, - struct cg_cgroup_link, - cgrp_link_list); -list_del(&link->cgrp_link_list); -list_add(&link->cgrp_link_list, &dummytop->css_sets); -link->cg = res; -list_add(&link->cg_link_list, &res->cg_links); +if (ss->root->subsys_list.next == &ss->sibling) +link_css_set(&tmp_cg_links, res, cgrp); } +if (list_empty(&rootnode.subsys_list)) +link_css_set(&tmp_cg_links, res, dummytop); BUG_ON(!list_empty(&tmp_cg_links)); < at >< at > -992,7 +989,7 < at >< at > static int cgroup_get_sb(struct file_system_type *fs_type, root = NULL; } else { /* New superblock */ -struct cgroup *cgrp = &root->top_cgroup; +struct cgroup *root_cgrp = &root->top_cgroup; struct inode *inode; int i; < at >< at > -1033,7 +1030,7 < at >< at > static int cgroup_get_sb(struct file_system_type *fs_type, list_add(&root->root_list, &roots); root_count++; -sb->s_root->d_fsdata = &root->top_cgroup; +sb->s_root->d_fsdata = root_cgrp; root->top_cgroup.dentry = sb->s_root; /* Link the top cgroup in this hierarchy into all < at >< at > -1044,29 +1041,18 < at >< at > static int cgroup_get_sb(struct file_system_type *fs_type, struct hlist_node *node; struct css_set *cg; -hlist_for_each_entry(cg, node, hhead, hlist) { -struct cg_cgroup_link *link; - -BUG_ON(list_empty(&tmp_cg_links)); -link = list_entry(tmp_cg_links.next, - struct cg_cgroup_link, - cgrp_link_list); -list_del(&link->cgrp_link_list); -link->cg = cg; -list_add(&link->cgrp_link_list, - &root->top_cgroup.css_sets); -list_add(&link->cg_link_list, &cg->cg_links); -} +hlist_for_each_entry(cg, node, hhead, hlist) +link_css_set(&tmp_cg_links, cg, root_cgrp); } write_unlock(&css_set_lock); free_cg_links(&tmp_cg_links); -BUG_ON(!list_empty(&cgrp->sibling)); -BUG_ON(!list_empty(&cgrp->children)); +BUG_ON(!list_empty(&root_cgrp->sibling)); +BUG_ON(!list_empty(&root_cgrp->children)); BUG_ON(root->number_of_cgroups != 1); -cgroup_populate_dir(cgrp); +cgroup_populate_dir(root_cgrp); mutex_unlock(&inode->i_mutex); mutex_unlock(&cgroup_mutex); }

[PATCH 2/3] cgroups: add inactive subsystems to rootnode.root_list

Li Zefan — 2008-11-28T10:02:37

Though for an inactive hierarchy, we have subsys->root == &rootnode, but rootnode's root_list is always empty. This conflicts with the code in find_css_set(): for (i = 0; i < CGROUP_SUBSYS_COUNT; i++) { ... if (ss->root->subsys_list.next == &ss->sibling) { ... } } if (list_empty(&rootnode.subsys_list)) { ... } The above code assumes rootnode.subsys_list links all inactive hierarchies. Signed-off-by: Li Zefan public.gmane.org> --- kernel/cgroup.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 33ba756..4e50e97 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -716,7 +716,7 < at >< at > static int rebind_subsystems(struct cgroupfs_root *root, BUG_ON(dummytop->subsys[i]->cgroup != dummytop); cgrp->subsys[i] = dummytop->subsys[i]; cgrp->subsys[i]->cgroup = cgrp; -list_add(&ss->sibling, &root->subsys_list); +list_move(&ss->sibling, &root->subsys_list); rcu_assign_pointer(ss->root, root); if (ss->bind) ss->bind(ss, cgrp); < at >< at > -730,7 +730,7 < at >< at > static int rebind_subsystems(struct cgroupfs_root *root, dummytop->subsys[i]->cgroup = dummytop; cgrp->subsys[i] = NULL; rcu_assign_pointer(subsys[i]->root, &rootnode); -list_del(&ss->sibling); +list_move(&ss->sibling, &rootnode.subsys_list); } else if (bit & final_bits) { /* Subsystem state should already exist */ BUG_ON(!cgrp->subsys[i]); < at >< at > -2522,6 +2522,7 < at >< at > static void __init cgroup_init_subsys(struct cgroup_subsys *ss) printk(KERN_INFO "Initializing cgroup subsys %s\n", ss->name); /* Create the top cgroup state for this subsystem */ +list_add(&ss->sibling, &rootnode.root_list); ss->root = &rootnode; css = ss->create(ss, dummytop); /* We don't handle early failures gracefully */

