[Devel] [PATCH -tip] sched/deadline: switched_to_dl() -- skip if task is current

. For example: a small number of deadline tasks which have common rt_spinlocks with fair tasks. Priority inheritance mechanism does this every time it is acquiring a lock. [This is confirmed by Juri Lelli and LKML was CC'ed, but unfotunately I can't find direct link on lkml.org] Signed-off-by: Kirill

[Devel] [PATCH v2 -tip] sched/deadline: switched_to_dl() -- skip if task is current

can't find direct link on lkml.org] Signed-off-by: Kirill Tkhai ktk...@parallels.com CC: Juri Lelli juri.le...@gmail.com CC: Peter Zijlstra pet...@infradead.org CC: Ingo Molnar mi...@kernel.org --- kernel/sched/deadline.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel

[Devel] [PATCH 1/2] ve: Introduce ve::devmnt list

is permittions line example: 0 xxx;1 balloon_ino=12,pfcache_csum,pfcache=/vz/pfcache;2 barrier=1 Here, xxx is st_rdev of device, '1' starts comma-separated list of hidden options, and '2' is allowed ones. Signed-off-by: Kirill Tkhai ktk...@odin.com --- include/linux/ve.h | 11 kernel/ve/ve.c

[Devel] [PATCH rh7 2/2] fs: process mount options

'). Signed-off-by: Kirill Tkhai ktk...@odin.com --- fs/namespace.c | 136 fs/super.c | 17 ++- include/linux/fs.h |2 + 3 files changed, 153 insertions(+), 2 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index

[Devel] [PATCH rh7] ve: Revert ve/pid_ns: reap zombies with external parent on container's init exit

, this was need for versions = PCS5. Signed-off-by: Kirill Tkhai ktk...@odin.com --- include/linux/sched.h |2 -- include/linux/ve.h |2 -- kernel/exit.c | 15 --- kernel/pid_namespace.c |2 -- kernel/ve/ve.c | 38 -- 5

Re: [Devel] [PATCH rh7 1/2] ve: Introduce ve::devmnt list

Hi, Maxim, В Ср, 06/05/2015 в 15:05 -0700, Maxim Patlasov пишет: Kirill, see please a couple of inline comments below... On 04/29/2015 01:29 AM, Kirill Tkhai wrote: 1)Porting patch ve: mount option list by Maxim Patlasov: The patch adds new fields to ve_struct: devmnt_list

[Devel] [PATCH rh7] ve: Prevent iteration with NULL dev in device_destroy_namespace()

/PSBM-33239 Signed-off-by: Kirill Tkhai ktk...@odin.com --- drivers/base/core.c |6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/base/core.c b/drivers/base/core.c index 98e8e3b..6583bec 100644 --- a/drivers/base/core.c +++ b/drivers/base/core.c @@ -1840,12 +1840,14

[Devel] [PATCH rh7 v2 2/2] fs: process mount options

'). Signed-off-by: Kirill Tkhai ktk...@odin.com --- fs/namespace.c | 136 fs/super.c | 17 ++- include/linux/fs.h |2 + 3 files changed, 153 insertions(+), 2 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index

Re: [Devel] [PATCH rh7 2/2] ve_printk for nf_conntrack: table full

/show_bug.cgi?id=2940 Signed-off-by: Vasily Averin v...@openvz.org Acked-by: Kirill Tkhai ktk...@odin.com ___ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel

[Devel] [PATCH rh7] ve: Implement cgroup interface to configure ve's os_release

-32273 Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/ve/ve.c | 55 +++ 1 file changed, 55 insertions(+) diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c index 6ab409f..e598d15 100644 --- a/kernel/ve/ve.c +++ b/kernel/ve/ve.c @@ -1032,6

[Devel] [PATCH rh7] scripts: Delete generated binary files from kernel tree.

Signed-off-by: Kirill Tkhai ktk...@odin.com --- scripts/basic/fixdep | Bin scripts/kconfig/conf | Bin 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100755 scripts/basic/fixdep delete mode 100755 scripts/kconfig/conf diff --git a/scripts/basic/fixdep b/scripts/basic/fixdep

Re: [Devel] [PATCH rh7] ve, net: Fix unbalanced double spin_unlock() in tcp_v4_kill_ve_sockets()

)) { retry = 1; bh_unlock_sock(sk); sock_put(sk); goto enable_bh; On 19.05.2015 17:43, Kirill Tkhai wrote: Double loop is here, break works is not as expected

[Devel] [PATCH rh7] ve, net: Fix unbalanced double spin_unlock() in tcp_v4_kill_ve_sockets()

Double loop is here, break works is not as expected. Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/ipv4/tcp_ipv4.c |3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 532edea..0e990c2 100644 --- a/net/ipv4/tcp_ipv4.c

[Devel] [PATCH 00/14] net related patches

Konstantin, this is the first part containing 2/3 of patches from the BUG: https://jira.sw.ru/browse/PSBM-33645 --- Kirill Tkhai (14): netpoll: don't free skb from completion_queue in interrupt context netfilter: Add {ipt,ip6t}_osf aliases for xt_osf net: Port diff-ve-net

[Devel] [PATCH 01/14] netpoll: don't free skb from completion_queue in interrupt context

Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/core/netpoll.c |6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/core/netpoll.c b/net/core/netpoll.c index 99091a2..18eeb81 100644 --- a/net/core/netpoll.c +++ b/net/core/netpoll.c @@ -291,8 +291,12 @@ static void

[Devel] [PATCH 04/14] Subject: ve/net/bridge: don't set NULL in skb-dev

, but the master_dev is accesses without locks, so here is a race. This patch allows safely assess to master_dev in rcu context. https://jira.sw.ru/browse/PSBM-24056 Signed-off-by: Andrey Vagin ava...@openvz.org Acked-by: Stanislav Kinsbursky skinsbur...@parallels.com Signed-off-by: Kirill Tkhai ktk

[Devel] [PATCH 06/14] net: CAP_VE_NET_ADMIN must be a subset of CAP_NET_ADMIN

://jira.sw.ru/browse/PSBM-23514 Signed-off-by: Andrey Vagin ava...@openvz.org Acked-by: Cyrill Gorcunov gorcu...@openvz.org Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/netlink/af_netlink.c |4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/netlink/af_netlink.c b

[Devel] [PATCH 07/14] net: ve: Add ipv6 bits into VE_IP_DEFAULT

@khorenko: We never differed ipv4 and ipv6 in the iptables mask = let's put the ipv6 bits into kernel default mask. Signed-off-by: Kirill Tkhai ktk...@odin.com --- include/uapi/linux/vziptable_defs.h |3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/uapi/linux

[Devel] [PATCH 02/14] netfilter: Add {ipt, ip6t}_osf aliases for xt_osf

Porting mainstream commit b8ddd9eac8788b0aa9a9d4e09d76dc9e1667bb2c: Orig author: Kirill Tkhai ktk...@parallels.com netfilter: Add {ipt,ip6t}_osf aliases for xt_osf There are no these aliases, so kernel can not request appropriate match table: $ iptables -I INPUT -p tcp -m

[Devel] [PATCH 03/14] net: Port diff-ve-net-af_packet-use-nonpksb

, but it's only suggestion. So I leave it up to Konstantin if he knows why we did that. Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/packet/af_packet.c |8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c index

[Devel] [PATCH 05/14] Subject: netfilter: MARK -- drop off @table entity to support rhel5 containers, v2

...@parallels.com CC: Andrey Vagin ava...@parallels.com Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/netfilter/xt_mark.c | 18 -- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c index db7fbfc..09ef00f 100644

[Devel] [PATCH 13/14] net: Track netfilter modules per net-namespace-v3

/PSBM-31451 Signed-off-by: Cyrill Gorcunov gorcu...@parallels.com Acked-by: Vladimir Davydov vdavy...@parallels.com CC: Andrey Vagin ava...@parallels.com CC: Kirill Tkhai ktk...@parallels.com Signed-off-by: Kirill Tkhai ktk...@odin.com --- include/linux/netfilter.h |6 +++--- include/linux/ve.h

[Devel] [PATCH 11/14] fs: convert ve monotonic to abs time when setting timerfd

-by: Vladimir Davydov vdavy...@parallels.com Signed-off-by: Kirill Tkhai ktk...@odin.com To Konstantin: we most likely need to convert old time, which is returned to userspace, back in absolute. This is need for 2.6.32 and 3.10 both. Please, create a jira task to do not forget. --- fs/timerfd.c

[Devel] [PATCH 12/14] ipset: prohibit ipset from the inside CT

a CT while it's not done. https://jira.sw.ru/browse/PSBM-27792 https://bugzilla.openvz.org/show_bug.cgi?id=2644 Signed-off-by: Kirill Tkhai ktk...@parallels.com --- net/netfilter/nfnetlink.c |4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nfnetlink.c b/net

[Devel] [PATCH 10/14] ip gre: containerize per-net devices

Port patch diff-ve-net-ip_gre-containerize-per-net-devices from 2.6.32: This patch adds IP GRE devices support in a container. Done in the scope of https://jira.sw.ru/browse/PSBM-24331 Signed-off-by: Stanislav Kinsbursky skinsbur...@parallels.com Signed-off-by: Kirill Tkhai ktk...@odin.com

[Devel] [PATCH 14/14] bridge: superfluous skb-nfct check in br_nf_dev_queue_xmit

is changed from NF_CONNTRACK_IPV4 to NF_DEFRAG_IPV4 Signed-off-by: Vasily Averin v...@openvz.org Signed-off-by: Pablo Neira Ayuso pa...@netfilter.org Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/bridge/br_netfilter.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net

[Devel] [PATCH 09/14] venet: prevent to change network namespaces

-by: Andrey Vagin ava...@openvz.org Signed-off-by: Kirill Tkhai ktk...@odin.com --- drivers/net/venetdev.c |1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/venetdev.c b/drivers/net/venetdev.c index 6b7d8fc7..faeed33 100644 --- a/drivers/net/venetdev.c +++ b/drivers/net/venetdev.c

