[patch 2.6.21-rc3] [smbfs] double free memory corruption in smbfs

but last smb_rput still tries to free it again. To prevent this issue rq_trans2buffer pointer should be set to NULL after kfree. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- 2.6.21-rc3/fs/smbfs/request.c 2007-03-13 14:22:53.0 +0300 +++ 2.6.21-rc3/fs/smbfs/request.c 2007-03-14

[PATCH 2.6.21-rc5] [I2O] block IO errors on i2o disk

any drawbacks and restores the normal driver's work. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- 2.6.21-rc5/drivers/message/i2o/i2o_block.c 2007-02-04 21:44:54.0 +0300 +++ 2.6.21-rc5/drivers/message/i2o/i2o_block.c 2007-03-26 11:03:52.0 +0400 @@ -390,13 +390,6

[PATCH 2.6.21-rc6] [netfilter] early_drop imrovement

bucket may be empty but the neighbour ones can have the number of conntracks that can be freed. With the following patch early_drop() will search conntracks in all hash buckets. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- 2.6.21-rc6/net/ipv4/netfilter/ip_conntrack_core.c.erdrp +++ 2.6.21

[PATCH 2.6.21-rc6] [netfilter] early_drop imrovement

bucket may be empty but the neighbour ones can have the number of conntracks that can be freed. With the following patch early_drop() will search conntracks in all hash buckets. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- 2.6.21-rc6/net/ipv4/netfilter/ip_conntrack_core.c.erdrp +++ 2.6.21

Re: [PATCH 2.6.21-rc6] [netfilter] early_drop imrovement

Eric Dumazet wrote: On Fri, 06 Apr 2007 12:00:29 +0400 Vasily Averin [EMAIL PROTECTED] wrote: When the number of conntracks is reached ip_conntrack_max limit, early_drop() is called and tries to free one of already used conntracks in one of the hash buckets. If it does not find any

[PATCH nf-2.6.22] [netfilter] early_drop imrovement

bucket and allows to search conntracks in other hash buckets. Signed-off-by: Vasily Averin [EMAIL PROTECTED] diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index e132c8a..d0b5794 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter

Re: [PATCH nf-2.6.22] [netfilter] early_drop imrovement

Eric Dumazet wrote: Vasily Averin a e'crit : When the number of conntracks is reached nf_conntrack_max limit, early_drop() is called and tries to free one of already used conntracks in one of the hash buckets. If it does not find any conntracks that may be freed, it leads to transmission

i2o: debug messages corrected

max_phys_segments and max_sectors were swapped Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- a/drivers/message/i2o/i2o_block.c +++ b/drivers/message/i2o/i2o_block.c @@ -1076,8 +1076,8 @@ static int i2o_block_probe(struct device *dev) blk_queue_max_sectors(queue, max_sectors

dm: bounce_pfn limit added

direct IO requests are addressed to dm-over-i2o device. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c @@ -102,6 +102,8 @@ static void combine_restrictions_low(struct io_restrictions lhs-seg_boundary_mask = min_not_zero

dm: struct io_restriction reordered

it saves some bytes memory Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- a/include/linux/device-mapper.h +++ b/include/linux/device-mapper.h @@ -110,12 +110,12 @@ struct target_type { }; struct io_restrictions { + unsigned long seg_boundary_mask; unsigned int

i2o: CONFIG_DEBUG_SG compilation fixed

i2o crashed when CONFIG_DEBUG_SG is enabled because i2o_block_request structure includes array of scatterlists that should be initialised Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- a/drivers/message/i2o/i2o_block.c +++ b/drivers/message/i2o/i2o_block.c @@ -1137,6 +1137,18 @@ static

Re: [dm-devel] Re: dm: bounce_pfn limit added

i2o driver handles this incorrect request it fills the memory out of i2o_iop0_msg_inpool slab. Thank you, Vasily Averin - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org

How Inactive may be much greather than cached?

holds the references to these pages? thank you, Vasily Averin - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org

Re: How Inactive may be much greather than cached?

Nick Piggin wrote: Hi, On Thursday 18 October 2007 16:24, Vasily Averin wrote: Hi all, could anybody explain how inactive may be much greater than cached? stress test (http://weather.ou.edu/~apw/projects/stress/) that writes into removed files in cycle puts the node to the following state

Re: How Inactive may be much greather than cached?