[PATCH 1/3] cgroups: make root_list contains active hierarchies only

Li Zefan — 2008-11-28T10:02:33

Don't link rootnode to the root list, so root_list contains active hierarchies only as the comment indicates. And rename for_each_root() to for_each_active_root(). Also remove redundant check in cgroup_kill_sb(). Signed-off-by: Li Zefan public.gmane.org> --- kernel/cgroup.c | 19 +++++++------------ 1 files changed, 7 insertions(+), 12 deletions(-) diff --git a/kernel/cgroup.c b/kernel/cgroup.c index fe00b3b..33ba756 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -84,7 +84,7 < at >< at > struct cgroupfs_root { /* Tracks how many cgroups are currently defined in hierarchy.*/ int number_of_cgroups; -/* A list running through the mounted hierarchies */ +/* A list running through the active hierarchies */ struct list_head root_list; /* Hierarchy-specific flags */ < at >< at > -149,8 +149,8 < at >< at > static int notify_on_release(const struct cgroup *cgrp) #define for_each_subsys(_root, _ss) \ list_for_each_entry(_ss, &_root->subsys_list, sibling) -/* for_each_root() allows you to iterate across the active hierarchies */ -#define for_each_root(_root) \ +/* for_each_active_root() allows you to iterate across the active hierarchies */ +#define for_each_active_root(_root) \ list_for_each_entry(_root, &roots, root_list) /* the list of cgroups eligible for automatic release. Protected by < at >< at > -1114,10 +1114,9 < at >< at > static void cgroup_kill_sb(struct super_block *sb) { } write_unlock(&css_set_lock); -if (!list_empty(&root->root_list)) { -list_del(&root->root_list); -root_count--; -} +list_del(&root->root_list); +root_count--; + mutex_unlock(&cgroup_mutex); kfree(root); < at >< at > -2561,7 +2560,6 < at >< at > int __init cgroup_init_early(void) INIT_HLIST_NODE(&init_css_set.hlist); css_set_count = 1; init_cgroup_root(&rootnode); -list_add(&rootnode.root_list, &roots); root_count = 1; init_task.cgroups = &init_css_set; < at >< at > -2668,15 +2666,12 < at >< at > static int proc_cgroup_show(struct seq_file *m, void *v) mutex_lock(&cgroup_mutex); -for_each_root(root) { +for_each_active_root(root) { struct cgroup_subsys *ss; struct cgroup *cgrp; int subsys_id; int count = 0; -/* Skip this hierarchy if it has no active subsystems */ -if (!root->actual_subsys_bits) -continue; seq_printf(m, "%lu:", root->subsys_bits); for_each_subsys(root, ss) seq_printf(m, "%s%s", count++ ? "," : "", ss->name);

