From: Dmitry Monakhov
Signed-off-by: Dmitry Monakhov
(cherry picked from vz7 commit 2398d7694d2afe5cf83e379ad4ea6e2ddc191675)
Signed-off-by: Konstantin Khorenko
Signed-off-by: Kirill Tkhai
---
fs/jbd2/journal.c |3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/jbd2/
From: Dmitry Monakhov
Add EXT4_IOC_MFSYNC ioctl which allow to perform sync on given set of files
in optimized way (only 1 barrier will be required in best scenario)
https://jira.sw.ru/browse/PSBM-18567
Signed-off-by: Dmitry Monakhov
+++
Comment on rebasing to rh7 kernel-3.10.0-229.7.2.el7:
---
Dmitry Monakhov (6):
ext4: Fix error handling after filesystem abort
jbd2: make shure that we do not miss aborted state
jbd2: raid amnesia protection for the journal
ext4: add mfsync support
ext4: add generic uevent infrastructure
ext4: send abort uevent on
From: Dmitry Monakhov
https://jira.sw.ru/browse/PSBM-15484
Some blockdevices can return different data on read requests from same block
after power failure (for example mirrored raid is out of sync, and resync is
in progress) In that case following sutuation is possible:
Power failure happen af
From: Konstantin Khorenko
The perf_event_open() syscall is available from Containers. The
CONFIG_CGROUP_PERF option is set in current OpenVZ kernel configs, but let's
force-enable it if CONFIG_VE is enabled to prevent possible non-secure kernel
config if someone rebuilds the kernel with own conf
From: Konstantin Khorenko
Simple NFS mount inside a Container brings us to vfs_submount(), so if
we want to enable NFS inside a Container (read - in CT root userns), we
have to soften the check for init userns.
SyS_mount
do_mount
vfs_kern_mount
mount_fs
nfs_fs_mount
nfs4_try_mount
From: Kirill Tkhai
It is not obvious, but delalloc makes data=writeback mode safer.
This is because actual data allocation happens inside writepages,
So stale blocks after unclean umount no longer an issue.
So in order to make data=writeback mode reliable we can not
temporarily disable delalloc
This is a port from 2.6.32-x of:
* diff-ext4-in-containers-treat-panic_on_errors-as-remount-ro_on_errors
ext4: in containers treat errors=panic as
Container can explode whole node if it remounts its ploop
with option 'errors=panic' and triggers abort after that.
From: Dmitry Monakhov
If filesystem was aborted after inode's write back is complete
but before its metadata was updated we may return success
results in data loss.
In order to handle fs abort correctly we have to check
fs state once we discover that it is in MS_RDONLY state
Signed-off-by: Dmitr
From: Konstantin Khorenko
If there are several shrinkers working on a single sbi there can be easily a
situation when a neighbor shrinkers reclaimed a bunch of extents and thus a
bunch inodes from the s_es_list but we don't honor this and iterate over
sbi->s_es_list the number of times equal to t
From: Konstantin Khorenko
This reverts ms commit bc1420ae56266fa2c5a8e452d55f744ca98fe42f.
* we want ext4 to send udev events
* kobject_uevent_env() kobject->kset is defined
=> let's ext4 defines kobject->kset
https://jira.sw.ru/browse/PSBM-127422
Signed-off-by: Konstantin Khorenko
Signed-o
From: Dmitry Monakhov
*Purpose:
It is reasonable to announce fs related events via uevent infrastructure.
This patch implement only ext4'th part, but IMHO this should be usefull for
any generic filesystem.
Example: Runtime fs-error is pure async event. Currently there is no good
way to handle th
From: Dmitry Monakhov
Currenlty error from device result in ext4_abort, but uevent not generated
because
ext4_abort() caller's context do not allow GFP_KERNEL memory allocation.