Nick Piggin wrote: Some filesystems, including I believe, ext3 with data=ordered, can leave orphaned pages around after they have been truncated out of the pagecache. These pages get left on the LRU and vmscan reclaims them pretty easily. Try ext3 data=writeback, or even ext2. thanks,

irq0 stops working

no ideas how to continue the investigation of this problem. Could please anybody advise me any new ways for investigation of this issue? Thank you, Vasily Averin OpenVZ Linux Kernel Team - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL

Re: irq0 stops working

Jan Engelhardt wrote: On Oct 9 2007 09:26, Vasily Averin wrote: On one of our servers timer interrupts (i.e irq0) are stops working. As result any kernel timers do not triggers and tasks waiting some signals from timers hangs forever. What kernel.. and tried CONFIG_NO_HZ=n? Originally

[2.6.22] negative time jump

] ~]# echo q /proc/sysrq-trigger Jul 30 06:25:47 ts28 now at 25322820465391 nsecs Full serial console logs are attached, The other hardware details can be found in http://bugzilla.kernel.org/show_bug.cgi?id=8650 Thank you, Vasily Averin Jul 27 13:58:10 ts28 Linux version 2.6.22 ([EMAIL

Re: [2.6.22] negative time jump

Groundhog Day? Vasily Averin wrote: [EMAIL PROTECTED] ~]# echo 1 /proc/timer_stats [EMAIL PROTECTED] ~]# cat /proc/timer_stats Timer Stats Version: v0.1 Sample period: 17.992 s 0 total events [EMAIL PROTECTED] ~]# cat /proc/timer_stats Timer Stats Version: v0.1 Sample period: -4366.278 s

Re: [2.6.22] negative time jump

john stultz wrote: On 7/29/07, Vasily Averin [EMAIL PROTECTED] wrote: I've investigated why my testnode freezes. When I found that node is freezed again I've started to press Sysrq keys and noticed the following negative time jump. Could anybody please help me to understand the reasons

broken timer on VIA K8T800 chipset?

Vasily Averin wrote: john stultz wrote: On 7/29/07, Vasily Averin [EMAIL PROTECTED] wrote: I've investigated why my testnode freezes. When I found that node is freezed again I've started to press Sysrq keys and noticed the following negative time jump. I've found the reason of timer-related

[PATCH] Prevent NMI oopser

taken. You should unlock io_request_lock before msleep, like in latest versions of megaraid2 drivers. Please fix it. Thank you, Vasily Averin, SWSoft Linux Kernel Team # ChangeSet # 2005/01/19 14:16:32-02:00 [EMAIL PROTECTED] # [PATCH] Prevent NMI oopser from triggering when megaraid2

Re: [PATCH] Prevent NMI oopser

Marcelo Tosatti wrote: On Tue, Jan 25, 2005 at 11:00:22AM +0300, Vasily Averin wrote: You should unlock io_request_lock before msleep, like in latest versions of megaraid2 drivers. Andrey, Can you please update your patch to unlock io_request_lock before sleeping and locking after coming back

Re: [PATCH] Prevent NMI oopser

Hello Matt Matt Domsch wrote: On Wed, Feb 02, 2005 at 09:42:02PM +0300, Vasily Averin wrote: Marcelo, This is megaraid2 driver update (2.10.8.2 version, latest 2.4-compatible version that I've seen), taken from latest RHEL3 kernel update. I believe it should prevent NMI in abort/reset handler

Re: [PATCH] Prevent NMI oopser

Hello Matt Matt Domsch wrote: On Wed, Feb 02, 2005 at 09:42:02PM +0300, Vasily Averin wrote: This is megaraid2 driver update (2.10.8.2 version, latest 2.4-compatible version that I've seen), taken from latest RHEL3 kernel update. I believe it should prevent NMI in abort/reset handler. Thanks

Re: [PATCH] Prevent NMI oopser

Matt Domsch wrote: On Wed, Feb 02, 2005 at 09:42:02PM +0300, Vasily Averin wrote: This is megaraid2 driver update (2.10.8.2 version, latest 2.4-compatible version that I've seen), taken from latest RHEL3 kernel update. I believe it should prevent NMI in abort/reset handler. Thanks Vasily, I

Re: [PATCH] bugfix: two read_inode() calls without clear_inode() call between

Hello, Could you please explain me, why we need to wake up somebody right before freeing an inode? It seems for me, if somebody really wait on this inode, then they have a good chance to access already freed memory. Thank you, Vasily Averin diff --git a/fs/inode.c b/fs/inode.c

Re: [Q] PCI Express and ide (native) leads to irq storm?

