Re: [Devel] [PATCH 3/3] proc-net: virtualize all the network proc entries

20 июля 2017 г. 23:34 пользователь Andrey Vagin написал: On Thu, Jul 20, 2017 at 08:47:58PM +0400, Stanislav Kinsburskiy wrote: > Use proc_net_create() and proc_net_create_data() for all the per-net dentries. > We need this to expose per-net sysfs dentries once

[Devel] [PATCH 4/5] netfilter: always create per-net "filter" tables objects

They are required by CRIU to suspned and restore a container. Signed-off-by: Stanislav Kinsburskiy --- net/ipv4/netfilter/iptable_filter.c |6 -- net/ipv6/netfilter/ip6table_filter.c |6 -- 2 files changed, 12 deletions(-) diff --git a/net/ipv4/netfilter/iptable_filter.c b

[Devel] [PATCH 3/5] netfilter: check per-ve netfilter status on actual operation

Signed-off-by: Stanislav Kinsburskiy --- net/ipv4/ip_sockglue.c |7 +++ 1 file changed, 7 insertions(+) diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index bcca7f3..316b477 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -1119,6 +1119,10 @@ int

[Devel] [PATCH 5/5] netfilter: always create netfilter per-net objects for ipv4/ipv6

uspend and restore such containers with netfilter disabled. https://jira.sw.ru/browse/PSBM-68767 Signed-off-by: Stanislav Kinsburskiy --- net/ipv4/netfilter/ip_tables.c |5 - net/ipv6/netfilter/ip6_tables.c |6 -- 2 files changed, 11 deletions(-) diff --git a/net/ipv4/netfilter/i

[Devel] [PATCH 0/5] netfilter: rework iptables containerization

e it joins containers network namespace remaining in VE#0, thus all the netfilter stuff is always accessible. https://jira.sw.ru/browse/PSBM-58574 --- Stanislav Kinsburskiy (5): netfilter: ve_ipt_permitted() helper introduced netfilter: control iptables detries visibility in CT

[Devel] [PATCH 1/5] netfilter: ve_ipt_permitted() helper introduced

Will be used for iptables availability initialization Signed-off-by: Stanislav Kinsburskiy --- include/linux/netfilter.h |3 +++ 1 file changed, 3 insertions(+) diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h index 98e53c8..f395cc3 100644 --- a/include/linux/netfilter.h

[Devel] [PATCH 2/5] netfilter: control iptables detries visibility in CT by S_ISVTX

They won't be visible in CT, if netfilted is disabled. Signed-off-by: Stanislav Kinsburskiy --- net/netfilter/x_tables.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 4a351de..c93f0aa 100644 ---

[Devel] [PATCH 3/3] net: do iptables restore in ve0

/PSBM-58574 Signed-off-by: Stanislav Kinsburskiy --- criu/net.c | 25 - 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/criu/net.c b/criu/net.c index 9986310..6b2385c 100644 --- a/criu/net.c +++ b/criu/net.c @@ -34,6 +34,7 @@ #include "kerndat.h"

[Devel] [PATCH 0/3] criu: restore iptables in VE#0

ments... --- Stanislav Kinsburskiy (3): criu: export join_ve helper net: iptables_tool_{dump,restore} helpers introduced net: do iptables restore in ve0 criu/cr-restore.c |2 +- criu/include/crtools.h |2 ++ criu/net.c | 42 ++--

[Devel] [PATCH 1/3] criu: export join_ve helper

It will be used to restore iptables in VE#0 on restore stage. Signed-off-by: Stanislav Kinsburskiy --- criu/cr-restore.c |2 +- criu/include/crtools.h |2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/criu/cr-restore.c b/criu/cr-restore.c index 534b0f3..c07be1c

[Devel] [PATCH 2/3] net: iptables_tool_{dump, restore} helpers introduced

A couple of simple helpers to destinguish between iptables dump and restore. Will be useful later, when iptables restore will happen in VE#0. Signed-off-by: Stanislav Kinsburskiy --- criu/net.c | 19 +++ 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/criu/net.c

Re: [Devel] [PATCH 0/5] netfilter: rework iptables containerization

Kirill, would you mind to take a look? )) 21.07.2017 09:23, Stanislav Kinsburskiy P?P8QP5Q: > This series is aimed to give CRCIU an ability to suspend and restore > VZ containers with disabled netfilter. > The problem is that with CT doesn't have any netfilter objects, when