[PATCH] cgroups: add link_css_set() to remove duplicate code

Li Zefan — 2008-11-28T07:27:12

Add a common function link_css_set() to link a css_set to a cgroup. Signed-off-by: Li Zefan public.gmane.org> --- kernel/cgroup.c | 51 ++++++++++++++++++++++----------------------------- 1 files changed, 22 insertions(+), 29 deletions(-) diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 46d9981..42d0597 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -384,6 +384,19 < at >< at > static int allocate_cg_links(int count, struct list_head *tmp) return 0; } +static void link_css_set(struct list_head *tmp_cg_links, + struct css_set *cg, struct cgroup *cgrp) +{ +struct cg_cgroup_link *link; + +BUG_ON(list_empty(tmp_cg_links)); +link = list_first_entry(tmp_cg_links, struct cg_cgroup_link, +cgrp_link_list); +link->cg = cg; +list_move(&link->cgrp_link_list, &cgrp->css_sets); +list_add(&link->cg_link_list, &cg->cg_links); +} + /* * find_css_set() takes an existing cgroup group and a * cgroup object, and returns a css_set object that's < at >< at > -399,7 +412,6 < at >< at > static struct css_set *find_css_set( int i; struct list_head tmp_cg_links; -struct cg_cgroup_link *link; struct hlist_head *hhead; < at >< at > -444,16 +456,8 < at >< at > static struct css_set *find_css_set( * only do it for the first subsystem in each * hierarchy */ -if (ss->root->subsys_list.next == &ss->sibling) { -BUG_ON(list_empty(&tmp_cg_links)); -link = list_entry(tmp_cg_links.next, - struct cg_cgroup_link, - cgrp_link_list); -list_del(&link->cgrp_link_list); -list_add(&link->cgrp_link_list, &cgrp->css_sets); -link->cg = res; -list_add(&link->cg_link_list, &res->cg_links); -} +if (ss->root->subsys_list.next == &ss->sibling) +link_css_set(&tmp_cg_links, res, cgrp); } BUG_ON(!list_empty(&tmp_cg_links)); < at >< at > -982,7 +986,7 < at >< at > static int cgroup_get_sb(struct file_system_type *fs_type, root = NULL; } else { /* New superblock */ -struct cgroup *cgrp = &root->top_cgroup; +struct cgroup *root_cgrp = &root->top_cgroup; struct inode *inode; int i; < at >< at > -1023,7 +1027,7 < at >< at > static int cgroup_get_sb(struct file_system_type *fs_type, list_add(&root->root_list, &roots); root_count++; -sb->s_root->d_fsdata = &root->top_cgroup; +sb->s_root->d_fsdata = root_cgrp; root->top_cgroup.dentry = sb->s_root; /* Link the top cgroup in this hierarchy into all < at >< at > -1034,29 +1038,18 < at >< at > static int cgroup_get_sb(struct file_system_type *fs_type, struct hlist_node *node; struct css_set *cg; -hlist_for_each_entry(cg, node, hhead, hlist) { -struct cg_cgroup_link *link; - -BUG_ON(list_empty(&tmp_cg_links)); -link = list_entry(tmp_cg_links.next, - struct cg_cgroup_link, - cgrp_link_list); -list_del(&link->cgrp_link_list); -link->cg = cg; -list_add(&link->cgrp_link_list, - &root->top_cgroup.css_sets); -list_add(&link->cg_link_list, &cg->cg_links); -} +hlist_for_each_entry(cg, node, hhead, hlist) +link_css_set(&tmp_cg_links, cg, root_cgrp); } write_unlock(&css_set_lock); free_cg_links(&tmp_cg_links); -BUG_ON(!list_empty(&cgrp->sibling)); -BUG_ON(!list_empty(&cgrp->children)); +BUG_ON(!list_empty(&root_cgrp->sibling)); +BUG_ON(!list_empty(&root_cgrp->children)); BUG_ON(root->number_of_cgroups != 1); -cgroup_populate_dir(cgrp); +cgroup_populate_dir(root_cgrp); mutex_unlock(&inode->i_mutex); mutex_unlock(&cgroup_mutex); }