Let's relax submission context requirement and deffer actual uevent submission
to work_queue. It can be any workqueue
Commited
On 07.10.2021 13:19, Kirill Tkhai wrote:
> ---
>
> Dmitry Monakhov (6):
> ext4: Fix error handling after filesystem abort
> jbd2: make shure that we do not miss aborted state
> jbd2: raid amnesia protection for the journal
> ext4: add mfsync support
> ext4:
From: Andrey Ryabinin
Limit max mtu so that rx_buf_size fits into single page.
This must save us from allocation failures like this:
kswapd0: page allocation failure: order:2, mode:0x4020
Call Trace:
dump_stack+0x19/0x1b
warn_alloc_failed+0x110/0x180
__alloc_pages_nodemask+0x7bf/0xc6
From: Vasily Averin
v2: fixed thunderbird sentpatch settings
ipv6 tunnel network devices should have NETIF_F_VIRTUAL feature
to be registered inside containers.
Similar problem for sit wa fixed recently in
https://jira.sw.ru/browse/PSBM-127315
Signed-off-by: Vasily Averin
(cherry picked from
From: Vladimir Davydov
As long as we don't use user namespaces, we have to force
iorpio_{set,get}(IOPRIO_WHO_USER) to iterate over processes of the
current ve only.
Signed-off-by: Vladimir Davydov
=
VZ 8 rebase part https://j
From: Valeriy Vdovin
Due to implementation of cpu pools task, a maximum of 16 cpuid overrides
has become too small. Increase it to 128.
Also as the amount of records has now grown, the maximum write size has
also grown, so get_free_page has been changed to get_free_pages with
order 1.
Also the
From: Cyrill Gorcunov
This member represents fs.aio-max-nr sysctl entries. I think being able
to c/r from libvzctl script is better in terms of keeping c/r work
in one place, so instead of handling fs.aio-max-nr with sysctl utility
from inside of ve context, I do it via scripts and for this sake
From: Cyrill Gorcunov
In commit 7eeb5b4afa8db5a2f2e1e47ab6b84e55fc8c5661 I addressed
first half of a problem, but I happen to work with dirty copy
of libvzctl where mount_opts cgroup has been c/r'ed manually,
so I missed the case where @devmnt_list is empty on restore
(just like it is in vanilla
From: Alexander Mikhalitsyn
This reverts commit ms commit 15d0f5ea348b9c4e6d41df294dde38a56a39c7bf
("Make super_blocks and sb_lock static")
sb_lock will be used later for sync filtering feature implementation.
=
VZ 8 r
From: Konstantin Khorenko
We mount secondary ploop on host for resize functionality so allow mount
in init userns if fs already mounted in non-init userns.
https://jira.sw.ru/browse/PSBM-68599
Signed-off-by: Konstantin Khorenko
This hack is also needed for "vzctl snapshot-mount ..."
functiona
From: Kirill Tkhai
Patchset description:
Shrink big fdtable on criu restore
This patchset allows to avoid memory overuse introduced by service fds on criu
restore.
The solution is simple: smartly check for closed fd number, and shrink fdtable
if this could be made. The checks are happen in is_ps
Alexander Mikhalitsyn (1):
ms/fs: Revert "Make super_blocks and sb_lock static"
Andrey Ryabinin (1):
drivers/bnx2x: Limit setting of the max mtu
Cyrill Gorcunov (3):
ve/fs: Export fs.aio-max-nr via ve cgroup
ve/fs: namespace -- Ignore device permissions during restore
ve/fs: namespace -
From: Kirill Tkhai
Patchset description:
Shrink big fdtable on criu restore
This patchset allows to avoid memory overuse introduced by service fds on criu
restore.
The solution is simple: smartly check for closed fd number, and shrink fdtable
if this could be made. The checks are happen in is_ps
From: Vladimir Davydov
Author: Maxim Patlasov
Email: mpatla...@parallels.com
Subject: fs: allow to remove swapfile hardlinks
Date: Tue, 11 Mar 2014 20:33:12 +0400
There is nothing wrong to allow unlink(2) on a swapfile unless this is the last
link (i_nlink == 1).