Tejun Heo wrote: Vasily Averin wrote: Alan Cox wrote: Ar Gwe, 2006-10-27 am 17:17 +0400, ysgrifennodd Vasily Averin: Could somebody please help me to troubleshoot this issue? I've seen this issue on the customer nodes and would like to know how I can work-around this issue without any

Re: [Q] workaround for ide (native) leads to irq storm?

Vasily Averin wrote: Tejun Heo wrote: Vasily Averin wrote: I've reproduced this issue on linux 2.6.19-rc5 kernel. Please see http://bugzilla.kernel.org/show_bug.cgi?id=7518 for details Fortunately, libata is immune to the problem because it does ap-ops-irq_clear(ap) in ata_host_intr

Re: irq0 stops working

Thomas Gleixner wrote: On Tue, 9 Oct 2007, Vasily Averin wrote: On one of our servers timer interrupts (i.e irq0) are stops working. As result any kernel timers do not triggers and tasks waiting some signals from timers hangs forever. Also I've found that disable of irqbalance service

[PATCH ext3/ext4] lost brelse in ext3_read_inode

From: Kirill Korotaev [EMAIL PROTECTED] One of error path in ext3_read_inode() leaks bh since brelse is forgoten. Signed-Off-By: Kirill Korotaev [EMAIL PROTECTED] Acked-by: Vasily Averin [EMAIL PROTECTED] diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c index a6cb617..2a85dde 100644

[PATCH ext3/ext4] orphan list check on destroy_inode

Customers claims to ext3-related errors, investigation showed that ext3 orphan list has been corrupted and have the reference to non-ext3 inode. The following debug helps to understand the reasons of this issue. Signed-off-by: Vasily Averin [EMAIL PROTECTED] diff --git a/fs/ext3/super.c b/fs

[RFC PATCH ext3/ext4] orphan list corruption due bad inode

for me how to fix this issue correctly. As far as i see is_bad_inode() is called after iget() in all places excluding ext3_lookup() and ext3_get_parent(). I believe it makes sense to add bad inode check to these functions too and call iput if bad inode detected. Signed-off-by: Vasily Averin

Re: [RFC PATCH ext3/ext4] orphan list corruption due bad inode

Andrew Morton wrote: On Mon, 04 Jun 2007 09:19:10 +0400 Vasily Averin [EMAIL PROTECTED] wrote: diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index 9bb046d..e3ac8c3 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -1019,6 +1019,11 @@ static struct dentry *ext3_lookup(struct inode * dir

Re: [PATCH ext3/ext4] orphan list check on destroy_inode

Eric Sandeen wrote: Vasily Averin wrote: Customers claims to ext3-related errors, investigation showed that ext3 orphan list has been corrupted and have the reference to non-ext3 inode. The following debug helps to understand the reasons of this issue. Vasily, does your customer have

Re: [RFC PATCH ext3/ext4] orphan list corruption due bad inode

Eric Sandeen wrote: Vasily Averin wrote: Bad inode can live some time, ext3_unlink can add it to orphan list, but ext3_delete_inode() do not deleted this inode from orphan list. As result we can have orphan list corruption detected in ext3_destroy_inode(). Ah, I see - so you have confirmed

Re: [RFC PATCH ext3/ext4] orphan list corruption due bad inode

Christoph Hellwig wrote: On Tue, Jun 05, 2007 at 10:11:12AM +0400, Vasily Averin wrote: return d_splice_alias(inode, dentry); } Seems reasonable. So this prevents the bad inodes from getting onto the orphan list in the first place? make_bad_inode() is called from ext3_read_inode

[PATCH] [RESEND] ext[34] orphan list check on destroy_inode

Customers claims to ext3-related errors, investigation showed that ext3 orphan list has been corrupted and have the reference to non-ext3 inode. The following debug helps to understand the reasons of this issue. Signed-off-by: Vasily Averin [EMAIL PROTECTED] diff --git a/fs/ext3/super.c b/fs

Re: [NETFILTER] early_drop() imrovement (v3)

strongly that anybody will want to change this value. Do you think it is really required? thank you, Vasily Averin - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo

[NETFILTER] early_drop() imrovement (v4)

hash buckets. As result in any case the search will have the same chances to free one of the conntracks and the check will not lead to long delays. Signed-off-by: Vasily Averin [EMAIL PROTECTED] diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index 7a15e30

Re: [NETFILTER] early_drop() imrovement (v4)

count the number of hash buckets. I.e i should be incremented/checked inside the nested loop. Thank you, Vasily Averin - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org

Re: [NETFILTER] early_drop() imrovement (v4)

Patrick McHardy wrote: Vasily Averin wrote: it is incorrect, We should count the number of checked _conntracks_, but you count the number of hash buckets. I.e i should be incremented/checked inside the nested loop. I misunderstood your patch then. This one should be better. +static int

Re: [NETFILTER] early_drop() imrovement (v4)

Patrick McHardy wrote: Vasily Averin wrote: Patrick McHardy wrote: -static int early_drop(struct hlist_head *chain) +static int early_drop(unsigned int hash) { /* Use oldest entry, which is roughly LRU */ struct nf_conntrack_tuple_hash *h; struct nf_conn *ct = NULL, *tmp

[PATCH netdev] wrong timeout value in sk_wait_data()

values (sets 0 instead) and outputs ratelimited information message about such attempts. Signed-Off-By: Vasily Averin [EMAIL PROTECTED] diff --git a/net/core/sock.c b/net/core/sock.c index 22183c2..27d7a46 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -206,7 +206,19 @@ static int

[PATCH netdev] wrong timeout value in sk_wait_data() v2

values (sets 0 instead) and outputs ratelimited information message about such attempts. Signed-Off-By: Vasily Averin [EMAIL PROTECTED] diff --git a/net/core/sock.c b/net/core/sock.c index 22183c2..7e51d3a 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -206,7 +206,19 @@ static int

[NETFILTER] early_drop() imrovement (v3)

bucket (NF_CT_PER_BUCKET) and allows to search conntracks in other hash buckets. As result in any case the search will have the same chances to free one of the conntracks and the check will not lead to long delays. Signed-off-by: Vasily Averin [EMAIL PROTECTED] diff --git a/net/netfilter

[patch i2o] i2o layer cleanup

5/6] i2o_proc files permission [patch i2o 6/6] i2o debug output cleanup However because of Markus Lidel is not i2o maintainer now, I do not understand who should agree the following patches. Thank you, Vasily Averin - To unsubscribe from this list: send the line unsubscribe linux-kernel

[patch i2o 1/6] i2o_cfg_passthru cleanup

controllers state, and in case of memory shortage it leads to the node crash or disk IO stall. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- lk2.6/drivers/message/i2o/i2o_config.c +++ lk2.6/drivers/message/i2o/i2o_config.c @@ -554,8 +554,6 @@ static int i2o_cfg_passthru32(struct fil

[patch i2o 2/6] wrong memory access in i2o_block_device_lock()

This patch fixes access to memory that has not been allocated: i2o_msg_get_wait() can returns errors different from I2O_QUEUE_EMPTY. But the result is checked only against this code. If it is not I2O_QUEUE_EMPTY then we dereference the error code as the pointer later. Signed-off-by: Vasily Averin

[patch i2o 3/6] i2o message leak in i2o_msg_post_wait_mem()

We need to free i2o msg in case of error. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- lk2.6/drivers/message/i2o/exec-osm.c +++ lk2.6/drivers/message/i2o/exec-osm.c @@ -131,8 +131,10 @@ int i2o_msg_post_wait_mem(struct i2o_con int rc = 0; wait = i2o_exec_wait_alloc

[patch i2o 4/6] i2o proc reading oops

fixed oops on reading from some i2o proc files (i2o_seq_show_driver_store() and other) because their handlers uses exec field in struct i2o_controller Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- lk2.6/drivers/message/i2o/exec-osm.c +++ lk2.6/drivers/message/i2o/exec-osm.c @@ -339,6

[patch i2o 5/6] i2o_proc files permission

Reading from some i2o related proc files can lead to the i2o controller hang due unknown reasons. As a workaround this patch changes the permission of these files to root-only accessible. Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- lk2.6/drivers/message/i2o/i2o_proc.c +++ lk2.6/drivers

