[Devel] [PATCH vz8 2/2] ve/fs/devmnt: process mount options
From: Kirill Tkhai
Port patch diff-ve-fs-process-mount-options-check-and-insert by Maxim Patlasov:
The patch implements two kinds of processing mount options: check and insert.
Check is OK if and only if each option supplied by CT-user is present
among options listed in allowed_options.
Insert transforms mount options supplied by CT-user like this:
= +
Check is performed both for mount and remount. Insert - only for mount. All
this happens only for mount/remount inside CT and if proper ve_devmnt struct
is found in ve->devmnt_list (searched by 'dev').
https://jira.sw.ru/browse/PSBM-32273
Signed-off-by: Kirill Tkhai
Acked-by: Maxim Patlasov
+++
ve/fs/devmnt: allow more than one mount option inside a CT
strsep() changes provided string: puts '\0' instead of separators,
thus after successful call to ve_devmnt_check() we insert
only first provided mount options, ignoring others.
mFixes: bc4143b ("ve/fs/devmnt: process mount options")
Found during implementation of
https://jira.sw.ru/browse/PSBM-40075
Signed-off-by: Konstantin Khorenko
Reviewed-by: Kirill Tkhai
https://jira.sw.ru/browse/PSBM-108196
Signed-off-by: Andrey Ryabinin
---
fs/namespace.c | 146 -
fs/super.c | 16 +
include/linux/fs.h | 2 +
3 files changed, 163 insertions(+), 1 deletion(-)
diff --git a/fs/namespace.c b/fs/namespace.c
index d355b5921d1e..c24ab7597a39 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -28,6 +28,8 @@
#include
#include
+#include
+
#include "pnode.h"
#include "internal.h"
@@ -2344,6 +2346,148 @@ static int change_mount_flags(struct vfsmount *mnt, int
ms_flags)
return error;
}
+#ifdef CONFIG_VE
+/*
+ * Returns first occurrence of needle in haystack separated by sep,
+ * or NULL if not found
+ */
+static char *strstr_separated(char *haystack, char *needle, char sep)
+{
+ int needle_len = strlen(needle);
+
+ while (haystack) {
+ if (!strncmp(haystack, needle, needle_len) &&
+ (haystack[needle_len] == 0 || /* end-of-line or */
+haystack[needle_len] == sep)) /* separator */
+ return haystack;
+
+ haystack = strchr(haystack, sep);
+ if (haystack)
+ haystack++;
+ }
+
+ return NULL;
+}
+
+static int ve_devmnt_check(char *options, char *allowed)
+{
+ char *p;
+ char *tmp_options;
+
+ if (!options || !*options)
+ return 0;
+
+ if (!allowed)
+ return -EPERM;
+
+ /* strsep() changes provided string: puts '\0' instead of separators */
+ tmp_options = kstrdup(options, GFP_KERNEL);
+ if (!tmp_options)
+ return -ENOMEM;
+
+ while ((p = strsep(_options, ",")) != NULL) {
+ if (!*p)
+ continue;
+
+ if (!strstr_separated(allowed, p, ',')) {
+ kfree(tmp_options);
+ return -EPERM;
+ }
+ }
+
+ kfree(tmp_options);
+ return 0;
+}
+
+static int ve_devmnt_insert(char *options, char *hidden)
+{
+ int options_len;
+ int hidden_len;
+
+ if (!hidden)
+ return 0;
+
+ if (!options)
+ return -EAGAIN;
+
+ options_len = strlen(options);
+ hidden_len = strlen(hidden);
+
+ if (hidden_len + options_len + 2 > PAGE_SIZE)
+ return -EPERM;
+
+ memmove(options + hidden_len + 1, options, options_len);
+ memcpy(options, hidden, hidden_len);
+
+ options[hidden_len] = ',';
+ options[hidden_len + options_len + 1] = 0;
+
+ return 0;
+}
+
+int ve_devmnt_process(struct ve_struct *ve, dev_t dev, void **data_pp, int
remount)
+{
+ void *data = *data_pp;
+ struct ve_devmnt *devmnt;
+ int err;
+again:
+ err = 1;
+ mutex_lock(>devmnt_mutex);
+ list_for_each_entry(devmnt, >devmnt_list, link) {
