[packages/kernel] - drop vserver, project is dead for years, last patch was for kernel 4.9 (EOL)
baggins
baggins at pld-linux.org
Wed Dec 6 11:21:22 CET 2023
commit c3eefe75c2da6369ca28c4bc6a1fde3d804bb812
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Wed Dec 6 10:13:53 2023 +0100
- drop vserver, project is dead for years, last patch was for kernel 4.9 (EOL)
kernel-aufs+vserver.patch | 34 -
kernel-owner-xid.patch | 40 -
kernel-vserver-2.3.patch | 25071 -------------------------------------------
kernel-vserver-fixes.patch | 11 -
kernel-vserver.config | 38 -
kernel.spec | 47 -
6 files changed, 25241 deletions(-)
---
diff --git a/kernel.spec b/kernel.spec
index 1ae9cbb0..433db540 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -4,8 +4,6 @@
#
# TODO:
# - benchmark NO_HZ & HZ=1000 vs HZ=300 on i686
-# - IPv4 source address selection for multihomed vservers is completely broken
-# meaning routing table is ignored except for default
#
# HOWTO update configuration files:
# - run build
@@ -29,8 +27,6 @@
%bcond_without aufs # aufs4 support
-%bcond_with vserver # support for VServer
-
%bcond_with rt # real-time kernel (CONFIG_PREEMPT_RT) for low latencies
%bcond_with vanilla # don't include any patches
@@ -44,7 +40,6 @@
%define have_pcmcia 1
%if %{with rescuecd}
-%unglobal with_vserver
%define have_drm 0
%define have_sound 0
%endif
@@ -143,7 +138,6 @@ Source26: kernel-arm.config
Source27: kernel-arm64.config
Source41: kernel-patches.config
-Source43: kernel-vserver.config
Source44: kernel-rt.config
Source58: kernel-inittmpfs.config
@@ -159,9 +153,6 @@ Patch6: linux-wistron-nx.patch
Patch10: kernel-pom-ng-IPV4OPTSSTRIP.patch
-# http://ftp.linux-vserver.org/pub/people/dhozac/p/k/delta-owner-xid-feat02.diff
-Patch37: kernel-owner-xid.patch
-
### End netfilter
# by Baggins request:
@@ -176,17 +167,8 @@ Patch59: kernel-rndis_host-wm5.patch
# http://patches.aircrack-ng.org/hostap-kernel-2.6.18.patch
Patch85: kernel-hostap.patch
-%define vserver_patch 3.18.5-vs2.3.7.3
-# http://vserver.13thfloor.at/Experimental/patch-3.18.5-vs2.3.7.3.diff
-# note there are additional patches from above url:
-# - *fix* are real fixes (we want these)
-# - *feat* are new features/tests (we don't want these)
-Patch100: kernel-vserver-2.3.patch
-Patch101: kernel-vserver-fixes.patch
-
# see update-source.sh
Patch145: kernel-aufs.patch
-Patch146: kernel-aufs+vserver.patch
Patch147: kernel-aufs-make.patch
# Show normal colors in menuconfig with ncurses ABI 6
@@ -297,7 +279,6 @@ Conflicts: reiserfsprogs < 3.6.3
Conflicts: rpm < 4.4.2-0.2
Conflicts: udev < 1:081
Conflicts: util-linux < 2.10o
-Conflicts: util-vserver < 0.30.216
Conflicts: xfsprogs < 2.6.0
%if %{with pae}
ExclusiveArch: i686 pentium3 pentium4 athlon
@@ -383,11 +364,8 @@ BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define MakeOpts %{CrossOpts} HOSTCC="%{__cc} -D_FILE_OFFSET_BITS=64"
%define __features \
-%{?with_vserver:Vserver - enabled}\
-%{!?with_vserver:WARNING: VSERVER IS DISABLED IN THIS KERNEL BUILD!}\
%{?with_fbcondecor:Fbsplash/fbcondecor - enabled }\
%{?with_nfsroot:Root on NFS - enabled}\
-%{?with_vserver:Linux-VServer - %{vserver_patch}}\
%{?with_rt:CONFIG_PREEMPT_RT - enabled}\
%define Features %(echo "%{__features}" | sed '/^$/d')
@@ -619,11 +597,6 @@ cd linux-%{basever}
# kernel-pom-ng-IPV4OPTSSTRIP.patch
%patch10 -p1
-# kernel-owner-xid.patch
-%if %{with vserver}
-%patch37 -p1
-%endif
-
##
# end of netfilter
@@ -636,19 +609,10 @@ cd linux-%{basever}
# hostap enhancements from/for aircrack-ng
%patch85 -p1
-# vserver
-%if %{with vserver}
-%patch100 -p1
-%patch101 -p1
-%endif
-
%if %{with aufs}
# aufs
%patch145 -p1
%patch147 -p1
-%if %{with vserver}
-%patch146 -p1
-%endif
%endif
%if %{with rescuecd}
@@ -909,9 +873,6 @@ EOCONFIG
rescue.config \
%endif
\
-%if %{with vserver}
- %{SOURCE43} \
-%endif
%if %{with rt}
%{SOURCE44} \
%endif
@@ -1143,14 +1104,6 @@ fi
%depmod %{kernel_release}
-%if %{without vserver}
-%banner -e -a kernel <<EOF
-
-WARNING: Vserver support is DISABLED in this kernel build!