[PATCH 1/2] cgroups: cleanup for dummy root

Li Zefan — 2008-11-28T07:27:08

- Don't link rootnode to the root list, so root_list contains active hierarchies only as the comment indicates. - Don't link css_sets to the dummy cgroup, because we never want to run through the tasks in that dummpy cgroup (which means run through all the tasks in the system). Signed-off-by: Li Zefan public.gmane.org> --- kernel/cgroup.c | 24 ++---------------------- 1 files changed, 2 insertions(+), 22 deletions(-) diff --git a/kernel/cgroup.c b/kernel/cgroup.c index fe00b3b..46d9981 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -84,7 +84,7 < at >< at > struct cgroupfs_root { /* Tracks how many cgroups are currently defined in hierarchy.*/ int number_of_cgroups; -/* A list running through the mounted hierarchies */ +/* A list running through the active hierarchies */ struct list_head root_list; /* Hierarchy-specific flags */ < at >< at > -184,7 +184,6 < at >< at > struct cg_cgroup_link { */ static struct css_set init_css_set; -static struct cg_cgroup_link init_css_set_link; /* css_set_lock protects the list of css_set objects, and the * chain of tasks off each css_set. Nests outside task->alloc_lock < at >< at > -456,15 +455,6 < at >< at > static struct css_set *find_css_set( list_add(&link->cg_link_list, &res->cg_links); } } -if (list_empty(&rootnode.subsys_list)) { -link = list_entry(tmp_cg_links.next, - struct cg_cgroup_link, - cgrp_link_list); -list_del(&link->cgrp_link_list); -list_add(&link->cgrp_link_list, &dummytop->css_sets); -link->cg = res; -list_add(&link->cg_link_list, &res->cg_links); -} BUG_ON(!list_empty(&tmp_cg_links)); < at >< at > -2561,16 +2551,9 < at >< at > int __init cgroup_init_early(void) INIT_HLIST_NODE(&init_css_set.hlist); css_set_count = 1; init_cgroup_root(&rootnode); -list_add(&rootnode.root_list, &roots); -root_count = 1; +root_count = 0; init_task.cgroups = &init_css_set; -init_css_set_link.cg = &init_css_set; -list_add(&init_css_set_link.cgrp_link_list, - &rootnode.top_cgroup.css_sets); -list_add(&init_css_set_link.cg_link_list, - &init_css_set.cg_links); - for (i = 0; i < CSS_SET_TABLE_SIZE; i++) INIT_HLIST_HEAD(&css_set_table[i]); < at >< at > -2674,9 +2657,6 < at >< at > static int proc_cgroup_show(struct seq_file *m, void *v) int subsys_id; int count = 0; -/* Skip this hierarchy if it has no active subsystems */ -if (!root->actual_subsys_bits) -continue; seq_printf(m, "%lu:", root->subsys_bits); for_each_subsys(root, ss) seq_printf(m, "%s%s", count++ ? "," : "", ss->name);