+ if (devmnt->dev == dev) {
+ err = ve_devmnt_check(data, devmnt->allowed_options);
+
+ if (!err && !remount)
+ err = ve_devmnt_insert(data,
devmnt->hidden_options);
+
+ break;
+ }
+ }
+ mutex_unlock(>devmnt_mutex);
+
+ switch (err) {
+ case -EAGAIN:
+ if (!(data = (void *)__get_free_page(GFP_KERNEL)))
+ return -ENOMEM;
+ *(char *)data = 0; /* the string must be zero-terminated */
+ goto again;
+ case 1:
+ if (*data_pp) {
+ ve_printk(VE_LOG_BOTH, KERN_WARNING "VE%s: no allowed "
+ "mount options found for device %u:%u\n",
+ ve->ve_name, MAJOR(dev), MINOR(dev));
+ err = -EPERM;
+ } else
+ err = 0;
+
[Devel] [PATCH vz8 1/2] ve/devmnt: Introduce ve::devmnt list #PSBM-108196
From: Kirill Tkhai
1)Porting patch "ve: mount option list" by Maxim Patlasov:
The patch adds new fields to ve_struct: devmnt_list and devmnt_mutex.
devmnt_list is the head of list of ve_devmnt structs. Each host block device
visible from CT can have no more than one struct ve_devmnt linked in
ve->devmnt_list. If ve_devmnt is present, it can be found by 'dev' field.
Each ve_devmnt struct may bear two strings: hidden and allowed options.
hidden_options will be automatically added to CT-user-supplied mount options
after checking allowed_options. Only options listed in allowed_options are
allowed.
devmnt_mutex is to protect operations on the list of ve_devmnt structs.
2)Porting patch "vecalls: VE_CONFIGURE_MOUNT_OPTIONS" by Maxim Patlasov.
Reworking the interface using cgroups. Each CT now has a file:
[ve_cgroup_mnt_pnt]/[CTID]/ve.mount_opts
for configuring permittions for a block device. Below is permittions line
example:
"0 major:minor;1 balloon_ino=12,pfcache_csum,pfcache=/vz/pfcache;2 barrier=1"
Here, major:minor is a device, '1' starts comma-separated list of
hidden options, and '2' is allowed ones.
https://jira.sw.ru/browse/PSBM-32273
Signed-off-by: Kirill Tkhai
Acked-by: Maxim Patlasov
+++
ve/cgroups: Align ve_cftypes assignments
For readability sake. We've other aligned already.
Signed-off-by: Cyrill Gorcunov
Rebase: ktkhai@: Merged "ve: increase max length of ve.mount_opts string"
ve/devmnt: Add a ability to show ve.mount_opts
A user may want to see allowed mount options.
This patch allows that.
khorenko@:
* by default ve cgroup is not visible from inside a CT
* currently it's possible to mount ve cgroup inside a CT, but this is
temporarily, we'll disable this in the scope of
https://jira.sw.ru/browse/PSBM-34291
* this patch allows to see mount options via ve cgroup =>
after PSBM-34291 is fixed, mount options will be visible only from ve0 (host)
* for host it's OK to see all hidden options
Signed-off-by: Kirill Tkhai
Rebase: ktkhai@: Merged "ve: Strip unset options in ve.mount_opts"
[aryabinin: vz8 rebase]
https://jira.sw.ru/browse/PSBM-108196
Signed-off-by: Andrey Ryabinin
---
include/linux/ve.h | 11 +++
kernel/ve/ve.c | 175 +
2 files changed, 186 insertions(+)
diff --git a/include/linux/ve.h b/include/linux/ve.h
index 5b1962ff4c66..1b6317275ca2 100644
--- a/include/linux/ve.h
+++ b/include/linux/ve.h
@@ -96,6 +96,17 @@ struct ve_struct {
#endif
struct vdso_image *vdso_64;
struct vdso_image *vdso_32;
+
+ struct list_headdevmnt_list;
+ struct mutexdevmnt_mutex;
+};
+
+struct ve_devmnt {
+ struct list_headlink;
+
+ dev_t dev;
+ char*allowed_options;
+ char*hidden_options; /* balloon_ino, etc. */
};
#define VE_MEMINFO_DEFAULT 1 /* default behaviour */