The patch is useful for sharing
From: Kirill Tkhai
Extracted from "Initial patch".
Signed-off-by: Kirill Tkhai
=
Removed UBC-related code.
VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127782
vz7 commit: aad7bef ("fs: Lower ioprio in case of ioprio_set()
From: Kirill Tkhai
Patchset description:
Shrink big fdtable on criu restore
This patchset allows to avoid memory overuse introduced by service fds on criu
restore.
The solution is simple: smartly check for closed fd number, and shrink fdtable
if this could be made. The checks are happen in is_ps
From: Maxim Patlasov
https://jira.sw.ru/browse/PSBM-68226
== combined with:
fs: ioctl_fiemap must check what filemap_write_and_wait_range returns
It's safer to check if filemap_write_and_wait_range succeeded or not.
https://jira.sw.ru/browse/PSBM-68454
Signed-off-by: Alexey Kuznetsov
Signed
From: Konstantin Khorenko
>From cvs:
Virtuozzo/kernel-patches/2.4.20/diff-ve-netdev-teql-20041215
Patch from Vlad (vlad@):
This patch limits capability of VPS to manage teql device.
Otherwise the system can be compromised.
rebase to vz8:
- copy info from cvs
- place after ms teql fix ("net: sch
From: Konstantin Khorenko
We hit again and again the situation when Intel igb network cards
detection takes 3 seconds while timeout is set to 2 seconds.
Let's increase the timeout up to 5 seconds.
https://pmc.acronis.com/browse/VSTOR-14627
Signed-off-by: Konstantin Khorenko
drive
From: Valeriy Vdovin
Updating cpuid_fault table is actually critical in terms
of container migration (migrating with criu involves two
stages: cpu matching and migration itself).
If someone third side involves into cpuid_fault modification the
migration may fail and we get not even a sign of wha
From: Konstantin Khlebnikov
hidepidns=1 makes all tasks from nested pid-namespaces invisible.
They are still accessible via /proc//, but readdir will not show them.
Signed-off-by: Konstantin Khlebnikov
===
VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127782
vz7 commit: a98711f ("pidns: add
From: Pavel Tikhomirov
Reasons:
1) We don't need to show this cgroup in CT, it's vz specific,
and nobody should use it inside.
2) Docker from v17.11 checks that all cgroups are mounted, but we
don't mount ve cgroup, thus docker fails.
Still show ve for pseudosuper, so that this change does not
i
From: Cyrill Gorcunov
To support several storage backends (ploops) inside container
we've hacks in libvzctl which setup "old" permissions when
restore procedure initiated. But the former idea was simply
allow CRIU to do all the works and restore ploops mounts
by its own (since CRIU fetches all mo
From: Konstantin Khorenko
"sync/fsync" called from inside a Container might have different behavior.
Affects sys_sync, sys_fsync, sys_fdatasync, sys_sync_file_range
syscalls.
aio_fsync (sys_io_submit) not affected.
syncs cannot be disabled for ve0.
All values described below (even if set on ve0
From: Vasily Averin
Currently, we fail to create sit interface inside container,
because it has neither NETIF_F_VIRTUAL nor NETIF_F_NETNS_LOCAL:
ipip6_tunnel_ioctl
ipip6_tunnel_locate
ipip6_tunnel_create
register_netdevice
ve_is_dev_movable
Mark sit as NETIF_F_VIRTUAL to fix
Hi! Here is a ported vtty series, build and boot tested only obviously.