Re: [Devel] [PATCH 3/5] netfilter: check per-ve netfilter status on actual operation

21.07.2017 12:50, Andrey Ryabinin пишет: > > > On 07/21/2017 10:23 AM, Stanislav Kinsburskiy wrote: >> Signed-off-by: Stanislav Kinsburskiy >> --- >> net/ipv4/ip_sockglue.c |7 +++ >> 1 file changed, 7 insertions(+) >> >> diff --git a/ne

[Devel] [PATCH v2] netfilter: check per-ve netfilter status on actual operation

v2: 1) Return ENOPROTOOPT instead of ENOENT from ip_setsockopt Signed-off-by: Stanislav Kinsburskiy --- net/ipv4/ip_sockglue.c |7 +++ 1 file changed, 7 insertions(+) diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index bcca7f3..8b22763 100644 --- a/net/ipv4/ip_sockglue.c

Re: [Devel] [PATCH v2] netfilter: check per-ve netfilter status on actual operation

21.07.2017 15:41, Andrey Ryabinin пишет: > > > On 07/21/2017 03:06 PM, Stanislav Kinsburskiy wrote: >> v2: >> 1) Return ENOPROTOOPT instead of ENOENT from ip_setsockopt >> >> Signed-off-by: Stanislav Kinsburskiy >> --- >> net/ipv4/ip_sockglue.c |

[Devel] [PATCH] systemd-autofs-restart.sh: return meaningful value from restore_mountpoint

Its result is threated as a reason to print or supress error message. Signed-off-by: Stanislav Kinsburskiy --- scripts/systemd-autofs-restart.sh | 13 + 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/scripts/systemd-autofs-restart.sh b/scripts/systemd-autofs

[Devel] [PATCH] criu: update second "iptables restore" helper to work in VE#0

Surprisingly CRIU has 2 equal helpers for iptables restore. Initial series patched only one the them. This patch updates the second one. https://jira.sw.ru/browse/PSBM-58574 Signed-off-by: Stanislav Kinsburskiy --- criu/net.c | 30 +- 1 file changed, 29 insertions

Re: [Devel] [PATCH 3/3] net: do iptables restore in ve0

24.07.2017 18:46, Andrei Vagin пишет: > On Mon, Jul 24, 2017 at 06:38:15PM +0300, Cyrill Gorcunov wrote: >> On Mon, Jul 24, 2017 at 08:34:52AM -0700, Andrei Vagin wrote: -static int iptables_tool_restore(char *def_cmd, int fdin) +static int __iptables_tool_restore(char *def_cmd,

Re: [Devel] [PATCH 3/3] net: do iptables restore in ve0

24 июля 2017 г. 7:04 PM пользователь Kirill Gorkunov написал: On Mon, Jul 24, 2017 at 06:52:31PM +0300, Stanislav Kinsburskiy wrote: > > >> int join_ve(pid_t pid, bool veX) > > > > Does pid have to be 0 in this case? > > > > Maybe interface to this

Re: [Devel] [PATCH 3/3] net: do iptables restore in ve0

24 июля 2017 г. 7:12 PM пользователь Kirill Gorkunov написал: On Mon, Jul 24, 2017 at 07:09:39PM +0300, Stanislav Kinsburskiy wrote: > >Well, no. I don't like this defines. >And I don't think that pid has to be explicitly provided. At least for >ve0. >

Re: [Devel] [PATCH] ve: allow to do anything from init_user_ns

I like it. Acked-by: Stanislav Kinsburskiy 24.07.2017 23:55, Andrei Vagin пишет: > From: Andrei Vagin > > current_user_ns_initial() is used to restrict operations, > which are allowed in a ve initial userns, but aren't allowed > in sub-user-namespaces. But now this f

Re: [Devel] [PATCH 3/3] net: do iptables restore in ve0

25.07.2017 09:48, Andrey Vagin пишет: > On Mon, Jul 24, 2017 at 11:37:52PM -0700, Stanislav Kinsburskiy wrote: >> >> >> 24 июля 2017 г. 7:12 PM пользователь Kirill Gorkunov >> написал: >> >> On Mon, Jul 24, 2017 at 07:09:39PM +0300, Stanislav Kinsbursk