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index ac3dda55e9ae..935e13340051 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -9,6 +9,7 @@
* 've.c' helper file performing VE sub-system initialization
*/
+#include
#include
#include
#include
@@ -643,6 +644,8 @@ static struct cgroup_subsys_state *ve_create(struct
cgroup_subsys_state *parent_
#ifdef CONFIG_COREDUMP
strcpy(ve->core_pattern, "core");
#endif
+ INIT_LIST_HEAD(>devmnt_list);
+ mutex_init(>devmnt_mutex);
return >css;
@@ -687,10 +690,33 @@ static void ve_offline(struct cgroup_subsys_state *css)
ve->ve_name = NULL;
}
+static void ve_devmnt_free(struct ve_devmnt *devmnt)
+{
+ if (!devmnt)
+ return;
+
+ kfree(devmnt->allowed_options);
+ kfree(devmnt->hidden_options);
+ kfree(devmnt);
+}
+
+static void free_ve_devmnts(struct ve_struct *ve)
+{
+ while (!list_empty(>devmnt_list)) {
+ struct ve_devmnt *devmnt;
+
+ devmnt = list_first_entry(>devmnt_list, struct ve_devmnt,
link);
+ list_del(>link);
+ ve_devmnt_free(devmnt);
+ }
+}
+
static void ve_destroy(struct cgroup_subsys_state *css)
{
struct ve_struct *ve = css_to_ve(css);
+ free_ve_devmnts(ve);
+
kmapset_unlink(>sysfs_perms_key, _ve_perms_set);
ve_log_destroy(ve);
ve_free_vdso(ve);
@@ -1085,6 +,148 @@ static u64 ve_netns_avail_nr_read(struct
cgroup_subsys_state *css, struct cftype
return atomic_read(_to_ve(css)->netns_avail_nr);
}
+static int ve_mount_opts_read(struct seq_file *sf, void *v)
+{
+ struct ve_struct *ve = css_to_ve(seq_css(sf));
+ struct ve_devmnt *devmnt;
+
+ if (ve_is_super(ve))
+ return -ENODEV;
+
+ mutex_lock(>devmnt_mutex);
+ list_for_each_entry(devmnt, >devmnt_list, link) {
+ dev_t dev = devmnt->dev;
+
+ seq_printf(sf, "0 %u:%u;", MAJOR(dev), MINOR(dev));
+ if
[Devel] [PATCH RH7 1/2] ploop: Preallocate clusters before nullifying on grow
In case of future BAT clusters are data clusters and
there is a hole, nullifying code fails since there is
no extent. Fix that by future BAT preallocation.
https://jira.sw.ru/browse/PSBM-121772
Signed-off-by: Kirill Tkhai
---
drivers/block/ploop/fmt_ploop1.c |8
drivers/block/ploop/io_direct.c | 26 ++
include/linux/ploop/ploop.h |2 ++
3 files changed, 36 insertions(+)
diff --git a/drivers/block/ploop/fmt_ploop1.c b/drivers/block/ploop/fmt_ploop1.c
index 99acad2d6994..316f62621c33 100644
--- a/drivers/block/ploop/fmt_ploop1.c
+++ b/drivers/block/ploop/fmt_ploop1.c
@@ -10,6 +10,7 @@
#include
#include
#include
+#include
#include
#include "ploop1_image.h"
@@ -775,6 +776,13 @@ ploop1_prepare_grow(struct ploop_delta * delta, u64
*new_size, int *reloc)
delta->io.plo->grow_start = n_present;
delta->io.plo->grow_end = n_needed - n_alloced - 1;
+ if (delta->io.ops->prepare_reloc) {
+ err = delta->io.ops->prepare_reloc(>io,
+ delta->io.plo->grow_start, *reloc);
+ if (err)
+ return err;
+ }
+
/* Does not use rellocated data clusters during grow. */
if (delta->holes_bitmap) {
i = delta->io.plo->grow_start;
diff --git a/drivers/block/ploop/io_direct.c b/drivers/block/ploop/io_direct.c
index f67ce47e0562..dff12e2276bb 100644
--- a/drivers/block/ploop/io_direct.c
+++ b/drivers/block/ploop/io_direct.c
@@ -1666,6 +1666,31 @@ static int dio_start_merge(struct ploop_io * io, struct
ploop_snapdata *sd)
return 0;
}
+/*
+ * There may be a hole in a place, which will be new BAT clusters
+ * after grow (before grow these clusters are data). Nullifying code
+ * expects there is no a hole, so we preallocate them here.