[Devel] [PATCH 08/14] netfilter: Add permittion check in iptable_raw pernet

, if VE_IP_IPTABLES is not allowed. https://jira.sw.ru/browse/PSBM-27181 Signed-off-by: Kirill Tkhai ktk...@parallels.com --- net/ipv4/netfilter/iptable_raw.c | 11 +++ 1 file changed, 11 insertions(+) diff --git a/net/ipv4/netfilter/iptable_raw.c b/net/ipv4/netfilter/iptable_raw.c index 44b8fc1

Re: [Devel] [PATCH 12/14] ipset: prohibit ipset from the inside CT

В Пн, 08/06/2015 в 19:07 +0300, Andrew Vagin пишет: On Mon, Jun 08, 2015 at 05:22:25PM +0300, Kirill Tkhai wrote: Port diff-ve-netfilter-ipset-prohibit-ipset-from-the-inside-CT from 2.6.32: Currently a CT owner can configure ipset rules which are not virtualized = affect the whole

[Devel] [PATCH] netfilter: Add {ipt,ip6t}_osf aliases for xt_osf

Porting mainstream commit b8ddd9eac8788b0aa9a9d4e09d76dc9e1667bb2c: Orig author: Kirill Tkhai ktk...@parallels.com netfilter: Add {ipt,ip6t}_osf aliases for xt_osf There are no these aliases, so kernel can not request appropriate match table: $ iptables -I INPUT -p tcp -m

Re: [Devel] [PATCH 04/14] Subject: ve/net/bridge: don't set NULL in skb-dev

В Вт, 09/06/2015 в 14:57 +0300, Andrew Vagin пишет: On Mon, Jun 08, 2015 at 05:20:39PM +0300, Kirill Tkhai wrote: Porting patches diff-ve-net-bridge-dont-set-NULL-in-skb-dev and diff-ve-net-bridge-dont-forget-to-init-master_dev from 2.6.32: skb-dev can't be NULL, because it is accessed

[Devel] [PATCH] net: netlink -- Use ifinfomsg in dumping

-- the @tb array allocated on the stack and (!) nlmsg_parse is not tested for error code thus it might leave unitialized if nlmsg_parse exit early (I already hit #GP once). So fix this problem at once. Signed-off-by: Cyrill Gorcunov gorcu...@openvz.org Acked-by: Kirill Tkhai ktk

Re: [Devel] [PATCH 01/14] netpoll: don't free skb from completion_queue in interrupt context

Khorenko, Virtuozzo Linux Kernel Team On 06/08/2015 05:20 PM, Kirill Tkhai wrote: Porting patch diff-netpoll-dont-free-skb-from-completion_queue-in-interrupt-context from 2.6.32: skb is queued to completion_queue from dev_kfree_skb_irq, because skb can't be freed in irq context

Re: [Devel] [PATCH 04/14] Subject: ve/net/bridge: don't set NULL in skb-dev

Khorenko, Virtuozzo Linux Kernel Team On 06/08/2015 05:20 PM, Kirill Tkhai wrote: Porting patches diff-ve-net-bridge-dont-set-NULL-in-skb-dev and diff-ve-net-bridge-dont-forget-to-init-master_dev from 2.6.32: skb-dev can't be NULL, because it is accessed from netfilters without testing

Re: [Devel] [PATCH 3/5] veth: filter packages accoding with mac addresses

В Чт, 04/06/2015 в 16:44 +0300, Andrew Vagin пишет: On Thu, Jun 04, 2015 at 02:29:50PM +0300, Kirill Tkhai wrote: Hi, Andrew, please, see the comment below В Чт, 28/05/2015 в 15:06 +0400, Andrew Vagin пишет: Only if the NETIF_F_VENET flag is set. A containers doesn't get

[Devel] [PATCH] Porting diff-ve-net-sysfs-drop-redundant-net_ipv4_route_path and diff-ve-net-route-bring-back-route_src_check

in pernet init] Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/ve/veowner.c | 23 --- net/ipv4/route.c|9 + 2 files changed, 9 insertions(+), 23 deletions(-) diff --git a/kernel/ve/veowner.c b/kernel/ve/veowner.c index ada4df3..316e4d0 100644

[Devel] [PATCH] net: Delete nf_frags_hdr and ct_frags

These are unused (even in 2.6.32) leftovers from earlier versions. Signed-off-by: Kirill Tkhai ktk...@odin.com --- include/net/netns/ipv6.h |2 -- 1 file changed, 2 deletions(-) diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h index 9defaf6..005e2c2 100644 --- a/include/net

[Devel] [PATCH] kmapset: Fix NULL pointer derefference in kmapset_set_value()

/browse/PSBM-34437 Signed-off-by: Kirill Tkhai ktk...@odin.com --- lib/kmapset.c|5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/kmapset.c b/lib/kmapset.c index b809e69..a8b79ae 100644 --- a/lib/kmapset.c +++ b/lib/kmapset.c @@ -245,7 +245,7 @@ int

Re: [Devel] [PATCH rh7] Revert ve/netns: wait for sub net namespaces to exit on ve cleanup

[8160edec] ret_from_fork+0x7c/0xb0 [8108a2a0] ? create_kthread+0x60/0x60 In fact, it's my fault: I didn't notice all of these at a quick glance at this patch and let it trickle through. Signed-off-by: Vladimir Davydov vdavy...@parallels.com Reviewed-by: Kirill Tkhai ktk...@odin.com

[Devel] [PATCH rh7] fs: Allow mounting a bdev in RW mode even if devcgroup allows only RO.