-
-EOF
-%endif
-
%posttrans
# use posttrans to generate initrd after all dependant module packages (-drm, etc) are installed
[ -f /etc/sysconfig/kernel ] && . /etc/sysconfig/kernel
diff --git a/kernel-aufs+vserver.patch b/kernel-aufs+vserver.patch
deleted file mode 100644
index 4aa67b00..00000000
--- a/kernel-aufs+vserver.patch
+++ /dev/null
@@ -1,34 +0,0 @@
---- linux.aufs/fs/aufs/cpup.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux/fs/aufs/cpup.c 2013-08-23 23:59:39.631583456 +0200
-@@ -24,9 +24,9 @@
- #include <linux/mm.h>
- #include "aufs.h"
-
--void au_cpup_attr_flags(struct inode *dst, unsigned int iflags)
-+void au_cpup_attr_flags(struct inode *dst, unsigned short iflags)
- {
-- const unsigned int mask = S_DEAD | S_SWAPFILE | S_PRIVATE
-+ const unsigned short mask = S_DEAD | S_SWAPFILE | S_PRIVATE
- | S_NOATIME | S_NOCMTIME | S_AUTOMOUNT;
-
- BUILD_BUG_ON(sizeof(iflags) != sizeof(dst->i_flags));
-@@ -155,7 +155,7 @@ diff -urN /usr/share/empty/fs/aufs/cpup.c linux/fs/aufs/cpup.c
- struct au_cpup_reg_attr {
- int valid;
- struct kstat st;
-- unsigned int iflags; /* inode->i_flags */
-+ unsigned short iflags; /* inode->i_flags */
- };
-
- static noinline_for_stack
---- linux.aufs/fs/aufs/cpup.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux/fs/aufs/cpup.h 2013-08-23 23:59:39.634916914 +0200
-@@ -31,7 +31,7 @@ diff -urN /usr/share/empty/fs/aufs/cpup.h linux/fs/aufs/cpup.h
- struct file;
- struct au_pin;
-
--void au_cpup_attr_flags(struct inode *dst, unsigned int iflags);
-+void au_cpup_attr_flags(struct inode *dst, unsigned short iflags);
- void au_cpup_attr_timesizes(struct inode *inode);
- void au_cpup_attr_nlink(struct inode *inode, int force);
- void au_cpup_attr_changeable(struct inode *inode);
diff --git a/kernel-owner-xid.patch b/kernel-owner-xid.patch
deleted file mode 100644
index 01389aa7..00000000
--- a/kernel-owner-xid.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-diff -upr linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h
---- linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h 2008-04-17 02:49:44.000000000 +0000
-+++ linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h 2008-05-20 18:36:38.074950561 +0000
-@@ -5,12 +5,16 @@ enum {
- XT_OWNER_UID = 1 << 0,
- XT_OWNER_GID = 1 << 1,
- XT_OWNER_SOCKET = 1 << 2,
-+ XT_OWNER_XID = 1 << 3,
-+ XT_OWNER_NID = 1 << 4,
- };
-
- struct xt_owner_match_info {
- __u32 uid_min, uid_max;
- __u32 gid_min, gid_max;
- __u8 match, invert;
-+ __u32 nid;
-+ __u32 xid;
- };
-
- #endif /* _XT_OWNER_MATCH_H */
-diff -upr linux-2.6.25/net/netfilter/xt_owner.c linux-2.6.25-owner-xid/net/netfilter/xt_owner.c
---- linux-2.6.25/net/netfilter/xt_owner.c 2008-05-20 17:15:02.411418369 +0000