+ */
+static int dio_prepare_reloc(struct ploop_io *io, unsigned int start_clu,
+unsigned int nr)
+{
+ struct file *file = io->files.file;
+ int log = io->plo->cluster_log;
+ loff_t start, len;
+ int err;
+
+ start = start_clu << (log + 9);
+ len = nr << (log + 9);
+
+ err = file->f_op->fallocate(file, 0, start, len);
+ if (err)
+ return err;
+ err = file->f_op->fallocate(file, FALLOC_FL_CONVERT_UNWRITTEN,
+ start, len);
+ return err;
+
+}
+
static void dio_unplug(struct ploop_io * io)
{
/* Need more thinking how to implement unplug */
@@ -1802,6 +1827,7 @@ static struct ploop_io_ops ploop_io_ops_direct =
.complete_snapshot =dio_complete_snapshot,
.io_prepare_merge = dio_prepare_merge,
.start_merge= dio_start_merge,
+ .prepare_reloc = dio_prepare_reloc,
.truncate = dio_truncate,
.queue_settings = dio_queue_settings,
diff --git a/include/linux/ploop/ploop.h b/include/linux/ploop/ploop.h
index 16a30076704a..bffd83b08764 100644
--- a/include/linux/ploop/ploop.h
+++ b/include/linux/ploop/ploop.h
@@ -198,6 +198,8 @@ struct ploop_io_ops
int (*complete_snapshot)(struct ploop_io *, struct ploop_snapdata
*);
int (*io_prepare_merge)(struct ploop_io *, struct ploop_snapdata *);
int (*start_merge)(struct ploop_io *, struct ploop_snapdata *);
+ int (*prepare_reloc)(struct ploop_io *, unsigned int, unsigned int);
+
int (*truncate)(struct ploop_io *, struct file *, __u32 alloc_head);
void(*queue_settings)(struct ploop_io *, struct request_queue *q);
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
[Devel] [PATCH RH7 2/2] ploop: Add more debug on error
Signed-off-by: Kirill Tkhai
---
include/linux/ploop/ploop.h |5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/include/linux/ploop/ploop.h b/include/linux/ploop/ploop.h
index bffd83b08764..766a0e9f3d89 100644
--- a/include/linux/ploop/ploop.h
+++ b/include/linux/ploop/ploop.h
@@ -732,10 +732,11 @@ static inline void ploop_req_set_error(struct
ploop_request * preq, int err)
do {
\
if ((err)) {
\
printk("%s() %d ploop%d set error %d: clu=%u, sec=%lu,
"\
- "size=%u, rw=0x%x, iblock=%u\n",
\
+ "size=%u, rw=0x%x, iblock=%u, state=0x%lx,
eng=0x%lx\n",\
__FUNCTION__, __LINE__, (preq)->plo->index, (int)(err),
\
(preq)->req_cluster, (preq)->req_sector,
\
- (preq)->req_size, (preq)->req_rw, (preq)->iblock);
\
+ (preq)->req_size, (preq)->req_rw, (preq)->iblock,
\
+ (preq)->state, (preq)->eng_state);
\
PLOOP_TRACE_ERROR_DUMP_STACK();
\
}
\
} while (0);
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
Re: [Devel] [PATCH RH7] cgroup: rework reference acquisition for cgroup_find_inode
On 10/26/20 9:48 AM, Andrey Zhadchenko wrote:
Use more generic igrab instead of atomic inc. Move cgroup_hash_del to eviction
stage to avoid deadlock.