[Devel] [PATCH 1/2] venet: free netdevice in destructor

ays) Signed-off-by: Stanislav Kinsburskiy --- drivers/net/venetdev.c |2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/venetdev.c b/drivers/net/venetdev.c index 4954129..5ac62c5 100644 --- a/drivers/net/venetdev.c +++ b/drivers/net/venetdev.c @@ -466,6 +466,8 @@ static v

[Devel] [PATCH 0/2] venet: fix device leakage in destructor

In scope of https://jira.sw.ru/browse/PSBM-65033. --- Stanislav Kinsburskiy (2): venet: free netdevice in destructor venet: do not leave destructor, if stats is NULL drivers/net/venetdev.c |9 - 1 file changed, 4 insertions(+), 5 deletions

[Devel] [PATCH 2/2] venet: do not leave destructor, if stats is NULL

1) It can't happen 2) Device has to be freed anyways Signed-off-by: Stanislav Kinsburskiy --- drivers/net/venetdev.c |7 ++- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/drivers/net/venetdev.c b/drivers/net/venetdev.c index 5ac62c5..5710792 100644 --- a/driver

Re: [Devel] [PATCH] ve: allow to do anything from init_user_ns

;t allowed >> in sub-user-namespaces. But now this function doesn't take >> into account init_user_ns. init user_ns is a root item in the >> hierarchy of user namespaces, so it is actually initiall >> for ve-s. The upstream kernel allow to do anything from >> init_user

[Devel] [PATCH] ve: remove some dead parts from ve_struct

Signed-off-by: Stanislav Kinsburskiy --- include/linux/ve.h |3 --- 1 file changed, 3 deletions(-) diff --git a/include/linux/ve.h b/include/linux/ve.h index 2d8eca6..94dd068 100644 --- a/include/linux/ve.h +++ b/include/linux/ve.h @@ -28,7 +28,6 @@ struct tty_driver; struct

Re: [Devel] [PATCH] ve: allow to do anything from init_user_ns

25.07.2017 15:23, Konstantin Khorenko пишет: > On 07/25/2017 03:20 PM, Stanislav Kinsburskiy wrote: >> >> >> 25.07.2017 14:46, Konstantin Khorenko пишет: >>> The only possible problem i can see here in the future: >>> imagine we implement n:m mappi

[Devel] [PATCH] module: fix memory leak in load_module

leak_alloc+0x4e/0xb0 [] kmem_cache_alloc_trace+0xe9/0x260 [] load_module+0x35e/0x1be0 [] SyS_finit_module+0xa6/0xd0 [] system_call_fastpath+0x16/0x1b [] 0x Signed-off-by: Stanislav Kinsburskiy --- kernel/module.c |1 + 1 file changed, 1 insertion(+) diff --gi

[Devel] [PATCH] module: fix memory leak in free_module

leak_alloc+0x4e/0xb0 [] kmem_cache_alloc_trace+0xe9/0x260 [] load_module+0x35e/0x1be0 [] SyS_finit_module+0xa6/0xd0 [] system_call_fastpath+0x16/0x1b [] 0x Signed-off-by: Stanislav Kinsburskiy --- kernel/module.c |1 + 1 file changed, 1 insertion(+) diff --gi

[Devel] [PATCH] mm: fix sleeping function warning from __put_anon_vma

: Linus Torvalds Signed-off-by: Stanislav Kinsburskiy --- mm/rmap.c |8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/mm/rmap.c b/mm/rmap.c index 4668df5..f3aac5a 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -110,6 +110,7 @@ static inline void anon_vma_free(struct anon_vma *a

[Devel] [RFC PATCH] slub: add "pages" attribute

It prints page addresses in slub. Useful for search of leaked objects (say, I found leaked dentry with this after CT stop). Signed-off-by: Stanislav Kinsburskiy --- mm/slub.c | 35 ++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/mm/slub.c b

[Devel] [libvzctl PATCH 2/2] env_create: created root run path in VE#0 context

0192/cgroup/dentry(5:102) This patch fixes it by explicitly created runt root dentry in VE#0 Found in scope of https://jira.sw.ru/browse/PSBM-65033 Signed-off-by: Stanislav Kinsburskiy --- lib/env_nsops.c |4 1 file changed, 4 insertions(+) diff --git a/lib/env_nsops.c b/lib/env_n