-by: Kirill Tkhai ktk...@odin.com --- fs/block_dev.c | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/fs/block_dev.c b/fs/block_dev.c index 15bd3ae..34949b0 100644 --- a/fs/block_dev.c +++ b/fs/block_dev.c @@ -1075,8 +1075,16 @@ static int __blkdev_get(struct

Re: [Devel] [PATCH rh7] fs: Allow mounting a bdev in RW mode even if devcgroup allows only RO.

Please, drop this, I'll write another commentary. В Чт, 25/06/2015 в 17:52 +0300, Kirill Tkhai пишет: We doesn't want to allow a CT full write access over a bdev, so that vzctl usually prohibits it. But we want to permit a mounting in RW mode inside container. https://jira.sw.ru/browse

[Devel] [PATCH rh7 4/4] net: unix: Align send data_len up to PAGE_SIZE

Port commit 31ff6aa5c86f7564f0dd97c5b3e1404cad238d00 from mainstream. Using whole of allocated pages reduces requested skb-data size. This is just a little more thriftily allocation. netperf does not show difference with the current performance. Signed-off-by: Kirill Tkhai ktk...@parallels.com

[Devel] [PATCH rh7 1/4] af_unix: improve STREAM behavior with fragmented memory

-off-by: David S. Miller da...@davemloft.net Signed-off-by: Kirill Tkhai ktk...@odin.com --- include/net/af_unix.h |1 + net/unix/af_unix.c| 65 +++-- 2 files changed, 31 insertions(+), 35 deletions(-) diff --git a/include/net/af_unix.h b/include

[Devel] [PATCH rh7 2/4] net: attempt high order allocations in sock_alloc_send_pskb()

-by: Kirill Tkhai ktk...@odin.com --- include/net/sock.h |3 + net/core/sock.c| 99 net/packet/af_packet.c |2 - net/unix/af_unix.c |6 ++- 4 files changed, 57 insertions(+), 53 deletions(-) diff --git a/include/net

[Devel] [PATCH] ve: Show UUID in /proc/vz/devperms instead of CTid

New vzctl works with UUID, not ID. We should show it. Alignment 36 is default UUID lenght. https://jira.sw.ru/browse/PSBM-34317 Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/ve/vecalls.c |4 ++-- security/device_cgroup.c |4 ++-- 2 files changed, 4 insertions(+), 4

Re: [Devel] [PATCH] ve: Show UUID in /proc/vz/devperms instead of CTid

В Пт, 19/06/2015 в 14:39 +0300, Kirill Tkhai пишет: В Пт, 19/06/2015 в 14:26 +0300, Vladimir Davydov пишет: On Fri, Jun 19, 2015 at 02:19:38PM +0300, Kirill Tkhai wrote: В Пт, 19/06/2015 в 14:15 +0300, Vladimir Davydov пишет: On Fri, Jun 19, 2015 at 02:07:32PM +0300, Kirill Tkhai wrote

[Devel] [PATCH] net: Virtualize tcp_time_stamp

, CRIU should set appropriate jiffies_fixup on restore. Also, we may think about submitting this patch to mainstream. From patch diff-ve-network-combined-10-rh494-2 of https://jira.sw.ru/browse/PSBM-33645 Signed-off-by: Kirill Tkhai ktk...@odin.com --- include/linux/ve.h

Re: [Devel] [RFC rh7] ve: cgroups -- Allow to attach non-self into ve cgroups

В Чт, 18/06/2015 в 21:26 +0300, Cyrill Gorcunov пишет: On Tue, Jun 16, 2015 at 07:51:52PM +0300, Cyrill Gorcunov wrote: If we have any problems because of this, the solution is good. OK. Gimme sometime (util tomorrow probably) to think of. This issue not critical at the moment

Re: [Devel] [PATCH rh7] ve: Use ve_name() in devperms ioctl

https://jira.sw.ru/browse/PSBM-34497 В Пт, 26/06/2015 в 20:02 +0300, Kirill Tkhai пишет: In PCS7 we use UUID instead of ctid for cgroup directories names, so we should open it. Below is small test program to check the patch works: #include linux/vzcalluser.h #include stdio.h #include

Re: [Devel] [PATCH rh7] memcg/ub: fix limit RESOURCE_MAX case

limit-vs-RESOURCE_MAX comparisons use greater-or-equal sign. Signed-off-by: Vladimir Davydov vdavy...@parallels.com Reviewed-by: Kirill Tkhai ktk...@odin.com --- mm/memcontrol.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/mm/memcontrol.c b/mm/memcontrol.c

[Devel] [PATCH rh7] ve: Use ve_name() in devperms ioctl

; } if (ioctl(fd, VZCTL_SETDEVPERMS, s)) printf(ioctl\n); } Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/ve/vecalls.c |9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/kernel/ve/vecalls.c b/kernel/ve/vecalls.c index e262c5e..be4fb1e

[Devel] [PATCH] net: Delete get_exec_env() from venet_init_net()