-+++ linux-2.6.25-owner-xid/net/netfilter/xt_owner.c 2008-05-20 17:48:15.774419069 +0000
-@@ -113,6 +133,16 @@ owner_mt(const struct sk_buff *skb, cons
- !(info->invert & XT_OWNER_GID))
- return false;
-
-+ if (info->match & XT_OWNER_NID)
-+ if ((skb->sk->sk_nid != info->nid) ^
-+ !!(info->invert & XT_OWNER_NID))
-+ return 0;
-+
-+ if (info->match & XT_OWNER_XID)
-+ if ((skb->sk->sk_xid != info->xid) ^
-+ !!(info->invert & XT_OWNER_XID))
-+ return 0;
-+
- return true;
- }
-
diff --git a/kernel-vserver-2.3.patch b/kernel-vserver-2.3.patch
deleted file mode 100644
index 1f7aa6f1..00000000
--- a/kernel-vserver-2.3.patch
+++ /dev/null
@@ -1,25071 +0,0 @@
-diff -NurpP --minimal linux-3.18.5/Documentation/vserver/debug.txt linux-3.18.5-vs2.3.7.3/Documentation/vserver/debug.txt
---- linux-3.18.5/Documentation/vserver/debug.txt 1970-01-01 00:00:00.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/Documentation/vserver/debug.txt 2015-01-19 10:57:45.000000000 +0000
-@@ -0,0 +1,154 @@
-+
-+debug_cvirt:
-+
-+ 2 4 "vx_map_tgid: %p/%llx: %d -> %d"
-+ "vx_rmap_tgid: %p/%llx: %d -> %d"
-+
-+debug_dlim:
-+
-+ 0 1 "ALLOC (%p,#%d)%c inode (%d)"
-+ "FREE (%p,#%d)%c inode"
-+ 1 2 "ALLOC (%p,#%d)%c %lld bytes (%d)"
-+ "FREE (%p,#%d)%c %lld bytes"
-+ 2 4 "ADJUST: %lld,%lld on %ld,%ld [mult=%d]"
-+ 3 8 "ext3_has_free_blocks(%p): %lu<%lu+1, %c, %u!=%u r=%d"
-+ "ext3_has_free_blocks(%p): free=%lu, root=%lu"
-+ "rcu_free_dl_info(%p)"
-+ 4 10 "alloc_dl_info(%p,%d) = %p"
-+ "dealloc_dl_info(%p)"
-+ "get_dl_info(%p[#%d.%d])"
-+ "put_dl_info(%p[#%d.%d])"
-+ 5 20 "alloc_dl_info(%p,%d)*"
-+ 6 40 "__hash_dl_info: %p[#%d]"
-+ "__unhash_dl_info: %p[#%d]"
-+ 7 80 "locate_dl_info(%p,#%d) = %p"
-+
-+debug_misc:
-+
-+ 0 1 "destroy_dqhash: %p [#0x%08x] c=%d"
-+ "new_dqhash: %p [#0x%08x]"
-+ "vroot[%d]_clr_dev: dev=%p[%lu,%d:%d]"
-+ "vroot[%d]_get_real_bdev: dev=%p[%lu,%d:%d]"
-+ "vroot[%d]_set_dev: dev=%p[%lu,%d:%d]"
-+ "vroot_get_real_bdev not set"
-+ 1 2 "cow_break_link(�%s�)"
-+ "temp copy �%s�"
-+ 2 4 "dentry_open(new): %p"
-+ "dentry_open(old): %p"
-+ "lookup_create(new): %p"
-+ "old path �%s�"
-+ "path_lookup(old): %d"
-+ "vfs_create(new): %d"
-+ "vfs_rename: %d"
-+ "vfs_sendfile: %d"
-+ 3 8 "fput(new_file=%p[#%d])"
-+ "fput(old_file=%p[#%d])"
-+ 4 10 "vx_info_kill(%p[#%d],%d,%d) = %d"
-+ "vx_info_kill(%p[#%d],%d,%d)*"
-+ 5 20 "vs_reboot(%p[#%d],%d)"
-+ 6 40 "dropping task %p[#%u,%u] for %p[#%u,%u]"
-+
-+debug_net:
-+
-+ 2 4 "nx_addr_conflict(%p,%p) %d.%d,%d.%d"
-+ 3 8 "inet_bind(%p) %d.%d.%d.%d, %d.%d.%d.%d, %d.%d.%d.%d"
-+ "inet_bind(%p)* %p,%p;%lx %d.%d.%d.%d"
-+ 4 10 "ip_route_connect(%p) %p,%p;%lx"
-+ 5 20 "__addr_in_socket(%p,%d.%d.%d.%d) %p:%d.%d.%d.%d %p;%lx"
-+ 6 40 "sk,egf: %p [#%d] (from %d)"