[Devel] [libvzctl PATCH 0/2] env_create: create CT run root in VE#0 context

Found in scope of https://jira.sw.ru/browse/PSBM-65033 Fixed anoying hanging slab after CT stop: /sys/kernel/slab/:atA-192/cgroup/dentry(5:102) The following series implements... --- Stanislav Kinsburskiy (2): util: create_ve_run_dir() helper introduced env_create: created

[Devel] [libvzctl PATCH 1/2] util: create_ve_run_dir() helper introduced

Will be used to create root run directory. Signed-off-by: Stanislav Kinsburskiy --- lib/util.c |5 + lib/util.h |1 + 2 files changed, 6 insertions(+) diff --git a/lib/util.c b/lib/util.c index f0dacaa..46e4c06 100644 --- a/lib/util.c +++ b/lib/util.c @@ -2596,6 +2596,11 @@ void

[Devel] [PATCH] sunrpc: take net from task client only is available

SUNRPC task can have no RPC client, but RPC request instead (this is a piece of NFSv4.1 callback magic). In this case network has be taken from tk->rqstp object. Signed-off-by: Stanislav Kinsburskiy --- net/sunrpc/clnt.c |9 - 1 file changed, 8 insertions(+), 1 deletion(-) d

Re: [Devel] [PATCH] sunrpc: take net from task client only is available

1 авг. 2017 г. 16:50 пользователь Kirill Tkhai написал: On 01.08.2017 14:16, Stanislav Kinsburskiy wrote: > SUNRPC task can have no RPC client, but RPC request instead (this is a piece > of NFSv4.1 callback magic). > In this case network has be taken from tk->rqstp object. >

[Devel] [PATCH 0/6] proc connector: containerize on per-net basis

This feature is requested by customer and needed by cgred service. https://jira.sw.ru/browse/PSBM-60227 --- Stanislav Kinsburskiy (6): proc connector: per-net operations introduced proc connector: introduce get_cdev() helper proc connector: proc listeners helpers added

[Devel] [PATCH 3/6] proc connector: proc listeners helpers added

These are precursor helpers, which will hide all the containerization magic. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 57 +-- 1 file changed, 44 insertions(+), 13 deletions(-) diff --git a/drivers/connector/cn_proc.c b

[Devel] [PATCH 1/6] proc connector: per-net operations introduced

namespace. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 35 + drivers/connector/connector.c | 114 + drivers/connector/netns.h | 22 3 files changed, 171 insertions(+) create mode 100644 drivers/connect

[Devel] [PATCH 4/6] proc connector: pass net to get_seq()

Will be used later to obtain unique sequence number in desired network Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index

[Devel] [PATCH 2/6] proc connector: introduce get_cdev() helper

This is a precursor helper, which will hide all the containerization magic. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c | 20 +--- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector

[Devel] [PATCH 5/6] proc connector: cn_initialized() helper added

This is a precursor helper, which will hide all the containerization magic. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c |8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c index

[Devel] [PATCH 6/6] proc connector: switch logic on per-net basis

: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 49 drivers/connector/connector.c | 50 +++-- 2 files changed, 28 insertions(+), 71 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers

[Devel] [PATCH 7/6] proc connector: user containers initial user namespace

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 17 + 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index c5bd47b..10a3e3e 100644 --- a/drivers/connector/cn_proc.c +++ b/drivers

Re: [Devel] [PATCH 3/6] proc connector: proc listeners helpers added

15.08.2017 16:52, Andrey Ryabinin пишет: > On 08/15/2017 03:42 PM, Stanislav Kinsburskiy wrote: >> These are precursor helpers, which will hide all the containerization magic. >> >> Signed-off-by: Stanislav Kinsburskiy >> --- >> d

Re: [Devel] [PATCH 3/6] proc connector: proc listeners helpers added

15.08.2017 17:13, Andrey Ryabinin пишет: > > > On 08/15/2017 04:58 PM, Stanislav Kinsburskiy wrote: >> >> >> 15.08.2017 16:52, Andrey Ryabinin пишет: >>> On 08/15/2017 03:42 PM, Stanislav Kinsburskiy wrote: >>>> These are precursor helpers, whic