It's better to avoid get_exec_env() in a place, where we easily can do that. get_exec_env() used to be used in the places, where caller did set_exec_env() before the call. Delete it to make it do not confuse us like it would be an unported place from 2.6.32. Signed-off-by: Kirill Tkhai ktk

Re: [Devel] [PATCH rh7] ub: sync exec_ub on fork

with its cgroup on cgroup_post_fork. This patch does the trick. It is safe to change exec_ub there, because the task is not allowed to run yet and therefore cannot get/set its exec_ub. Reported-by: Kirill Tkhai ktk...@odin.com Signed-off-by: Vladimir Davydov vdavy...@parallels.com Reviewed

Re: [Devel] [RFC rh7] ve: cgroups -- Allow to attach non-self into ve cgroups

В Вт, 16/06/2015 в 19:07 +0300, Cyrill Gorcunov пишет: On Tue, Jun 16, 2015 at 06:19:44PM +0300, Kirill Tkhai wrote: This patch brings a couple of problems. The first one is if we're setting a ve cgroup for a forking task, it's possible the parent and the child fall into different

Re: [Devel] [RFC rh7] ve: cgroups -- Allow to attach non-self into ve cgroups

В Чт, 14/05/2015 в 19:52 +0300, Cyrill Gorcunov пишет: In vzctl/libvzctl bundle we restore container like - create ve/$ctid cgroup - move self into this cgroup - run criu from inside So that kernel code passes ve_can_attach test. In turn for our P.Haul project (which is managing live

Re: [Devel] [RFC rh7] ve: cgroups -- Allow to attach non-self into ve cgroups

В Вт, 16/06/2015 в 19:36 +0300, Cyrill Gorcunov пишет: On Tue, Jun 16, 2015 at 07:25:48PM +0300, Kirill Tkhai wrote: May not we simply add into ve cgroup? .can_attach ... spin_lock(task-sighand-siglock); .cance_attach ... spin_unlock(task-sighand-siglock

[Devel] [PATCH 1/2] net: allow containers create bridges with CAP_VE_NET_ADMIN

, SIOCSHWTSTAMP inside a CT. https://jira.sw.ru/browse/PSBM-29808 Signed-off-by: Pavel Tikhomirov ptikhomi...@parallels.com Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/bridge/br_ioctl.c | 33 ++--- net/core/dev_ioctl.c |8 2 files changed, 26 insertions

[Devel] [PATCH 2/2] ioctl: allow change net-device name with CAP_VE_NET_ADMIN

://jira.sw.ru/browse/PSBM-31819 https://jira.sw.ru/browse/PSBM-29808 Signed-off-by: Pavel Tikhomirov ptikhomi...@parallels.com Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/core/dev_ioctl.c |5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/core/dev_ioctl.c b/net/core

[Devel] [PATCH] iptable_raw: Don't reuse VE_IP_IPTABLES bit

We can't use the same bit in _iptables_modules for different modules. This leads to a memory leak, because it's cleared after pernet exit method, so only one pernet exit is executed. Found in the process of fixing: https://jira.sw.ru/browse/PSBM-34192. Signed-off-by: Kirill Tkhai ktk...@odin.com

Re: [Devel] [PATCH RH7 v2] net: tun: don't loose NETIF_F_VIRTUAL device feature

-by: Kirill Tkhai ktk...@odin.com --- drivers/net/tun.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/net/tun.c b/drivers/net/tun.c index 9c57c11..614dabb 100644 --- a/drivers/net/tun.c +++ b/drivers/net/tun.c @@ -1437,7 +1437,6 @@ static void tun_setup

Re: [Devel] [PATCH 04/14] Subject: ve/net/bridge: don't set NULL in skb-dev

В Ср, 10/06/2015 в 17:37 +0300, Konstantin Khorenko пишет: On 06/10/2015 11:42 AM, Kirill Tkhai wrote: В Ср, 10/06/2015 в 11:35 +0300, Konstantin Khorenko пишет: JFYI: this patch is related to via_phys_dev feature, we've dropped it = no need for this patch. When you did that? My git

Re: [Devel] [PATCH] ve: Kill tcp_v4_kill_ve_sockets()

) in tcp_v4_kill_ve_sockets(), i.e. #define bh_lock_sock(__sk) spin_lock(((__sk)-sk_lock.slock)) we are trying to manipulate with tw_timeout, which is not zero, and can't acquire the spinlock. On Fri, May 29, 2015 at 04:53:39PM +0300, Kirill Tkhai wrote: This is a leftover from earlier versions

Re: [Devel] [PATCH] ve: Kill tcp_v4_kill_ve_sockets()

В Пн, 01/06/2015 в 15:16 +0300, Vasily Averin пишет: On 01.06.2015 14:31, Kirill Tkhai wrote: В Пт, 29/05/2015 в 17:20 +0300, Andrew Vagin пишет: Acked-by: Andrew Vagin ava...@odin.com I'm agree that we need to remove this function, but I don't know how it fixes the bug

Re: [Devel] [PATCH] ve: Kill tcp_v4_kill_ve_sockets()