Signed-off-by: Andrey Zhadchenko
---
kernel/cgroup.c | 25 -
1 file changed, 8 insertions(+), 17 deletions(-)
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index 27d7a5e..3bcbae9 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -1522,21 +1522,10 @@ static struct inode *cgroup_find_inode(unsigned long
fh[2], char take_ref)
struct inode *ret = NULL;
spin_lock(_inode_table_lock);
- item = cgroup_find_item_no_lock(fh);
- /*
-* If we need to increase refcount, we should be aware of possible
-* deadlock. Another thread may have started deleting this inode:
-* iput->iput_final->cgroup_delete_inode->cgroup_hash_del
-* If we just call igrab, it will try to take i_lock and this will
-* result in deadlock, because deleting thread has already taken it
-* and waits on cgroup_inode_table_lock to find inode in hashtable.
-*
-* If i_count is zero, someone is deleting it -> skip.
-*/
- if (take_ref && item)
- if (!atomic_inc_not_zero(>inode->i_count))
- item = NULL;
+ item = cgroup_find_item_no_lock(fh);
+ if (item && take_ref && !igrab(item->inode))
+ item = NULL;
spin_unlock(_inode_table_lock);
@@ -1634,15 +1623,17 @@ static const struct export_operations cgroup_export_ops = {
.fh_to_dentry = cgroup_fh_to_dentry,
};
-static int cgroup_delete_inode(struct inode *inode)
+static void cgroup_evict_inode(struct inode *inode)
{
cgroup_hash_del(inode);
- return generic_delete_inode(inode);
+ clear_inode(inode);
+ truncate_inode_pages_final(>i_data);
Why clear_inode/truncate_inode_pages_final order is different from the
order in evict()? And probably also we need to call cgroup_hash_del
after clear_inode to be consistent with mqueue_evict_inode.
I don't like different order of calls in different places, though it is
probably ok now, this can hurt in future.
}
static const struct super_operations cgroup_ops = {
.statfs = simple_statfs,
- .drop_inode = cgroup_delete_inode,
+ .drop_inode = generic_delete_inode,
+ .evict_inode = cgroup_evict_inode,
.show_options = cgroup_show_options,
#ifdef CONFIG_VE
.show_path = cgroup_show_path,
--
Best regards, Tikhomirov Pavel
Software Developer, Virtuozzo.
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
[Devel] [PATCH RH7] cgroup: rework reference acquisition for cgroup_find_inode
Use more generic igrab instead of atomic inc. Move cgroup_hash_del to eviction
stage to avoid deadlock.
Signed-off-by: Andrey Zhadchenko
---
kernel/cgroup.c | 25 -
1 file changed, 8 insertions(+), 17 deletions(-)
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index 27d7a5e..3bcbae9 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -1522,21 +1522,10 @@ static struct inode *cgroup_find_inode(unsigned long
fh[2], char take_ref)
struct inode *ret = NULL;
spin_lock(_inode_table_lock);
- item = cgroup_find_item_no_lock(fh);
- /*
-* If we need to increase refcount, we should be aware of possible
-* deadlock. Another thread may have started deleting this inode:
-* iput->iput_final->cgroup_delete_inode->cgroup_hash_del
-* If we just call igrab, it will try to take i_lock and this will
-* result in deadlock, because deleting thread has already taken it
-* and waits on cgroup_inode_table_lock to find inode in hashtable.
-*
-* If i_count is zero, someone is deleting it -> skip.
-*/
- if (take_ref && item)
- if (!atomic_inc_not_zero(>inode->i_count))
- item = NULL;
+ item = cgroup_find_item_no_lock(fh);
+ if (item && take_ref && !igrab(item->inode))
+ item = NULL;
spin_unlock(_inode_table_lock);
@@ -1634,15 +1623,17 @@ static const struct export_operations cgroup_export_ops
= {
.fh_to_dentry = cgroup_fh_to_dentry,
};
-static int cgroup_delete_inode(struct inode *inode)
+static void cgroup_evict_inode(struct inode *inode)
{
cgroup_hash_del(inode);
- return generic_delete_inode(inode);
+ clear_inode(inode);
+ truncate_inode_pages_final(>i_data);
}
static const struct super_operations cgroup_ops = {
.statfs = simple_statfs,
- .drop_inode = cgroup_delete_inode,
+ .drop_inode = generic_delete_inode,
+ .evict_inode = cgroup_evict_inode,
.show_options = cgroup_show_options,
#ifdef CONFIG_VE
.show_path = cgroup_show_path,
--
1.8.3.1
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
Re: [Devel] [PATCH RH7 v4] cgroup: add export_operations to cgroup super block
This patch is not needed for vz8, because cgroup will use kernfs, which
has export_operations implemented.