[Devel] [PATCH v2 10/27] proc connector: use generic event helper for exec event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 28 +++- 1 file changed, 7 insertions(+), 21 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index ffda79b..06fd6b3 100644 --- a/drivers/connector/cn_proc.c +++ b

[Devel] [PATCH v2 07/27] connector: take cn_already_initialized from VE

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c |8 +++- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c index bba667d..110637b 100644 --- a/drivers/connector/connector.c +++ b/drivers

[Devel] [PATCH v2 05/27] connector: use device stored in VE

Instead of global static device. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c |8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c index f5484b2..bc2308a 100644 --- a/drivers

[Devel] [PATCH v2 00/27] proc connector: containerize on per-VE basis

This feature is requested by customer and needed by cgred service. https://jira.sw.ru/browse/PSBM-60227 What's ne in v2: 1) Containerization is done on per-VE basis 2) Event in container is also sent to VE#0 --- Stanislav Kinsburskiy (27): connector: remove redundant input callback

[Devel] [PATCH v2 04/27] connector: per-ve init and fini helpers introduced

This helpers will be used later to initialize per-container connector. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c | 31 +-- 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector

[Devel] [PATCH v2 01/27] connector: remove redundant input callback from cn_dev

A small cleanup: this callback is never used. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c |6 +- include/linux/connector.h |1 - 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c

[Devel] [PATCH v2 08/27] proc connector: generic proc_event_connector() helper introduced

A lot of code is duplicated in proc connector events handling. This patch introduces generic even handler, which will be used by different events. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 50 +++ 1 file changed, 50

[Devel] [PATCH v2 12/27] proc connector: use generic event helper for sid event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 28 +++- 1 file changed, 7 insertions(+), 21 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 0647fcf..2ad2587 100644 --- a/drivers/connector/cn_proc.c +++ b

[Devel] [PATCH v2 02/27] connector: store all private data on VE structure

This is needed to containerize connector and its proc part. Signed-off-by: Stanislav Kinsburskiy --- include/linux/connector.h |9 + include/linux/ve.h|4 2 files changed, 13 insertions(+) diff --git a/include/linux/connector.h b/include/linux/connector.h index

[Devel] [PATCH v2 09/27] proc connector: use generic event helper for fork event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 30 +++--- 1 file changed, 7 insertions(+), 23 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 808b22a..ffda79b 100644 --- a/drivers/connector/cn_proc.c

[Devel] [PATCH v2 11/27] proc connector: use generic event helper for id event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 29 - 1 file changed, 8 insertions(+), 21 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 06fd6b3..0647fcf 100644 --- a/drivers/connector/cn_proc.c

[Devel] [PATCH v2 06/27] connector: per-ve helpers intoruduced

This is precursor patch. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c | 48 - include/linux/connector.h |7 ++ 2 files changed, 40 insertions(+), 15 deletions(-) diff --git a/drivers/connector/connector.c b/drivers

[Devel] [PATCH v2 16/27] proc connector: use generic event helper for exit event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 28 +++- 1 file changed, 7 insertions(+), 21 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 312f30f..4ee1640 100644 --- a/drivers/connector/cn_proc.c +++ b

[Devel] [PATCH v2 03/27] connector: introduce VE-aware get_cdev() helper

Once containerized, device won't be one and for all. Thus make a helper template and use it instead of direct device object access. Use ve0 for now. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c | 20 +--- 1 file changed, 13 insertions(+), 7 dele

[Devel] [PATCH v2 13/27] proc connector: use generic event helper for ptrace event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 31 +-- 1 file changed, 9 insertions(+), 22 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 2ad2587..36a53fd 100644 --- a/drivers/connector/cn_proc.c

[Devel] [PATCH v2 19/27] proc connector: call proc-related init and fini routines explicitly

This allows to support per-container connector creation and destruction. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 19 --- drivers/connector/connector.c | 33 - 2 files changed, 28 insertions(+), 24 deletions

[Devel] [PATCH v2 17/27] proc connector: add pid namespace awareness

This is precursor patch. Later VE pid ns will be used. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 40 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c

[Devel] [PATCH v2 24/27] proc connector: send events to both VEs if not in VE#0

This is needed to preserve current behaviour, when process in initial pid and user namespaces (i.e. in VE#0) can receive events from all the processes in the system. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 29 ++--- 1 file changed, 22