В Пн, 01/06/2015 в 17:25 +0300, Vasily Averin пишет: On 01.06.2015 15:46, Kirill Tkhai wrote: В Пн, 01/06/2015 в 15:16 +0300, Vasily Averin пишет: On 01.06.2015 14:31, Kirill Tkhai wrote: В Пт, 29/05/2015 в 17:20 +0300, Andrew Vagin пишет: Acked-by: Andrew Vagin ava...@odin.com I'm

[Devel] [PATCH rh7] net: Use {get, put}_net() in inet_twsk_{alloc, free}()

have the same issues with struct net, because nobody waits for it. PCS6 also needs the same patch. Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/ipv4/inet_timewait_sock.c |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/inet_timewait_sock.c b/net/ipv4

Re: [Devel] [PATCH rh7 1/3] memcg: add function to get container's ram size

that is allow the userspace assign a memory cgroup to a ve or beancounter cgroup and get the memory cgroup of a container from get_exec_env() or get_exec_ub(). Signed-off-by: Vladimir Davydov vdavy...@parallels.com Reviewed-by: Kirill Tkhai ktk...@odin.com --- include/linux/memcontrol.h |6

Re: [Devel] [PATCH rh7] cgroup: ve -- Guard @features and @iptables with test if VE is inactive

the running container or they were modified after and don't really apply to the running instance. Thus when user space tools modify these members make sure the container is offline. Reported-by: Kirill Tkhai ktk...@odin.com Signed-off-by: Cyrill Gorcunov gorcu...@odin.com CC: Vladimir Davydov

Re: [Devel] [PATCH rh7 04/11] ub: do not apply memcg limits on attaching via sys_setluid

-by: Kirill Tkhai ktk...@odin.com --- include/bc/beancounter.h |3 +-- kernel/bc/beancounter.c | 20 +++- kernel/bc/sys.c |2 +- 3 files changed, 9 insertions(+), 16 deletions(-) diff --git a/include/bc/beancounter.h b/include/bc/beancounter.h index

Re: [Devel] [PATCH rh7 07/11] ub: cleanup cgroup attaching code

В Ср, 20/05/2015 в 15:09 +0300, Vladimir Davydov пишет: Signed-off-by: Vladimir Davydov vdavy...@parallels.com Reviewed-by: Kirill Tkhai ktk...@odin.com --- kernel/bc/beancounter.c | 52 +++ 1 file changed, 12 insertions(+), 40 deletions

Re: [Devel] [PATCH rh7 1/3] memcg: add oom_guarantee

В Чт, 21/05/2015 в 12:50 +0300, Vladimir Davydov пишет: OOM guarantee works exactly like low limit, but for OOM, i.e. tasks inside cgroups above the limit are killed first. Read/write via memory.oom_guarantee. Signed-off-by: Vladimir Davydov vdavy...@parallels.com Reviewed-by: Kirill

[Devel] [PATCH] ve: wait for sub net namespaces to exit on ve cleanup

. https://jira.sw.ru/browse/PSBM-31246 Signed-off-by: Vladimir Davydov vdavy...@parallels.com Acked-by: Andrew Vagin ava...@parallels.com Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/core/net_namespace.c |6 ++ 1 file changed, 6 insertions(+) diff --git a/net/core/net_namespace.c

Re: [Devel] [PATCH rh7 0/4] ub: fix memcg resource accounting

-by: Kirill Tkhai ktk...@odin.com kernel/bc/beancounter.c |4 +-- mm/memcontrol.c | 77 --- 2 files changed, 61 insertions(+), 20 deletions(-) ___ Devel mailing list Devel@openvz.org https

Re: [Devel] [PATCH rh7 2/3] memcg: use CFTYPE_NOT_ON_ROOT for memory.low and memory.oom_guarantee

В Пн, 25/05/2015 в 17:05 +0300, Vladimir Davydov пишет: This is neater than checking if the root is passed to the write method and this is how it works upstream (for memory.low). Signed-off-by: Vladimir Davydov vdavy...@parallels.com --- mm/memcontrol.c | 8 ++-- 1 file changed, 2

Re: [Devel] [PATCH rh7 2/3] memcg: use CFTYPE_NOT_ON_ROOT for memory.low and memory.oom_guarantee

В Вт, 26/05/2015 в 13:47 +0300, Vladimir Davydov пишет: On Tue, May 26, 2015 at 01:36:35PM +0300, Kirill Tkhai wrote: В Пн, 25/05/2015 в 17:05 +0300, Vladimir Davydov пишет: @@ -5222,9 +5219,6 @@ static int mem_cgroup_oom_guarantee_write(struct cgroup *cont, I can't find

[Devel] [PATCH rh7 2/2] net: Add rules for autoloading nf_tables

nf_tables is a new netfilter table. Add autoload permittions like we have for {ip,ip6,x}tables. https://jira.sw.ru/browse/PSBM-33631 Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/kmod.c | 47 +++ 1 file changed, 47 insertions(+) diff --git

Re: [Devel] [PATCH rh7 1/2] net: Add rules for new {ip, ip6, x}table modules

Cyrill, please, review the series. В Вт, 26/05/2015 в 14:09 +0300, Kirill Tkhai пишет: Here are the modules, which need extended permittions (see module_payload_allowed() for details). https://jira.sw.ru/browse/PSBM-33631 Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/kmod.c