-+ "sk,egn: %p [#%d] (from %d)"
-+ "sk,req: %p [#%d] (from %d)"
-+ "sk: %p [#%d] (from %d)"
-+ "tw: %p [#%d] (from %d)"
-+ 7 80 "__sock_recvmsg: %p[%p,%p,%p;%d]:%d/%d"
-+ "__sock_sendmsg: %p[%p,%p,%p;%d]:%d/%d"
-+
-+debug_nid:
-+
-+ 0 1 "__lookup_nx_info(#%u): %p[#%u]"
-+ "alloc_nx_info(%d) = %p"
-+ "create_nx_info(%d) (dynamic rejected)"
-+ "create_nx_info(%d) = %p (already there)"
-+ "create_nx_info(%d) = %p (new)"
-+ "dealloc_nx_info(%p)"
-+ 1 2 "alloc_nx_info(%d)*"
-+ "create_nx_info(%d)*"
-+ 2 4 "get_nx_info(%p[#%d.%d])"
-+ "put_nx_info(%p[#%d.%d])"
-+ 3 8 "claim_nx_info(%p[#%d.%d.%d]) %p"
-+ "clr_nx_info(%p[#%d.%d])"
-+ "init_nx_info(%p[#%d.%d])"
-+ "release_nx_info(%p[#%d.%d.%d]) %p"
-+ "set_nx_info(%p[#%d.%d])"
-+ 4 10 "__hash_nx_info: %p[#%d]"
-+ "__nx_dynamic_id: [#%d]"
-+ "__unhash_nx_info: %p[#%d.%d.%d]"
-+ 5 20 "moved task %p into nxi:%p[#%d]"
-+ "nx_migrate_task(%p,%p[#%d.%d.%d])"
-+ "task_get_nx_info(%p)"
-+ 6 40 "nx_clear_persistent(%p[#%d])"
-+
-+debug_quota:
-+
-+ 0 1 "quota_sync_dqh(%p,%d) discard inode %p"
-+ 1 2 "quota_sync_dqh(%p,%d)"
-+ "sync_dquots(%p,%d)"
-+ "sync_dquots_dqh(%p,%d)"
-+ 3 8 "do_quotactl(%p,%d,cmd=%d,id=%d,%p)"
-+
-+debug_switch:
-+
-+ 0 1 "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]"
-+ 1 2 "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]"
-+ 4 10 "%s: (%s %s) returned %s with %d"
-+
-+debug_tag:
-+
-+ 7 80 "dx_parse_tag(�%s�): %d:#%d"
-+ "dx_propagate_tag(%p[#%lu.%d]): %d,%d"
-+
-+debug_xid:
-+
-+ 0 1 "__lookup_vx_info(#%u): %p[#%u]"
-+ "alloc_vx_info(%d) = %p"
-+ "alloc_vx_info(%d)*"
-+ "create_vx_info(%d) (dynamic rejected)"
-+ "create_vx_info(%d) = %p (already there)"
-+ "create_vx_info(%d) = %p (new)"
-+ "dealloc_vx_info(%p)"
-+ "loc_vx_info(%d) = %p (found)"
-+ "loc_vx_info(%d) = %p (new)"
-+ "loc_vx_info(%d) = %p (not available)"
-+ 1 2 "create_vx_info(%d)*"
-+ "loc_vx_info(%d)*"
-+ 2 4 "get_vx_info(%p[#%d.%d])"
-+ "put_vx_info(%p[#%d.%d])"
-+ 3 8 "claim_vx_info(%p[#%d.%d.%d]) %p"
-+ "clr_vx_info(%p[#%d.%d])"
-+ "init_vx_info(%p[#%d.%d])"
-+ "release_vx_info(%p[#%d.%d.%d]) %p"
-+ "set_vx_info(%p[#%d.%d])"
-+ 4 10 "__hash_vx_info: %p[#%d]"
-+ "__unhash_vx_info: %p[#%d.%d.%d]"
-+ "__vx_dynamic_id: [#%d]"
-+ 5 20 "enter_vx_info(%p[#%d],%p) %p[#%d,%p]"
-+ "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]"
-+ "moved task %p into vxi:%p[#%d]"
-+ "task_get_vx_info(%p)"
-+ "vx_migrate_task(%p,%p[#%d.%d])"
-+ 6 40 "vx_clear_persistent(%p[#%d])"
-+ "vx_exit_init(%p[#%d],%p[#%d,%d,%d])"
-+ "vx_set_init(%p[#%d],%p[#%d,%d,%d])"
-+ "vx_set_persistent(%p[#%d])"
-+ "vx_set_reaper(%p[#%d],%p[#%d,%d])"
-+ 7 80 "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]"
-+
-+
-+debug_limit:
-+