[Devel] [PATCH v2 14/27] proc connector: use generic event helper for comm event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 28 +++- 1 file changed, 7 insertions(+), 21 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 36a53fd..2d5ff7c 100644 --- a/drivers/connector/cn_proc.c +++ b

[Devel] [PATCH v2 18/27] proc connector: add per-ve init and fini foutines

These routines will be called from main connecter per-ve init and fini routines. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 17 + include/linux/connector.h |3 +++ 2 files changed, 20 insertions(+) diff --git a/drivers/connector/cn_proc.c b

[Devel] [PATCH v2 25/27] connector: containerize "connector" proc entry

Needed to expose "/proc/net/connector" in CT and show right content. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c ind

[Devel] [PATCH v2 20/27] proc connector: take number of listeners and per-cpu conters from VE

Instead of static variables. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 50 --- 1 file changed, 32 insertions(+), 18 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 7a1124a..ff99f06

[Devel] [PATCH v2 23/27] proc connector: use per-ve netlink sender helper

Required to send event in the network to the right listener. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index df6553d..17e0247 100644

[Devel] [PATCH v2 27/27] connector: add VE SS hook

And thus containerize connector finally. https://jira.sw.ru/browse/PSBM-60227 Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c | 23 --- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector

[Devel] [PATCH v2 15/27] proc connector: use generic event helper for coredump event

Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 28 +++- 1 file changed, 7 insertions(+), 21 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c index 2d5ff7c..312f30f 100644 --- a/drivers/connector/cn_proc.c +++ b

[Devel] [PATCH v2 26/27] connector: take VE from socket upon callback

This is needed to attach listener to the right device. I.e. attach to the right source of events (in terms of CT). Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/connector.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/connector/connector.c b

[Devel] [PATCH v2 22/27] proc connector: take namespaces from VE

Intead of hardcoded "init" namespaces. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 69 ++- 1 file changed, 42 insertions(+), 27 deletions(-) diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c ind

[Devel] [PATCH v2 21/27] proc connector: pass VE to event fillers

Precursor patch. VE will be used later to get proper pid and user namespaces for correct event generation. Signed-off-by: Stanislav Kinsburskiy --- drivers/connector/cn_proc.c | 36 +++- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/drivers

Re: [Devel] [PATCH v2 00/27] proc connector: containerize on per-VE basis

Andrey, please. 17.08.2017 16:59, Stanislav Kinsburskiy пишет: > This feature is requested by customer and needed by cgred service. > > https://jira.sw.ru/browse/PSBM-60227 > > What's ne in v2: > 1) Containerization is done on per-VE basis > 2) Event in cont

[Devel] [libvzctl PATCH] cgrop: get process CT ID from its status

n turn to skipping SUNRPC suppress, thus breaking CT killing with unreachable NFS. This patch changes the logic to take envID from /proc/pid/status, which contains real VE ID, but not cgroup. https://jira.sw.ru/browse/PSBM-70402 Signed-off-by: Stanislav Kinsburskiy --- lib/cgroup.c |6 ++

[Devel] [libvzctl PATCH] fast stop: suppress SUNRPC per task

dentries (/proc/pid/net is not available anymore). https://jira.sw.ru/browse/PSBM-70437 Note: this patch reverts (replaces) commit f8e953f5d683aa6f04dcc2b563b98d6e9ee3 Signed-off-by: Stanislav Kinsburskiy --- lib/env_nsops.c | 81 +-- 1 f

Re: [Devel] [libvzctl PATCH] fast stop: suppress SUNRPC per task

21.08.2017 18:17, Igor Sukhih пишет: > On 08/21/2017 04:18 PM, Stanislav Kinsburskiy wrote: >> It solves two issues. >> First, it allows to kill tasks in nested namespaces (rare, but possible >> case). >> Second, is allows to kill CT with exited child reaper (wh

[Devel] [PATCH] zdtm: print autofs request size, if read more than expected

This is more debug patch, than fix. But valuable for debugging. https://jira.sw.ru/browse/PSBM-70345 Signed-off-by: Stanislav Kinsburskiy --- test/zdtm/static/autofs.c |6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/zdtm/static/autofs.c b/test/zdtm/static

Re: [Devel] [PATCH rh7 2/2] mm/memcg: reclaim only kmem if kmem limit reached.