[RFC v10][PATCH 00/13] Kernel based checkpoint/restart

Oren Laadan — 2008-11-27T01:04:31

Checkpoint-restart (c/r): fixes a couple of bugs and a DoS issue (tested against v2.6.28-rc3). We'd like these to make it into -mm. This version addresses the last of the known bugs. Please pull at least the first 11 patches, as they are similar to before. Patches 1-11 are stable, providing self- and external- c/r of a single process. Patches 12 and 13 are newer, adding support for c/r of multiple processes. The git tree tracking v10, branch 'ckpt-v10' (and older versions): git://git.ncl.cs.columbia.edu/pub/git/linux-cr.git Restarting multiple processes requires 'mktree' userspace tool: git://git.ncl.cs.columbia.edu/pub/git/user-cr.git Oren. -- Why do we want it? It allows containers to be moved between physical machines' kernels in the same way that VMWare can move VMs between physical machines' hypervisors. There are currently at least two out-of-tree implementations of this in the commercial world (IBM's Metacluster and Parallels' OpenVZ/Virtuozzo) and several in the academic world like Zap. Why do we need it in mainline now? Because we already have plenty of out-of-tree ones, and want to know what an in-tree one will be like. :) What *I* want right now is the extra review and scrutiny that comes with a mainline submission to make sure we're not going in a direction contrary to the community. This only supports pretty simple apps. But, I trust Ingo when he says: We're *certainly* going to be changing the ABI (which is the format of the checkpoint). I'd like to follow the model that we used for ext4-dev, which is to make it very clear that this is a development-only feature for now. Perhaps we do that by making the interface only available through debugfs or something similar for now. Or, reserving the syscall numbers but require some runtime switch to be thrown before they can be used. I'm open to suggestions here. -- -- Todo: - Add support for x86-64 and improve ABI - Refine or change syscall interface - Handle multiple namespaces in a container (e.g. save the filesystem namespaces state with the file descriptors) - Security (without CAPS_SYS_ADMIN files restore may fail) Changelog: [2008-Nov-26] v10: - Grab vfs root of container init, rather than current process - Acquire dcache_lock around call to __d_path() in cr_fill_name() - Force end-of-string in cr_read_string() (fix possible DoS) - Introduce cr_write_buffer(), cr_read_buffer() and cr_read_buf_type() [2008-Nov-10] v9: - Support multiple processes c/r - Extend checkpoint header with archtiecture dependent header - Misc bug fixes (see individual changelogs) - Rebase to v2.6.28-rc3. [2008-Oct-29] v8: - Support "external" checkpoint - Include Dave Hansen's 'deny-checkpoint' patch - Split docs in Documentation/checkpoint/..., and improve contents [2008-Oct-17] v7: - Fix save/restore state of FPU - Fix argument given to kunmap_atomic() in memory dump/restore [2008-Oct-07] v6: - Balance all calls to cr_hbuf_get() with matching cr_hbuf_put() (even though it's not really needed) - Add assumptions and what's-missing to documentation - Misc fixes and cleanups [2008-Sep-11] v5: - Config is now 'def_bool n' by default - Improve memory dump/restore code (following Dave Hansen's comments) - Change dump format (and code) to allow chunks of instead of one long list of each - Fix use of follow_page() to avoid faulting in non-present pages - Memory restore now maps user pages explicitly to copy data into them, instead of reading directly to user space; got rid of mprotect_fixup() - Remove preempt_disable() when restoring debug registers - Rename headers files s/ckpt/checkpoint/ - Fix misc bugs in files dump/restore - Fixes and cleanups on some error paths - Fix misc coding style [2008-Sep-09] v4: - Various fixes and clean-ups - Fix calculation of hash table size - Fix header structure alignment - Use stand list_... for cr_pgarr [2008-Aug-29] v3: - Various fixes and clean-ups - Use standard hlist_... for hash table - Better use of standard kmalloc/kfree [2008-Aug-20] v2: - Added Dump and restore of open files (regular and directories) - Added basic handling of shared objects, and improve handling of 'parent tag' concept - Added documentation - Improved ABI, 64bit padding for image data - Improved locking when saving/restoring memory - Added UTS information to header (release, version, machine) - Cleanup extraction of filename from a file pointer - Refactor to allow easier reviewing - Remove requirement for CAPS_SYS_ADMIN until we come up with a security policy (this means that file restore may fail) - Other cleanup and response to comments for v1 [2008-Jul-29] v1: - Initial version: support a single task with address space of only private anonymous or file-mapped VMAs; syscalls ignore pid/crid argument and act on current process. -- At the containers mini-conference before OLS, the consensus among all the stakeholders was that doing checkpoint/restart in the kernel as much as possible was the best approach. With this approach, the kernel will export a relatively opaque 'blob' of data to userspace which can then be handed to the new kernel at restore time. This is different than what had been proposed before, which was that a userspace application would be responsible for collecting all of this data. We were also planning on adding lots of new, little kernel interfaces for all of the things that needed checkpointing. This unites those into a single, grand interface. The 'blob' will contain copies of select portions of kernel structures such as vmas and mm_structs. It will also contain copies of the actual memory that the process uses. Any changes in this blob's format between kernel revisions can be handled by an in-userspace conversion program. This is a similar approach to virtually all of the commercial checkpoint/restart products out there, as well as the research project Zap. These patches basically serialize internel kernel state and write it out to a file descriptor. The checkpoint and restore are done with two new system calls: sys_checkpoint and sys_restart. In this incarnation, they can only work checkpoint and restore a single task. The task's address space may consist of only private, simple vma's - anonymous or file-mapped. The open files may consist of only simple files and directories. --