I think we might revisit this code and rework more deeply once we manage
to run containers inside so I would be able to manipulate vtty console
from userspace level.
https://jira.sw.ru/browse/PSBM-134014
Andrey Vagin (1):
v
From: Konstantin Khlebnikov
port of 2.6.32-x diff-tty-TIOSAK-Secure-Attention-Key-ioctl
ported by Dmitry Guryanov
Signed-off-by: Konstantin Khlebnikov
Signed-off-by: Dmitry Guryanov
Author: Konstantin Khlebnikov
Email: khlebni...@openvz.org
Subject: tty: TIOSAK Secure Attention Key ioctl
Dat
From: Andrey Vagin
port of 2.6.32-x diff-ms-input-detach-input-from-console
ported by Dmitry Guryanov
Signed-off-by: Andrey Vagin
Signed-off-by: Dmitry Guryanov
Author: Andrey Vagin
Email: ava...@openvz.org
Subject: kbd: add file kbd_bind in sysfs, which allow unbind keyboard from tty
(v2)
These fields are sensitive to userspace so was a copy-paste
bug in first place when I defined driver fields (the pty
as well as vtty devices have same structure in drivers).
Also I defined @chars_in_buffer, @flush_buffer and @resize
methods for driver to be close to former pcs6 driver structure.
Previously in commit 8674c044330fad1458bd59b02f9037fb97e8b7af stubs for
virtual terminals have been added, they support writes from kernel side
which simply drops into the void.
In the patch the code has been moved from kernel/ve/console.c
to drivers/tty/pty.c to reuse a couple of pty helpers.
No
In pcs6 vttys are mapped into internal kernel representation in
nonobvious way. The /dev/console represent [maj:5,min:1], in
turn /dev/tty[0-...] are defined as [maj:4,min:0...], where
minor is bijective to symbol postfix of the tty. Internally
in the pcs6 kernel any open of /dev/ttyX has been mapp
When there are several files opened on /dev/console from inside
of a container and noone hooked on master peer, any close called
cause master peer to be freed with TTY_CLOSING bit set. So that
next "vzctl console $ctid $ttynum" call force kernel to allocate
new vtty pair and in result we can't logi
Currently on container's stop we free vtty mapping in a force way
so that if there is active console hooked from the node it become
unusable since then. It was easier to work with when we've been
reworking virtual console code.
Now lets make console fully functional as it was in pcs6:
when opened
From: Stanislav Kinsburskiy
Instead of static variables.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
khorenko@: rebase to RHEL8.4 notes:
- proc_event_counts completely rewritten
+++
proc connector: protect from task cpu migration in send_msg_ve
this_cpu_ptr() should be
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit cd538ce1a2debf6078137da932ffaafa6d96e373)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 25 +++--
1 file changed, 7 insertions(
From: Stanislav Kinsburskiy
This allows to support per-container connector creation and destruction.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 32c1390b702c4842360db8ae6690285786a06a95)
Signed-off-by: Pavel Tikhomirov
---
drivers/connect
From: Stanislav Kinsburskiy
Instead of global static device.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit a7339fcffcb28a9c161438561e885833af237c6b)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/connector.c | 8
1 file chan
From: Stanislav Kinsburskiy
Intead of hardcoded "init" namespaces.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
+++
drivers/connector: fix nullptr dereference ve->ve_ns->pid_ns
cn_proc_ack incorrectly assumes that ve->ve_ns is not NULL. Check it.
Also add rcu_dereference
From: Stanislav Kinsburskiy
Needed to expose "/proc/net/connector" in CT and show right content.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit dc2514140f30bcb500b3991727ba3c2149927dce)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/c
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 40a636406378386a7b035a5e7af4de474da017a1)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 25 +++--
1 file changed, 7 insertions(
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 7923b2d8cce6f7a5599d3e3c4a28fb9f66c6f5ac)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 25 +++--
1 file changed, 7 insertions(
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit fea602611d49dc7b6d006d061e998b183de072ad)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 26 --
1 file changed, 8 insertions
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 1f57e9853e84c4ee3c48c3b11697bbef0ba138ce)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/connector.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(
From: Stanislav Kinsburskiy
This is precursor patch.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 0c549e1074be22cab602238ddbc9b4ccd161040d)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/connector.c | 49 +++-
https://jira.sw.ru/browse/PSBM-133993
Stanislav Kinsburskiy (26):
connector: store all private data on VE structure
connector: introduce VE-aware get_cdev() helper
connector: per-ve init and fini helpers introduced
connector: use device stored in VE
connector: per-ve helpers intoruduced
From: Stanislav Kinsburskiy
This is precursor patch. Later VE pid ns will be used.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit af343320483fe4ec1a6cb23069d5d299e9312e3c)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 54
From: Stanislav Kinsburskiy
A lot of code is duplicated in proc connector events handling.