25.08.2017 18:38, Andrey Ryabinin пишет: > If kmem limit on memcg reached, we go into memory reclaim, > and reclaim everything we can, including page cache and anon. > Reclaiming page cache or anon won't help since we need to lower > only kmem usage. This patch fixes the problem by avoiding > non

[Devel] [PATCH] zdtm: fix autofs tes compilation

Variables type of size_t have to be printed with "%z" directive. https://jira.sw.ru/browse/PSBM-71041 Signed-off-by: Stanislav Kinsburskiy --- test/zdtm/static/autofs.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/zdtm/static/autofs.c b/test/zdtm/stati

[Devel] [PATCH] zdtm: fix package memory allocation in autofs.c

Plus some cleanup. https://jira.sw.ru/browse/PSBM-71078 Signed-off-by: Stanislav Kinsburskiy --- test/zdtm/static/autofs.c | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/test/zdtm/static/autofs.c b/test/zdtm/static/autofs.c index 8d917ee..882289f

[Devel] [PATCH] autofs: fix autofs_v5_packet structure for compat mode

://jira.sw.ru/browse/PSBM-71078 Signed-off-by: Stanislav Kinsburskiy --- include/uapi/linux/auto_fs4.h |2 ++ 1 file changed, 2 insertions(+) diff --git a/include/uapi/linux/auto_fs4.h b/include/uapi/linux/auto_fs4.h index e02982f..8729a47 100644 --- a/include/uapi/linux/auto_fs4.h +++ b/include/uapi

Re: [Devel] [PATCH] autofs: fix autofs_v5_packet structure for compat mode

Yes 31.08.2017 13:37, Konstantin Khorenko пишет: > Will you send it to mainstream as well? > > -- > Best regards, > > Konstantin Khorenko, > Virtuozzo Linux Kernel Team > > On 08/31/2017 01:11 PM, Stanislav Kinsburskiy wrote: >> Due to integer v

Re: [Devel] [PATCH] autofs: fix autofs_v5_packet structure for compat mode

31.08.2017 13:38, Dmitry V. Levin пишет: > On Thu, Aug 31, 2017 at 02:11:34PM +0400, Stanislav Kinsburskiy wrote: >> Due to integer variables alignment size of struct autofs_v5_packet in 300 >> bytes in 32-bit architectures (instead of 304 bytes in 64-bits >> architectures)

Re: [Devel] [PATCH] autofs: fix autofs_v5_packet structure for compat mode

31.08.2017 15:05, Dmitry V. Levin пишет: > On Thu, Aug 31, 2017 at 02:40:23PM +0300, Dmitry V. Levin wrote: >> On Thu, Aug 31, 2017 at 01:48:27PM +0300, Stanislav Kinsburskiy wrote: >>> >>> >>> 31.08.2017 13:38, Dmitry V. Levin пишет: >>>> On

[Devel] [RFC PATCH 0/2] autofs: add "compat" support

The idea is simple: reduce autofs_v5_packet for 32bit damon on 64bit architectures. --- Stanislav Kinsburskiy (2): autofs: set compat flag on sbi when daemon uses 32bit addressation autofs: sent 32-bit sized packet for 32-bit process fs/autofs4/inode.c | 16 fs

[Devel] [RFC PATCH 1/2] autofs: set compat flag on sbi when daemon uses 32bit addressation

Signed-off-by: Stanislav Kinsburskiy --- fs/autofs4/inode.c | 16 1 file changed, 16 insertions(+) diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c index b23cf2a..989ac38 100644 --- a/fs/autofs4/inode.c +++ b/fs/autofs4/inode.c @@ -217,6 +217,7 @@ int autofs4_fill_super

[Devel] [RFC PATCH 2/2] autofs: sent 32-bit sized packet for 32-bit process

The structure autofs_v5_packet (except name) is not aligned by 8 bytes, which lead to different sizes in 32 and 64-bit architectures. Let's form 32-bit compatible packet when daemon has 32-bit addressation. Signed-off-by: Stanislav Kinsburskiy --- fs/autofs4/waitq.c | 11 +-- 1