[PATCH 01/53] xfrm: initialise xfrm_policy_gc_work statically

Alexey Dobriyan — 2008-11-25T17:26:33

Signed-off-by: Alexey Dobriyan public.gmane.org> --- net/xfrm/xfrm_policy.c | 3 +-- 1 files changed, 1 insertions(+), 2 deletions(-) diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 1785488..ea3456d 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c < at >< at > -55,7 +55,6 < at >< at > static struct xfrm_policy_afinfo *xfrm_policy_afinfo[NPROTO]; static struct kmem_cache *xfrm_dst_cache __read_mostly; -static struct work_struct xfrm_policy_gc_work; static HLIST_HEAD(xfrm_policy_gc_list); static DEFINE_SPINLOCK(xfrm_policy_gc_lock); < at >< at > -296,6 +295,7 < at >< at > static void xfrm_policy_gc_task(struct work_struct *work) hlist_for_each_entry_safe(policy, entry, tmp, &gc_list, bydst) xfrm_policy_gc_kill(policy); } +static DECLARE_WORK(xfrm_policy_gc_work, xfrm_policy_gc_task); /* Rule must be locked. Release descentant resources, announce * entry dead. The rule must be unlinked from lists to the moment. < at >< at > -2425,7 +2425,6 < at >< at > static void __init xfrm_policy_init(void) } INIT_LIST_HEAD(&xfrm_policy_all); -INIT_WORK(&xfrm_policy_gc_work, xfrm_policy_gc_task); register_netdevice_notifier(&xfrm_dev_notifier); }

[PATCH 0/2] In-kernel process restart

Andrey Mirkin — 2008-11-24T15:39:33

These patchset introduces OpenVZ kernel based restart procedure on top of Oren's checkpoint/restart patchset v9. For restarting a set of processes one will need to call sys_restart() once with new flag CR_CTX_RSTR_IN_KERNEL. All work will be done in kernel in this case. Small changes to image format are required to make in-kernel process creation more easy. Oren, please take a look on this patchset. I've tried to port OpenVZ functionality on top of yours with minimal changes.

Livres anciens, restauration et conservation

Jean-Louis Yaich — 2008-11-24T08:52:47

_______________________________________________ Containers mailing list Containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA< at >public.gmane.org https://lists.linux-foundation.org/mailman/listinfo/containers

Livres anciens, restauration et conservation

Jean-Louis Yaich — 2008-11-24T08:52:47

Get your Blackberry Bold/$300 or Apple iPhone 16GB/$25

Gadgets Lmtd UK — 2008-11-22T11:00:42

Apple iPhone 16GB.......$250 per unit Blackberry Bold.............$300 per unit Video Games Playstation 3 ........$220 Nintendo Wii......... $200 Sony PSP......... ....$140 Xbox 360 Platinum/Premium.... $140 Apple ipod Nano 4gb....$100 Apple ipod Nano 80gb...$250 GSM PHONES Motorola V3i D&G......$250 Nokia N95......... ...$320 Nokia N93......... ...$260 Nokia N93i ...........$280 Nokia N70 ............$160 Nokia N72 ............$175 Nokia N73 ............$250 Nokia N80 ............$200 Nokia N90 ............$200 Nokia N91 ............$200 BUY ANY 5 UNITS AND GET 2 FREE All GSM Phones,Brand New,Tri- Band and Video Games are also Brand new with Complete Accessories plus Int'l Warranty . e-mail us for more enquiry gadgets.lmtd05-Re5JQEeQqe8AvxtiuMwx3w< at >public.gmane.org GADGETS LIMITED (UK) LTD Registered No. 05881519 THE OLD STABLES, ARUNDEL ROAD, POLING, ARUNDEL, WEST SUSSEX, BN18 9QA UNITED KINGDOM

[PATCH] memcontrol: rcu_read_lock() to protect mm_match_cgroup()

Lai Jiangshan — 2008-11-21T08:49:43

mm_match_cgroup() calls cgroup_subsys_state(). we must use rcu_read_lock() to protect cgroup_subsys_state(). Signed-off-by: Lai Jiangshan public.gmane.org> --- diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h index 1fbe14d..ce89ff0 100644 --- a/include/linux/memcontrol.h +++ b/include/linux/memcontrol.h < at >< at > -47,8 +47,15 < at >< at > int task_in_mem_cgroup(struct task_struct *task, const struct mem_cgroup *mem); extern struct mem_cgroup *mem_cgroup_from_task(struct task_struct *p); -#define mm_match_cgroup(mm, cgroup)\ -((cgroup) == mem_cgroup_from_task((mm)->owner)) +static inline +int mm_match_cgroup(const struct mm_struct *mm, const struct mem_cgroup *cgroup) +{ +struct mem_cgroup *mem; +rcu_read_lock(); +mem = mem_cgroup_from_task((mm)->owner); +rcu_read_unlock(); +return cgroup == mem; +} extern int mem_cgroup_prepare_migration(struct page *page, struct page *newpage);