[patch i2o 6/6] i2o debug output cleanup

fixed output of i2o debug messages, extra KERN_ are removed Signed-off-by: Vasily Averin [EMAIL PROTECTED] --- lk2.6/drivers/message/i2o/debug.c +++ lk2.6/drivers/message/i2o/debug.c @@ -24,7 +24,7 @@ void i2o_report_status(const char *sever if (cmd == I2O_CMD_UTIL_EVT_REGISTER

Re: [Devel] [patch i2o 5/6] i2o_proc files permission

to the controller, but this one couldn't handle it and instead of just aborting the command panic's. IIRC it's only Adaptec related, the Promise controllers doesn't show this behaviour. Thank you, Vasily Averin Vasily Averin wrote: Reading from some i2o related proc files can lead to the i2o

Re: [patch i2o 5/6] i2o_proc files permission

Alan Cox wrote: On Tue, 15 May 2007 16:47:05 +0400 Vasily Averin [EMAIL PROTECTED] wrote: Reading from some i2o related proc files can lead to the i2o controller hang due unknown reasons. As a workaround this patch changes the permission of these files to root-only accessible. I guess

Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get

On 01/07/2014 02:31 PM, Andrey Vagin wrote: Lets look at destroy_conntrack: hlist_nulls_del_rcu(ct-tuplehash[IP_CT_DIR_ORIGINAL].hnnode); ... nf_conntrack_free(ct) kmem_cache_free(net-ct.nf_conntrack_cachep, ct); net-ct.nf_conntrack_cachep is created with SLAB_DESTROY_BY_RCU.

Re: [Devel] [PATCH 1/6] slab: cleanup kmem_cache_create_memcg()

() can return positive value. Probably it's better to check (err 0) in caller ? Thank you, Vasily Averin -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo

Re: [Devel] [PATCH 1/6] slab: cleanup kmem_cache_create_memcg()

On 12/19/2013 12:39 PM, Vladimir Davydov wrote: On 12/19/2013 12:17 PM, Vasily Averin wrote: On 12/18/2013 05:16 PM, Vladimir Davydov wrote: --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -176,8 +176,9 @@ kmem_cache_create_memcg(struct mem_cgroup *memcg, const char *name, size_t size

[patch] fs: umount on symlinlk leaks mnt count

(expected) # lsof /vz # umount /vz umount: /vz: device is busy. (unexpected) Looks like an extra refcount on mnt was taken in mountpoint_last() Patch below fixes the problem on my test node. Signed-off-by: Vasily Averin v...@openvz.org diff --git a/fs/namei.c b/fs/namei.c index 985c6f3..0d32a0f 100644

[patch v2] fs: umount on symlinlk leaks mnt count

/testdir # umount -l /vz/testlink umount: /vz/testlink: not mounted (expected) # lsof /vz # umount /vz umount: /vz: device is busy. (unexpected) In this case mountpoint_last() gets an extra refcount on path-mnt Signed-off-by: Vasily Averin v...@openvz.org diff --git a/fs/namei.c b/fs/namei.c

[PATCH v3] fs: umount on symlink leaks mnt count

. (unexpected) In this case mountpoint_last() gets an extra refcount on path-mnt Signed-off-by: Vasily Averin v...@openvz.org --- fs/namei.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index 985c6f3..9eb787e 100644 --- a/fs/namei.c +++ b/fs

[PATCH v4] fs: umount on symlink leaks mnt count

/testlink umount: /vz/testlink: not mounted (expected) # lsof /vz # umount /vz umount: /vz: device is busy. (unexpected) In this case mountpoint_last() gets an extra refcount on path-mnt Signed-off-by: Vasily Averin v...@openvz.org --- fs/namei.c |3 ++- 1 files changed, 2 insertions(+), 1

Re: [PATCH v4] fs: umount on symlink leaks mnt count

CVE-2014-5045 was assigned for this issue On 07/23/2014 10:06 AM, Ian Kent wrote: On Mon, 2014-07-21 at 12:30 +0400, Vasily Averin wrote: Currently umount on symlink blocks following umount: /vz is separate mount # ls /vz/ -al | grep test drwxr-xr-x. 2 root root 4096 Jul 19 01:14