[Devel] [PATCH rh7 1/2] net: Add rules for new {ip, ip6, x}table modules

Here are the modules, which need extended permittions (see module_payload_allowed() for details). https://jira.sw.ru/browse/PSBM-33631 Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/kmod.c | 13 + 1 file changed, 13 insertions(+) diff --git a/kernel/kmod.c b/kernel/kmod.c

Re: [Devel] [PATCH rh7 v2 2/2] sched: Fix double put_prev_task_fair() because of trigger_cpulimit_balance()

On 20.08.2015 19:45, Vladimir Davydov wrote: On Thu, Aug 20, 2015 at 07:10:07PM +0300, Kirill Tkhai wrote: The scheduller code is written with the assumption, that rq-curr task can't be already put. For example, in sched_move_task() we check for running = task_current(rq, tsk

[Devel] [PATCH rh7 1/2] sched: Fix schedule_tail() to disable preemption

. And this simply looks wrong in any case. Signed-off-by: Oleg Nesterov o...@redhat.com Signed-off-by: Peter Zijlstra (Intel) pet...@infradead.org Cc: Steven Rostedt rost...@goodmis.org Cc: Kirill Tkhai tk...@yandex.ru Cc: Linus Torvalds torva...@linux-foundation.org Link: http://lkml.kernel.org/r

[Devel] [PATCH rh7 2/2] sched: Fix double put_prev_task_fair() because of trigger_cpulimit_balance()

has already been put, so concurrent cpu_cgroup_attach_task()-sched_move_task() puts it one more time. https://jira.sw.ru/browse/PSBM-35082 Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/sched/core.c |8 kernel/sched/fair.c | 34 +++--- kernel

Re: [Devel] [PATCH rh7 2/2] sched: Fix double put_prev_task_fair() because of trigger_cpulimit_balance()

On 20.08.2015 15:59, Vladimir Davydov wrote: On Thu, Aug 20, 2015 at 02:27:05PM +0300, Kirill Tkhai wrote: ... +static void pre_schedule_fair(struct rq *rq, struct task_struct *prev) +{ +trigger_cpulimit_balance(prev); +} + You don't remove trigger_cpulimit_balance call from

Re: [Devel] [PATCH rh7] kmod: allow to load nf_log_ipv[46]

-0 for ipv6 (AF_INET6) https://jira.sw.ru/browse/PSBM-38573 Signed-off-by: Vladimir Davydov vdavy...@parallels.com Acked-by: Kirill Tkhai ktk...@odin.com --- kernel/kmod.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/kmod.c b/kernel/kmod.c index e0554f819b2d

[Devel] [PATCH rh7 v2 1/2] sched: Fix schedule_tail() to disable preemption

. And this simply looks wrong in any case. Signed-off-by: Oleg Nesterov o...@redhat.com Signed-off-by: Peter Zijlstra (Intel) pet...@infradead.org Cc: Steven Rostedt rost...@goodmis.org Cc: Kirill Tkhai tk...@yandex.ru Cc: Linus Torvalds torva...@linux-foundation.org Link: http://lkml.kernel.org/r

[Devel] [PATCH rh7 v2 2/2] sched: Fix double put_prev_task_fair() because of trigger_cpulimit_balance()

has already been put, so concurrent cpu_cgroup_attach_task()-sched_move_task() puts it one more time. https://jira.sw.ru/browse/PSBM-35082 Signed-off-by: Kirill Tkhai ktk...@odin.com --- kernel/sched/fair.c | 36 ++-- scripts/kconfig/conf | Bin 2 files changed

[Devel] [PATCH rh7] net_sched: restore mpu xxx handling

/1.925 ms # tc class change dev eth0 classid 1:2 parent 1: htb rate 1mbit mpu 1000 # ping -f -c 1000 10.30.22.52 rtt min/avg/max/mdev = 15.352/22.229/38.646/2.212 ms, pipe 3, ipg/ewma 15.999/22.609 ms https://jira.sw.ru/browse/PSBM-34874 Signed-off-by: Kirill Tkhai ktk...@odin.com --- include

Re: [Devel] [PATCH rh7] kernel/kmod: fix out-of-bounds access in call_modprobe()

) Signed-off-by: Andrey Ryabinin aryabi...@odin.com Acked-by: Kirill Tkhai ktk...@odin.com Cc: Konstantin Khorenko khore...@virtuozzo.com Cc: Kirill Tkhai ktk...@odin.com --- kernel/kmod.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/kmod.c b/kernel/kmod.c index

[Devel] [PATCH rh7] net: Fix vlan NETIF_F_VIRTUAL feature initialization

/browse/PSBM-35266 Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/8021q/vlan_dev.c |3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c index 80fa918..09205c3 100644 --- a/net/8021q/vlan_dev.c +++ b/net/8021q/vlan_dev.c @@ -794,6

[Devel] [PATCH rh7] net: Add VE_NF_CONNTRACK check in resolve_normal_ct()

This is a missed hunk from diff-ve-net-netfilter-combined. https://jira.sw.ru/browse/PSBM-35154 Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/netfilter/nf_conntrack_core.c |3 +++ 1 file changed, 3 insertions(+) diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter

[Devel] [PATCH rh7] net: Add ipt_mask checks into ip6table_nat

Register pernet table only if it's allowed. https://jira.sw.ru/browse/PSBM-34748 Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/ipv6/netfilter/ip6table_nat.c |8 1 file changed, 8 insertions(+) diff --git a/net/ipv6/netfilter/ip6table_nat.c b/net/ipv6/netfilter

Re: [Devel] [PATCH rh7] ve: Add a ability to show ve.mount_opts

В Пн, 13/07/2015 в 12:38 -0700, Maxim Patlasov пишет: On 07/08/2015 04:50 AM, Kirill Tkhai wrote: ... Why do we need to show hidden options to CT' user? He/she doesn't see .balloon file, so it doesn't seem consistent to show balloon_ino=N. But this way read won't show all

Re: [Devel] [PATCH rh7 1/4] tswap: do not populate on global reclaim

, this patch also makes tswap_frontswap_store use GFP_NOIO instead of GFP_NOWAIT and issue radix tree preallocation before inserting a page to tswap_page_tree. https://jira.sw.ru/browse/PSBM-34876 Signed-off-by: Vladimir Davydov vdavy...@parallels.com For the whole series: Reviewed-by: Kirill

[Devel] [PATCH rh7] net: Exclude foreign sockets from /proc/net/tcp{, 6}

https://jira.sw.ru/browse/PSBM-34875 Signed-off-by: Kirill Tkhai ktk...@odin.com --- net/ipv4/tcp_ipv4.c |6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 4125556..aa64e15 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4

[Devel] [PATCH rh7] block: Show CT allowed partitions in /proc/partitions

blkid needs /proc/partitions to populate /etc/blkid/blkid.tab. If it's not populated, mount by UUID does not work. https://jira.sw.ru/browse/PSBM-34805 Signed-off-by: Kirill Tkhai ktk...@odin.com --- block/genhd.c | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git

[Devel] Fwd: Re: [PATCH vz7 0/5] nf_conntrack: expose sysctls according to rhel6

I reviewed it long ago. Forgot to CC mailing list: Forwarded Message Subject: Re: [Devel] [PATCH vz7 0/5] nf_conntrack: expose sysctls according to rhel6 Date: Mon, 12 Oct 2015 12:31:59 +0300 From: Kirill Tkhai <ktk...@odin.com> To: Stanislav Kinsburskiy <skinsbur...

Re: [Devel] [PATCH rh7 3/3] ve: Use wait_on_bit() to wait attaching is completed

On 28.10.2015 15:58, Vladimir Davydov wrote: > On Wed, Oct 28, 2015 at 12:54:31PM +0300, Kirill Tkhai wrote: >> On 27.10.2015 19:22, Vladimir Davydov wrote: >>> On Fri, Oct 16, 2015 at 07:25:15PM +0300, Kirill Tkhai wrote: >>>> wait_on_bit() prevents excess schedu

Re: [Devel] [PATCH rh7 3/3] ve: Use wait_on_bit() to wait attaching is completed

On 28.10.2015 17:37, Kirill Tkhai wrote: > On 28.10.2015 15:58, Vladimir Davydov wrote: >> On Wed, Oct 28, 2015 at 12:54:31PM +0300, Kirill Tkhai wrote: >>> On 27.10.2015 19:22, Vladimir Davydov wrote: >>>> On Fri, Oct 16, 2015 at 07:25:15PM +0300, Kirill

Re: [Devel] [PATCH rh7 1/3] ve: Attach a ve cgroup from task_work

On 28.10.2015 15:40, Vladimir Davydov wrote: > On Wed, Oct 28, 2015 at 12:53:44PM +0300, Kirill Tkhai wrote: >> On 27.10.2015 19:13, Vladimir Davydov wrote: >>> On Fri, Oct 16, 2015 at 07:24:49PM +0300, Kirill Tkhai wrote: >>> ... >>>> @@ -733,6 +742,13 @@

Re: [Devel] [PATCH rh7 2/3] ve: Wait till ve's attaching work finished

On 28.10.2015 15:51, Vladimir Davydov wrote: > On Wed, Oct 28, 2015 at 12:54:10PM +0300, Kirill Tkhai wrote: > ... >>>> +static void ve_wait_work(struct callback_head *head) >>>> +{ >>>> + atomic_t *nr = >task_ve_nr_works; >>>> + >>&

Re: [Devel] [PATCH rh7 2/3] ve: Wait till ve's attaching work finished

On 27.10.2015 19:20, Vladimir Davydov wrote: > On Fri, Oct 16, 2015 at 07:25:00PM +0300, Kirill Tkhai wrote: > ... >> @@ -1565,6 +1565,10 @@ struct task_struct { >> #ifdef CONFIG_VE >> struct ve_struct *task_ve; >> struct callback_he

Re: [Devel] [PATCH rh7 3/3] ve: Use wait_on_bit() to wait attaching is completed

On 27.10.2015 19:22, Vladimir Davydov wrote: > On Fri, Oct 16, 2015 at 07:25:15PM +0300, Kirill Tkhai wrote: >> wait_on_bit() prevents excess schedule_timeout() looping >> (i.e. cpu time waisting and possible livelocks) > > I think a completion would suit th

  1   2   3   4   5   6   7   8   9   10   >