[PATCH] cgroups: defer free css_set

Lai Jiangshan — 2008-11-21T08:49:31

we free css_set when refcnt became 0 immediately(except cgroup_attach_task()). I will destroy the data which read side maybe still access it. this patch use call_rcu() to defer free css_set Signed-off-by: Lai Jiangshan public.gmane.org> --- diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h index 1164963..22901ff 100644 --- a/include/linux/cgroup.h +++ b/include/linux/cgroup.h < at >< at > -178,6 +178,8 < at >< at > struct css_set { */ struct list_head cg_links; +struct rcu_head rcu; + /* * Set of subsystem states, one for each subsystem. This array * is immutable after creation apart from the init_css_set diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 358e775..ddc10ac 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -252,6 +252,11 < at >< at > static void unlink_css_set(struct css_set *cg) } } +static void rcu_free_css_set(struct rcu_head *head) +{ +kfree(container_of(head, struct css_set, rcu)); +} + static void __put_css_set(struct css_set *cg, int taskexit) { int i; < at >< at > -281,7 +286,7 < at >< at > static void __put_css_set(struct css_set *cg, int taskexit) } } rcu_read_unlock(); -kfree(cg); +call_rcu(&cg->rcu, rcu_free_css_set); } /* < at >< at > -1267,7 +1277,6 < at >< at > int cgroup_attach_task(struct cgroup *cgrp, struct task_struct *tsk) ss->attach(ss, cgrp, oldcgrp, tsk); } set_bit(CGRP_RELEASABLE, &oldcgrp->flags); -synchronize_rcu(); put_css_set(cg); return 0; }

[PATCH 1/2] cgroups: enhance task_cgroup()

Lai Jiangshan — 2008-11-21T08:49:46

task_cgroup() calls cgroup_subsys_state(). and we must use rcu_read_lock() to protect cgroup_subsys_state(). so we must use rcu_read_lock() to protect task_cgroup(). but it'll not so friendly to caller: the callers of task_cgroup() have held cgroup_lock(). it means that struct cgroup will not be freed. So this patch add rcu_read_lock() in task_cgroup() to enhance task_cgroup(). And we do NOT NEED FIX task_cgroup()'s callers, and cgroup_lock() can protect task_cgroup(). Signed-off-by: Lai Jiangshan public.gmane.org> --- diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h index 1164963..22901ff 100644 --- a/include/linux/cgroup.h +++ b/include/linux/cgroup.h < at >< at > -359,6 +360,10 < at >< at > static inline struct cgroup* task_cgroup(struct task_struct *task, int subsys_id) { -return task_subsys_state(task, subsys_id)->cgroup; +struct cgroup *ret; +rcu_read_lock(); +ret = task_subsys_state(task, subsys_id)->cgroup; +rcu_read_unlock(); +return ret; } int cgroup_clone(struct task_struct *tsk, struct cgroup_subsys *ss,

[PATCH] cpuset: rcu_read_lock() to protect task_cs() even we don'tdereference to task_cs()'s return value

Lai Jiangshan — 2008-11-21T08:49:40

task_cs() calls cgroup_subsys_state(). we must use rcu_read_lock() to protect cgroup_subsys_state(). in current_cpuset_is_being_rebound(), we don't dereference to task_cs()'s return value, but task_cs() accesses css_set, this css_set maybe freed when task_cs() called. Signed-off-by: Lai Jiangshan public.gmane.org> --- diff --git a/kernel/cpuset.c b/kernel/cpuset.c index 3e00526..e0e087e 100644 --- a/kernel/cpuset.c +++ b/kernel/cpuset.c < at >< at > -1141,7 +1136,11 < at >< at > done: int current_cpuset_is_being_rebound(void) { -return task_cs(current) == cpuset_being_rebound; +struct cpuset *cs; +rcu_read_lock(); +cs = task_cs(current); +rcu_read_unlock(); +return cs == cpuset_being_rebound; } static int update_relax_domain_level(struct cpuset *cs, s64 val)