Re: bride: IPv6 multicast snooping enhancements

On 12.02.2015 14:41, Linus Lüssing wrote: On Tue, Feb 10, 2015 at 04:59:09PM +0300, Vasily Averin wrote: I'm trying to fix ICMPv6 processing broken in OpenVZ after rebase to last RHEL6u6 kernel. After some unclear manipulation bridge begins to forward icmp6 NS (fe02::1) into wrong port

Re: bride: IPv6 multicast snooping enhancements

on all local ports on such bridges to enable just ICMPv6? I believe ICMPv6 is an exception and should not be filtered by multicast spoofing. Thank you, Vasily Averin On 04.09.2013 04:13, Linus Lüssing wrote: Hi, Here are two, small feature changes I would like to submit to increase

Re: bride: IPv6 multicast snooping enhancements

On 10.02.2015 14:44, Linus Lüssing wrote: Hi Vasily, On Tue, Feb 10, 2015 at 11:44:29AM +0300, Vasily Averin wrote: This patch prevent forwarding of ICMPv6 in bridges, so containers/VMs with virtual eth adapters connected in local bridge cannot ping each other via ipv6 (but can do it via

[PATCH] kernel/printk/printk.c: check_syslog_permissions() cleanup

twice in do_syslog(). Signed-off-by: Vasily Averin v...@openvz.org --- kernel/printk/printk.c | 11 --- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c index c099b08..bff0169 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk

Re: [PATCH] kernel/printk/printk.c: check_syslog_permissions() cleanup

On 15.05.2015 10:41, Vasily Averin wrote: On 15.05.2015 01:01, Andrew Morton wrote: On Sun, 10 May 2015 09:35:53 +0300 Vasily Averin v...@odin.com wrote: Fixes: 637241a900cb (kmsg: honor dmesg_restrict sysctl on /dev/kmsg) Final version of patch 637241a900cb (kmsg: honor dmesg_restrict

Re: [PATCH] kernel/printk/printk.c: check_syslog_permissions() cleanup

On 15.05.2015 01:01, Andrew Morton wrote: On Sun, 10 May 2015 09:35:53 +0300 Vasily Averin v...@odin.com wrote: Fixes: 637241a900cb (kmsg: honor dmesg_restrict sysctl on /dev/kmsg) Final version of patch 637241a900cb (kmsg: honor dmesg_restrict sysctl on /dev/kmsg) lost few hooks. As result

Re: [PATCH v2] security_syslog() should be called once only

On 02.06.2015 00:23, Andrew Morton wrote: On Sat, 30 May 2015 16:51:34 +0300 Vasily Averin v...@virtuozzo.com wrote: On 28.05.2015 02:43, Andrew Morton wrote: So we run security_syslog() for actions other than open() (of kmsg). Why? Could you please clarify this question? Linux kernel

Re: [PATCH v2] security_syslog() should be called once only

On 28.05.2015 02:43, Andrew Morton wrote: So we run security_syslog() for actions other than open() (of kmsg). Why? Could you please clarify this question? Linux kernel have reasonable default security policy and it's great. And at the same time kernel allows to override default behaviour and

[PATCH] check_syslog_permissions() cleanup

that SYSLOG_FROM_PROC == 1 (or == `true`). And the name is wrong: it should be called from_proc to match SYSLOG_FROM_PROC. Signed-off-by: Vasily Averin v...@virtuozzo.com --- include/linux/syslog.h | 6 +++--- kernel/printk/printk.c | 10 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff

Re: [PATCH] kernel/printk/printk.c: check_syslog_permissions() cleanup

On 15.05.2015 01:01, Andrew Morton wrote: On Sun, 10 May 2015 09:35:53 +0300 Vasily Averin v...@odin.com wrote: --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c @@ -484,11 +484,11 @@ int check_syslog_permissions(int type, bool from_file) * already done the capabilities checks

[PATCH v2] security_syslog() should be called once only

()) With this patch security_syslog() is called once only in all syslog-related operations regardless of dmesg_restrict value. Signed-off-by: Vasily Averin v...@virtuozzo.com --- kernel/printk/printk.c | 11 --- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/kernel/printk/printk.c b

Re: [PATCH 1/2] wait/ptrace: always assume __WALL if the child is traced

On 21.10.2015 01:31, Andrew Morton wrote: > On Tue, 20 Oct 2015 19:17:54 +0200 Oleg Nesterov wrote: > >> The following program (simplified version of generated by syzkaller) >> >> #include >> #include >> #include >> #include >> #include >> >>