Best regards,
Andrey Zhadchenko
On Thu, 24 Sep 2020 10:41:31 +0300
Konstantin Khorenko wrote:
> Please, port this patch to vz8 as well, branch
> branch-rh8-4.18.0-193.6.3.vz8.4.x-ovz
>
> --
> Best regards,
>
> Konstantin Khorenko,
> Virtuozzo Linux Kernel Team
>
> On 07/30/2020 04:01 PM, Andrey Zhadchenko wrote:
> > criu uses fhandle from fdinfo to dump inotify objects. cgroup super
> > block has no export operations, but .encode_fh and .fh_to_dentry
> > are needed for inotify_fdinfo function and open_by_handle_at
> > syscall in order to correctly open files located on cgroupfs by
> > fhandle. Add hash table as a storage for inodes with exported
> > fhandle.
> >
> > v3: use inode->i_gen to protect from i_ino reusage. increase
> > fhandle size to 2 * u32.
> > Add an option to take reference of inode in cgroup_find_inode, so
> > no one can delete recently found inode.
> > v4: introduced hashtable helper functions to avoid races.
> > changed i_gen generation from get_seconds to prandom_u32.
> >
> > https://jira.sw.ru/browse/PSBM-105889
> > Signed-off-by: Andrey Zhadchenko
> > ---
> > kernel/cgroup.c | 168
> > +++- 1 file
> > changed, 167 insertions(+), 1 deletion(-)
> >
> > diff --git a/kernel/cgroup.c b/kernel/cgroup.c
> > index 9fdba79..956a9ac 100644
> > --- a/kernel/cgroup.c
> > +++ b/kernel/cgroup.c
> > @@ -62,6 +62,8 @@
> > #include
> > #include
> > #include
> > +#include
> > +#include
> >
> > #include
> >
> > @@ -765,6 +767,7 @@ static struct inode *cgroup_new_inode(umode_t
> > mode, struct super_block *sb)
> >
> > if (inode) {
> > inode->i_ino = get_next_ino();
> > + inode->i_generation = prandom_u32();
> > inode->i_mode = mode;
> > inode->i_uid = current_fsuid();
> > inode->i_gid = current_fsgid();
> > @@ -1390,9 +1393,171 @@ out:
> > }
> > #endif
> >
> > +/*
> > + * hashtable for inodes that have exported fhandles.
> > + * When we export fhandle, we add it's inode into
> > + * hashtable so we can find it fast
> > + */
> > +
> > +#define CGROUP_INODE_HASH_BITS 10
> > +static DEFINE_HASHTABLE(cgroup_inode_table,
> > CGROUP_INODE_HASH_BITS); +static
> > DEFINE_SPINLOCK(cgroup_inode_table_lock); +
> > +struct cg_inode_hitem {
> > + struct inode *inode;
> > + struct hlist_node hlist;
> > +};
> > +
> > +static inline unsigned long cgroup_inode_get_hash(unsigned int
> > i_ino) +{
> > + return hash_32(i_ino, CGROUP_INODE_HASH_BITS);
> > +}
> > +
> > +static struct cg_inode_hitem *cgroup_find_item_no_lock(unsigned
> > long fh[2]) +{
> > + struct cg_inode_hitem *i;
> > + struct hlist_head *head = cgroup_inode_table
> > + + cgroup_inode_get_hash(fh[1]);
> > + struct cg_inode_hitem *found = NULL;
> > +
> > + hlist_for_each_entry(i, head, hlist) {
> > + if (i->inode->i_generation == fh[0] &&
> > + i->inode->i_ino == fh[1]) {
> > + found = i;
> > + break;
> > + }
> > + }
> > +
> > + return found;
> > +}
> > +
> > +static struct inode *cgroup_find_inode(unsigned long fh[2], char
> > take_ref) +{
> > + struct cg_inode_hitem *item;
> > + struct inode *ret = NULL;
> > +
> > + spin_lock(_inode_table_lock);
> > + item = cgroup_find_item_no_lock(fh);
> > +
> > + /*
> > +* If we need to increase refcount, we should be aware of
> > possible
> > +* deadlock. Another thread may have started deleting this
> > inode:
> > +* iput->iput_final->cgroup_delete_inode->cgroup_hash_del
> > +* If we just call igrab, it will try to take i_lock and
> > this will
> > +* result in deadlock, because deleting thread has already
> > taken it
> > +* and waits on cgroup_inode_table_lock to find inode in
> > hashtable.