[PATCH] cpuset: rcu_read_lock() to protect task_cs()

Lai Jiangshan — 2008-11-21T08:49:37

task_cs() calls cgroup_subsys_state(). we must use rcu_read_lock() to protect cgroup_subsys_state(). it's correct that top_cpuset is never freed, but cgroup_subsys_state() accesses css_set, this css_set maybe freed when task_cs() called. we use use rcu_read_lock() to protect it. Signed-off-by: Lai Jiangshan public.gmane.org> --- diff --git a/kernel/cpuset.c b/kernel/cpuset.c index 3e00526..e0e087e 100644 --- a/kernel/cpuset.c +++ b/kernel/cpuset.c < at >< at > -363,14 +363,9 < at >< at > void cpuset_update_task_memory_state(void) struct task_struct *tsk = current; struct cpuset *cs; -if (task_cs(tsk) == &top_cpuset) { -/* Don't need rcu for top_cpuset. It's never freed. */ -my_cpusets_mem_gen = top_cpuset.mems_generation; -} else { -rcu_read_lock(); -my_cpusets_mem_gen = task_cs(tsk)->mems_generation; -rcu_read_unlock(); -} +rcu_read_lock(); +my_cpusets_mem_gen = task_cs(tsk)->mems_generation; +rcu_read_unlock(); if (my_cpusets_mem_gen != tsk->cpuset_mems_generation) { mutex_lock(&callback_mutex);

[PATCH] cgroups: use task_lock() for access tsk->cgroups safe incgroup_clone()

Lai Jiangshan — 2008-11-21T08:49:55

use task_lock() protect tsk->cgroups and get_css_set(tsk->cgroups) Signed-off-by: Lai Jiangshan public.gmane.org> --- diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 358e775..ddc10ac 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -2933,6 +2943,7 < at >< at > int cgroup_clone(struct task_struct *tsk, struct cgroup_subsys *subsys, mutex_unlock(&cgroup_mutex); return 0; } +task_lock(tsk); cg = tsk->cgroups; parent = task_cgroup(tsk, subsys->subsys_id); < at >< at > -2941,6 +2952,7 < at >< at > int cgroup_clone(struct task_struct *tsk, struct cgroup_subsys *subsys, /* Keep the cgroup alive */ get_css_set(cg); +task_unlock(tsk); mutex_unlock(&cgroup_mutex); /* Now do the VFS work to create a cgroup */

[PATCH] cgroups: call find_css_set() safely in cgroup_attach_task()

Lai Jiangshan — 2008-11-21T08:49:59

in cgroup_attach_task(), tsk maybe exit when we call find_css_set(). and find_css_set() will access to invalid css_set. this patch increase the count before get_css_set(), and decrease it after find_css_set(). NOTICE: css_set's refcount is also taskcount, after this patch applied, taskcount may be off-by-one WHEN cgroup_lock() is not held. but I reviewed other code which use taskcount, they are still correct. No regression found by reviewing and simply testing. So I do not use two counters in css_set. (one counter for taskcount, the other for refcount. like struct mm_struct) If this fix cause regression, we will use two counters in css_set. Signed-off-by: Lai Jiangshan public.gmane.org> --- diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 358e775..ddc10ac 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c < at >< at > -1217,7 +1222,7 < at >< at > int cgroup_attach_task(struct cgroup *cgrp, struct task_struct *tsk) int retval = 0; struct cgroup_subsys *ss; struct cgroup *oldcgrp; -struct css_set *cg = tsk->cgroups; +struct css_set *cg; struct css_set *newcg; struct cgroupfs_root *root = cgrp->root; int subsys_id; < at >< at > -1237,11 +1242,16 < at >< at > int cgroup_attach_task(struct cgroup *cgrp, struct task_struct *tsk) } } +task_lock(tsk); +cg = tsk->cgroups; +get_css_set(cg); +task_unlock(tsk); /* * Locate or allocate a new css_set for this task, * based on its final set of cgroups */ newcg = find_css_set(cg, cgrp); +put_css_set(cg); if (!newcg) return -ENOMEM;