Re: [PATCH] printk, allow different timestamps for printk.time [v2]

not replace original timestamp but add converted one? Thank you, Vasily Averin On 28.01.2016 15:43, Prarit Bhargava wrote: > Over the past years I've seen many reports of bugs that include > time-stamped kernel logs (enabled when CONFIG_PRINTK_TIME=y or > print.time=1 is

Re: [PATCH] printk, allow different timestamps for printk.time [v2]

On 28.01.2016 16:17, Prarit Bhargava wrote: > On 01/28/2016 07:52 AM, Vasily Averin wrote: >> Dear Prarit, >> > > Hi Vasily, Thanks for your suggestions. > >> I have no objections about your patch, >> bit in fact I doubt we really need to convert each tim

Re: [PATCH] ipv4: in new netns initialize sysctls in net.ipv4.conf.* with defaults

creation of namespaces. However, there is corner case: module with sysctl can be loaded after creation of namespaces. In this case namespaces will get pre-compiled sysctl defaults, and are not be able to adjust them even if they want to do it. Thank you, Vasily Averin On 21.02.2016 10:11

[PATCH 1/2] NFSD: notifiers registration cleanup

already freed memory. fixes: 36684996 ("nfsd: Register callbacks on the inetaddr_chain and inet6addr_chain") Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- fs/nfsd/nfssvc.c | 17 + 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/fs/nfsd/nf

[PATCH 2/2] notifiers: double register detection

WARN_ON should help to detect double register of the same notifiers Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- kernel/notifier.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/notifier.c b/kernel/notifier.c index fd2c9ac..e02b2f0 100644 --- a/kernel/notifier.c +++ b/

Re: [PATCH 1/2] NFSD: notifiers registration cleanup

On 21.09.2016 16:20, Jeff Layton wrote: > Good catch. I'm not very fond of the refcounting this here but it > should > serve the purpose and I don't have anything better to suggest. FWIW, I > think the nfsd_mutex is held during all of these operations so we > probably don't need atomics for the

Re: [PATCH 2/2] notifiers: double register detection

in our custom code, then found similar bug in mainline nfsd (commit 1eca45f8) On 21.09.2016 15:33, Vasily Averin wrote: > WARN_ON should help to detect double register of the same notifiers > > Signed-off-by: Vasily Averin <v...@virtuozzo.com> > --- > kernel/notifier.c | 1 +

[patch] obsoleted comment in show_map_vma()

After 1be7107 "mm: larger stack guard gap, between vmas" we do not hide stack guard page in /proc//maps Signed-off-by: Vasily Averin <v...@virtuozzo.com> diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index 520802d..b836fd6 100644 --- a/fs/proc/task_mmu.c +++ b/fs

[PATCH] KEYS: key refcounting cleanup in keyctl_read_key

key_put is lost if key_permission() returns non-EACCES error Fixes: 29db919063406 ("Keys: Add LSM hooks for key management [try #3]") Reported-by: Konstantin Khorenko <khore...@virtuozzo.com> Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- security/keys/keyctl.c | 2

[RFC PATCH 0/2] race of lockd/nfsd inetaddr notifiers with pointers change

, waitqueue allows to delay stop of service until notifier is in use. Patches was not tested because I was unable to reproduce the problem on new kernels. Please review it carefully and let me know if this can be fixed in a better way. Vasily Averin (2): race of lockd inetaddr notifiers

[PATCH] lockd: double unregister of inetaddr notifiers

-by: Vasily Averin <v...@virtuozzo.com> --- fs/lockd/svc.c | 20 +--- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c index b995bdc..f04ecfc 100644 --- a/fs/lockd/svc.c +++ b/fs/lockd/svc.c @@ -369,6 +369,7 @@ static int lockd_sta

[RFC PATCH 1/2] race of lockd inetaddr notifiers with nlmsvc_rqst change

on my patch "lockd: double unregister of inetaddr notifiers" submitted separately. Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- fs/lockd/svc.c | 16 ++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c index f

[RFC PATCH 2/2] race of nfsd inetaddr notifiers with nn->nfsd_serv change

ows notifiers to access to nn->nfsd_serv only when the pointer was correctly initialized and delays its cleanup until notifiers are in use. Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- fs/nfsd/netns.h | 3 +++ fs/nfsd/nfsctl.c | 3 +++ fs/nfsd/nfssvc.c | 14 +++--- 3 f