Re: [Devel] [RFC PATCH 2/2] autofs: sent 32-bit sized packet for 32-bit process

31.08.2017 20:22, Dmitry V. Levin пишет: > On Thu, Aug 31, 2017 at 05:57:11PM +0400, Stanislav Kinsburskiy wrote: >> The structure autofs_v5_packet (except name) is not aligned by 8 bytes, which >> lead to different sizes in 32 and 64-bit architectures. >> Let's for

[Devel] [PATCH] autofs: fix double pid put in error path

Signed-off-by: Stanislav Kinsburskiy --- fs/autofs4/inode.c |1 - 1 file changed, 1 deletion(-) diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c index b23cf2a..0ba9c02 100644 --- a/fs/autofs4/inode.c +++ b/fs/autofs4/inode.c @@ -343,7 +343,6 @@ int autofs4_fill_super(struct super_block

[Devel] [PATCH] autofs: fix leaked pid on error path in autofs4_fill_super

Check for protocol happens after pid get. Signed-off-by: Stanislav Kinsburskiy --- fs/autofs4/inode.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c index 0ba9c02..2cd4e7e 100644 --- a/fs/autofs4/inode.c +++ b/fs/autofs4/inode.c

[Devel] [RFC PATCH 1/2] autofs: set compat flag on sbi when daemon uses 32bit addressation

Signed-off-by: Stanislav Kinsburskiy --- fs/autofs4/autofs_i.h |3 +++ fs/autofs4/dev-ioctl.c |3 +++ fs/autofs4/inode.c |4 +++- 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/fs/autofs4/autofs_i.h b/fs/autofs4/autofs_i.h index 4737615..3da105f 100644 --- a/fs

[Devel] [RFC PATCH 0/2] autofs: fix autofs_v5_packet dlivery in compat mode

It's now clear, what to do if "pgrp" option is specified. The following series implements... --- Stanislav Kinsburskiy (2): autofs: set compat flag on sbi when daemon uses 32bit addressation autofs: sent 32-bit sized packet for 32-bit process fs/autofs4/autofs_i.h |

[Devel] [RFC PATCH 2/2] autofs: sent 32-bit sized packet for 32-bit process

The structure autofs_v5_packet (except name) is not aligned by 8 bytes, which leads to different sizes in 32 and 64-bit architectures. Let's form 32-bit compatible packet when daemon has 32-bit addressation. Suggested-by: Dmitry V. Levin Signed-off-by: Stanislav Kinsburskiy --- fs/au

[Devel] [PATCH] tests: do not try to read more than packet in AutoFS test

ra.sw.ru/browse/PSBM-71078 Signed-off-by: Stanislav Kinsburskiy --- test/zdtm/static/autofs.c | 13 + 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/test/zdtm/static/autofs.c b/test/zdtm/static/autofs.c index 747ab69..ae78538 100644 --- a/test/zdtm/static/autofs.c +++ b/t

[Devel] [PATCH] zdtm: fix autofs to work with autofs_v5_packet_union issue

The only patch in the series discards the following CRIU commits: 27ce0613e7319c97cc7bfc0a240e3f5f61f3d912 e90b5ed57af866010bc8f5c7c9730aa68995cb77 2fc59ffe3ead2eff44542a415f16b1559e2c8140 The following series implements... --- Stanislav Kinsburskiy (1): tests: do not try to read more

Re: [Devel] [RFC PATCH 2/2] autofs: sent 32-bit sized packet for 32-bit process

01.09.2017 16:53, Dmitry V. Levin P?P8QP5Q: > On Fri, Sep 01, 2017 at 12:15:17PM +0300, Stanislav Kinsburskiy wrote: >> 31.08.2017 20:22, Dmitry V. Levin P?P8QP5Q: >>> On Thu, Aug 31, 2017 at 05:57:11PM +0400, Stanislav Kinsburskiy wrote: >>>> The structure aut

Re: [Devel] [RFC PATCH 2/2] autofs: sent 32-bit sized packet for 32-bit process

01.09.2017 21:23, Dmitry V. Levin P?P8QP5Q: > On Fri, Sep 01, 2017 at 05:02:45PM +0300, Stanislav Kinsburskiy wrote: >> >> >> 01.09.2017 16:53, Dmitry V. Levin P?P8QP5Q: >>> On Fri, Sep 01, 2017 at 12:15:17PM +0300, Stanislav Kinsburskiy wrote: >>>&g

<    1   2   3   4   5   >