Fix a leak in /proc dentries and inodes with pid namespaces.
This fix reverts the commit 7766755a2f249e7e0. The leak was reported by
Daniel Lezcano - see http://lkml.org/lkml/2009/10/2/159.
To summarize the thread, when container-init is terminated, it sets the
PF_EXITING flag and then zaps all
Eric W. Biederman [ebied...@xmission.com] wrote:
| > clone3() seemed to be the leading contender from what I've read so far.
| > Does anyone still object to clone3() after reading the whole thread?
|
| I object to what clone3() is. The name is not particularly interesting.
|
| The sanity checks
Matt Helsley writes:
> On Mon, Oct 19, 2009 at 05:47:43PM -0400, Oren Laadan wrote:
>>
>>
>> Daniel Lezcano wrote:
>> > Sukadev Bhattiprolu wrote:
>> >> Daniel Lezcano [daniel.lezc...@free.fr] wrote:
>> >>
>> >>> Sukadev Bhattiprolu wrote:
>> >>>
>> Subject: [RFC][v8][PATCH 0/10] I
On Mon, Oct 19, 2009 at 05:47:43PM -0400, Oren Laadan wrote:
>
>
> Daniel Lezcano wrote:
> > Sukadev Bhattiprolu wrote:
> >> Daniel Lezcano [daniel.lezc...@free.fr] wrote:
> >>
> >>> Sukadev Bhattiprolu wrote:
> >>>
> Subject: [RFC][v8][PATCH 0/10] Implement clone3() system call
> >>
On Tue, Oct 20, 2009 at 06:31:20AM +0900, H. Peter Anvin wrote:
> On 10/20/2009 02:44 AM, Matt Helsley wrote:
>>> |
>>> | I know I'm late to this discussion, but why the name clone3()? It's
>>> | not consistent with any other convention used fo syscall naming,
>
> This assumption, of course, is jus
Daniel Lezcano wrote:
> Sukadev Bhattiprolu wrote:
>> Daniel Lezcano [daniel.lezc...@free.fr] wrote:
>>
>>> Sukadev Bhattiprolu wrote:
>>>
Subject: [RFC][v8][PATCH 0/10] Implement clone3() system call
To support application checkpoint/restart, a task must have the same pid
On 10/20/2009 02:44 AM, Matt Helsley wrote:
>> |
>> | I know I'm late to this discussion, but why the name clone3()? It's
>> | not consistent with any other convention used fo syscall naming,
This assumption, of course, is just plain wrong. Look at the wait
system calls, for example. However, w
Sukadev Bhattiprolu wrote:
> Daniel Lezcano [daniel.lezc...@free.fr] wrote:
>
>> Sukadev Bhattiprolu wrote:
>>
>>> Subject: [RFC][v8][PATCH 0/10] Implement clone3() system call
>>>
>>> To support application checkpoint/restart, a task must have the same pid it
>>> had when it was checkpoint
Serge E. Hallyn wrote:
> Documentation/checkpoint/readme.txt begins:
> """
> Application checkpoint/restart is the ability to save the state
> of a running application so that it can later resume its execution
> from the time at which it was checkpointed.
> """
>
> This patch adds generic suppor
On Fri, Oct 16, 2009 at 11:06:31AM -0700, Sukadev Bhattiprolu wrote:
> Michael Kerrisk [mtk.manpa...@googlemail.com] wrote:
> | Hi Sukadev
> |
> | On Fri, Oct 16, 2009 at 6:20 AM, Sukadev Bhattiprolu
> | wrote:
> | > Here is an updated patch with the following interface:
> | >
> | > long s
The only way the preceding loop will terminate is if n already has
this value.
Signed-off-by: Matt Helsley
---
checkpoint/checkpoint.c |1 -
1 files changed, 0 insertions(+), 1 deletions(-)
diff --git a/checkpoint/checkpoint.c b/checkpoint/checkpoint.c
index 5a76d2b..396ec29 100644
--- a/ch
Currently we allocate memory to output all of the epoll items in one
big chunk. At 20 bytes per item, and since epoll was designed to
support on the order of 10,000 items, we may find ourselves kmalloc'ing
200,000 bytes. That's an order 7 allocation whereas the heuristic for
difficult allocations,
Save/restore epoll items during checkpoint/restart respectively.
kmalloc failures should be dealt with more kindly than just error-out
because epoll is made to poll many thousands of file descriptors.
Subsequent patches will change epoll c/r to "chunk" its output/input
respectively.
Signed-off-by:
This completes the work necessary to make checkpoint/restart of
thousands of epoll items more reliable when higher order kmallocs
would fail. We grab a piece of memory suitable to store a "chunk"
of items for input. Read the input one chunk at a time and add
epoll items for each item in the chunk.
The LSM name is 'selinux', 'smack', 'tomoyo', or 'dummy'. We
add that to the container configuration section. We also add
a LSM policy configuration section. That is placed after the LSM
name. It is written by the LSM in security_checkpoint_header(),
called during checkpoint container(), and re
Documentation/checkpoint/readme.txt begins:
"""
Application checkpoint/restart is the ability to save the state
of a running application so that it can later resume its execution
from the time at which it was checkpointed.
"""
This patch adds the ability to checkpoint and restore selinux
contexts
Documentation/checkpoint/readme.txt begins:
"""
Application checkpoint/restart is the ability to save the state
of a running application so that it can later resume its execution
from the time at which it was checkpointed.
"""
This patch adds generic support for c/r of LSM credentials. Support
fo
The checkpoint file header now has an 11-character string
containing the name of the active LSM, following the uts
info, and a variable length buffer type conaining LSM-specific
version information (for instance a sha1sum of policy).
Handle these.
Also add a -k (--keeplsm) flag to tell restart to
Documentation/checkpoint/readme.txt begins:
"""
Application checkpoint/restart is the ability to save the state
of a running application so that it can later resume its execution
from the time at which it was checkpointed.
"""
This patch implements checkpoint and restore of Smack security
labels.
Hi all,
I've uploaded the conslusions of IO controller Mini-summit 2009 on the
web page. Thanks Fernando for creating the slides.
http://sourceforge.net/apps/trac/ioband/wiki/iosummit
Thank you to all attendees and thank you to the Linux Foundation Japan
for providing us with a conference venue a
20 matches
Mail list logo