Re: [PATCH] lost path_put in perf_fill_ns_link_info

On 2017-11-08 16:04, Vasily Averin wrote: > On 2017-11-08 15:09, Alexander Shishkin wrote: >> On Mon, Nov 06, 2017 at 09:22:18AM +0300, Vasily Averin wrote: >>> Fixes: commit e422267322cd ("perf: Add PERF_RECORD_NAMESPACES to include >>> namespaces related info&qu

[PATCH] memory leaks triggered by perf --namespace

does not allow to free unused namespace. Fixes: commit e422267322cd ("perf: Add PERF_RECORD_NAMESPACES to include namespaces related info") Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- kernel/events/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/events

[PATCH] lost path_put in perf_fill_ns_link_info

Fixes: commit e422267322cd ("perf: Add PERF_RECORD_NAMESPACES to include namespaces related info") Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- kernel/events/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/events/core.c b/kernel/events/core.c index

Re: [PATCH] lost path_put in perf_fill_ns_link_info

Dear Hari, I did not found where your patch decreases mnt counter, it seems for me you have lost path_put in perf_fill_ns_link_info(). Thank you, Vasily Averin On 2017-11-06 09:22, Vasily Averin wrote: > Fixes: commit e422267322cd ("perf: Add PERF_RECORD_NAMESPACES to

Re: [PATCH] lost path_put in perf_fill_ns_link_info

On 2017-11-08 15:09, Alexander Shishkin wrote: > On Mon, Nov 06, 2017 at 09:22:18AM +0300, Vasily Averin wrote: >> Fixes: commit e422267322cd ("perf: Add PERF_RECORD_NAMESPACES to include >> namespaces related info") >> Signed-off-by: Vasily Averin <v...@virtuozz

Re: [PATCH] netfilter: fix clusterip_net_exit build regression

thank you, it was mu fault. Reviewed-by: Vasily Averin <v...@virtuozzo.com> On 2017-12-07 16:26, Arnd Bergmann wrote: > The added check produces a build error when CONFIG_PROC_FS is > disabled: > > net/ipv4/netfilter/ipt_CLUSTERIP.c: In function 'clusterip_net_exit': &g

[PATCH] nlm_shutdown_hosts_net() cleanup

nlm_complain_hosts() walk through nlm_server_hosts hlist that should be protected by nlm_host_mutex. Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- fs/lockd/host.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/fs/lockd/host.c b/fs/lockd/host.c index d

Re: [PATCH] nlm_shutdown_hosts_net() cleanup

On 2017-10-30 17:49, J. Bruce Fields wrote: > On Mon, Oct 30, 2017 at 04:47:58PM +0300, Vasily Averin wrote: >> nlm_complain_hosts() walk through nlm_server_hosts hlist that should be >> protected by nlm_host_mutex. > > I haven't looked at the NLM locking in ages. Do w

[PATCH] lockd: fix lockd shutdown race with signal

nction that is called in all rollback cases and correctly removes lock_manager. The patch still resolves the problem fixed by reverted patch: now final final locks_end_grace() is called not before but after stop of lockd kernel thread. Fixes commit efda760fe95e ("lockd: fix lockd shutdown race&

Re: [RFC PATCH 0/2] race of lockd/nfsd inetaddr notifiers with pointers change

Thank you, Vasily Averin On 2017-10-19 18:42, Vasily Averin wrote: > cc: Scott Mayhew > > Dear Scott, > could you please take look at patches? > > Let me describe the problem once again: > > lockd_inetaddr_event() > ... > if (nlmsvc_rqst) { >

[PATCH] lib/mpi: headers cleanup

itional ...") commit bc95eeadf5c6 ("lib/mpi: removed unused functions") however headers was not updated properly. Also I deleted some unused macros. cc: Dmitry Kasatkin Signed-off-by: Vasily Averin --- include/linux/mpi.h| 61 --

Re: [RFC PATCH 0/2] race of lockd/nfsd inetaddr notifiers with pointers change

emp_xprts_now crash the host on access to already freed memory. Moreover on initialization nlmsvc_rqst can be temporally set to ERR_PTR. NFSD have similar issue. On 2017-10-17 19:40, Vasily Averin wrote: > lockd and nfsd inet[6]addr notifiers use pointer that can be changed during > executi

  1   2   3   4   >