This patch introduces generic even handler, which will be used by
different events.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit ce16dd673b3a600133ade
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit fa2549935ed5052ddf9d56aae16ac1cbffb68955)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 24 +++-
1 file changed, 7 insertions(+
From: Stanislav Kinsburskiy
Required to send event in the network to the right listener.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit d6d227a4938089ff429b0fec22db738296aa5f24)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c
From: Stanislav Kinsburskiy
These routines will be called from main connecter per-ve init and fini
routines.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 5e3858a525b434080e43d72e5b5a512c472cb6f7)
Signed-off-by: Pavel Tikhomirov
---
drivers
From: Stanislav Kinsburskiy
This is needed to attach listener to the right device. I.e. attach to the
right source of events (in terms of CT).
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 7bb6d59f26eb5933ead9f66e15aa84d02969f16b)
Signed-off-
From: Stanislav Kinsburskiy
Precursor patch. VE will be used later to get proper pid and user namespaces
for correct event generation.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 18f93852ccecefdddf82b9aa07834e45503d986e)
Signed-off-by: Pave
From: Stanislav Kinsburskiy
Once containerized, device won't be one and for all.
Thus make a helper template and use it instead of direct device object access.
Use ve0 for now.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit db4e4f5f9db2e4a9a4f
From: Stanislav Kinsburskiy
This is needed to preserve current behaviour, when process in initial pid and
user namespaces (i.e. in VE#0) can receive events from all the processes in
the system.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit cf
From: Stanislav Kinsburskiy
This is needed to containerize connector and its proc part.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit eda754aba8a4ba5d2be0a27a664e86c85e382869)
Signed-off-by: Pavel Tikhomirov
---
include/linux/connector.h |
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit f2d645abc744ded52e9b376dbfbd2dca22ffba63)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 24 +++-
1 file changed, 7 insertions(+
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 9feb0939ead47a81980788f8b09bce7451fe1a98)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 26 +++---
1 file changed, 7 insertions
From: Stanislav Kinsburskiy
This helpers will be used later to initialize per-container connector.
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
+++
connector: avoid RCU read-side critical section in cn_init_ve()
First, netlink_kernel_create() cannot be called under rcu_r
From: Stanislav Kinsburskiy
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 2795cd70d1982deb5df323c976540ef0ab487c38)
Signed-off-by: Pavel Tikhomirov
---
drivers/connector/cn_proc.c | 28 +---
1 file changed, 9 insertio
From: Stanislav Kinsburskiy
And thus containerize connector finally.
https://jira.sw.ru/browse/PSBM-60227
Signed-off-by: Stanislav Kinsburskiy
Reviewed-by: Andrey Ryabinin
(cherry picked from vz8 commit 0109d8f15be56625212f43dfeddeed6a2ae0cc08)
Signed-off-by: Pavel Tikhomirov
---
drivers/c
Commited
On 07.10.2021 13:57, Andrey Zhadchenko wrote:
> Alexander Mikhalitsyn (1):
> ms/fs: Revert "Make super_blocks and sb_lock static"
>
> Andrey Ryabinin (1):
> drivers/bnx2x: Limit setting of the max mtu
>
> Cyrill Gorcunov (3):
> ve/fs: Export fs.aio-max-nr via ve cgroup
> ve/fs:
Commited
On 07.10.2021 15:53, Pavel Tikhomirov wrote:
> https://jira.sw.ru/browse/PSBM-133993
>
> Stanislav Kinsburskiy (26):
> connector: store all private data on VE structure
> connector: introduce VE-aware get_cdev() helper
> connector: per-ve init and fini helpers introduced
> connec
74 matches
Mail list logo