> > +*
> > +* If i_count is zero, someone is deleting it -> skip.
> > +*/
> > + if (take_ref && item)
> > + if (!atomic_inc_not_zero(>inode->i_count))
> > + item = NULL;
> > +
> > + spin_unlock(_inode_table_lock);
> > +
> > + if (item)
> > + ret = item->inode;
> > +
> > + return ret;
> > +}
> > +
> > +static int cgroup_hash_add(struct inode *inode)
> > +{
> > + unsigned long fh[2] = {inode->i_generation, inode->i_ino};
> > +
> > + if (!cgroup_find_inode(fh, 0)) {
> > + struct cg_inode_hitem *item;
> > + struct cg_inode_hitem *existing_item = 0;
> > + struct hlist_head *head = cgroup_inode_table
> > + + cgroup_inode_get_hash(inode->i_ino);
> > +
> > + item = kmalloc(sizeof(struct cg_inode_hitem),
> > GFP_KERNEL);
> > + if (!item)
> > + return -ENOMEM;
> > + item->inode = inode;
> > +
> > + spin_lock(_inode_table_lock);
> > + existing_item = cgroup_find_item_no_lock(fh);
> > + if
[Devel] [PATCH RHEL7 COMMIT] kvm: fix AMD IBRS/IBPB/STIBP/SSBD reporting #PSBM-120787
The commit is pushed to "branch-rh7-3.10.0-1127.18.2.vz7.163.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh7-3.10.0-1127.18.2.vz7.163.40 --> commit da3fe794241c1c644e2ff0b136ed42deb40c8a8e Author: Denis V. Lunev Date: Mon Oct 26 07:50:23 2020 +0300 kvm: fix AMD IBRS/IBPB/STIBP/SSBD reporting #PSBM-120787 We should report these bits in 8008 EBX on AMD only, i.e. when AMD specific feature bits are enabled. Signed-off-by: Denis V. Lunev CC: Vasily Averin CC: Konstantin Khorenko https://jira.sw.ru/browse/PSBM-120787 Signed-off-by: "Denis V. Lunev" --- arch/x86/kvm/cpuid.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 96a6bac..d876f18 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -642,13 +642,13 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function, * arch/x86/kernel/cpu/bugs.c is kind enough to * record that in cpufeatures so use them. */ - if (boot_cpu_has(X86_FEATURE_IBPB)) + if (boot_cpu_has(X86_FEATURE_AMD_IBPB)) entry->ebx |= F(AMD_IBPB); - if (boot_cpu_has(X86_FEATURE_IBRS)) + if (boot_cpu_has(X86_FEATURE_AMD_IBRS)) entry->ebx |= F(AMD_IBRS); - if (boot_cpu_has(X86_FEATURE_STIBP)) + if (boot_cpu_has(X86_FEATURE_AMD_STIBP)) entry->ebx |= F(AMD_STIBP); - if (boot_cpu_has(X86_FEATURE_SSBD)) + if (boot_cpu_has(X86_FEATURE_AMD_SSBD)) entry->ebx |= F(AMD_SSBD); if (!boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS)) entry->ebx |= F(AMD_SSB_NO); ___ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