-+ n 2^n "vx_acc_cres[%5d,%s,%2d]: %5d%s"
-+ "vx_cres_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
-+
-+ m 2^m "vx_acc_page[%5d,%s,%2d]: %5d%s"
-+ "vx_acc_pages[%5d,%s,%2d]: %5d += %5d"
-+ "vx_pages_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
-diff -NurpP --minimal linux-3.18.5/arch/alpha/Kconfig linux-3.18.5-vs2.3.7.3/arch/alpha/Kconfig
---- linux-3.18.5/arch/alpha/Kconfig 2014-06-12 13:00:27.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/alpha/Kconfig 2015-01-19 10:57:45.000000000 +0000
-@@ -740,6 +740,8 @@ config DUMMY_CONSOLE
- depends on VGA_HOSE
- default y
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/alpha/kernel/systbls.S linux-3.18.5-vs2.3.7.3/arch/alpha/kernel/systbls.S
---- linux-3.18.5/arch/alpha/kernel/systbls.S 2015-01-16 22:18:10.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/alpha/kernel/systbls.S 2015-01-19 10:57:45.000000000 +0000
-@@ -446,7 +446,7 @@ sys_call_table:
- .quad sys_stat64 /* 425 */
- .quad sys_lstat64
- .quad sys_fstat64
-- .quad sys_ni_syscall /* sys_vserver */
-+ .quad sys_vserver /* sys_vserver */
- .quad sys_ni_syscall /* sys_mbind */
- .quad sys_ni_syscall /* sys_get_mempolicy */
- .quad sys_ni_syscall /* sys_set_mempolicy */
-diff -NurpP --minimal linux-3.18.5/arch/alpha/kernel/traps.c linux-3.18.5-vs2.3.7.3/arch/alpha/kernel/traps.c
---- linux-3.18.5/arch/alpha/kernel/traps.c 2014-01-22 20:38:10.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/alpha/kernel/traps.c 2015-01-19 10:57:45.000000000 +0000
-@@ -175,7 +175,8 @@ die_if_kernel(char * str, struct pt_regs
- #ifdef CONFIG_SMP
- printk("CPU %d ", hard_smp_processor_id());
- #endif
-- printk("%s(%d): %s %ld\n", current->comm, task_pid_nr(current), str, err);
-+ printk("%s(%d:#%u): %s %ld\n", current->comm,
-+ task_pid_nr(current), current->xid, str, err);
- dik_show_regs(regs, r9_15);
- add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE);
- dik_show_trace((unsigned long *)(regs+1));
-diff -NurpP --minimal linux-3.18.5/arch/arm/Kconfig linux-3.18.5-vs2.3.7.3/arch/arm/Kconfig
---- linux-3.18.5/arch/arm/Kconfig 2015-01-17 02:39:30.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/arm/Kconfig 2015-01-19 10:57:45.000000000 +0000
-@@ -2170,6 +2170,8 @@ source "fs/Kconfig"
-
- source "arch/arm/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/arm/kernel/calls.S linux-3.18.5-vs2.3.7.3/arch/arm/kernel/calls.S
---- linux-3.18.5/arch/arm/kernel/calls.S 2015-01-17 02:39:31.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/arm/kernel/calls.S 2015-01-19 10:57:45.000000000 +0000
-@@ -322,7 +322,7 @@
- /* 310 */ CALL(sys_request_key)
- CALL(sys_keyctl)
- CALL(ABI(sys_semtimedop, sys_oabi_semtimedop))
--/* vserver */ CALL(sys_ni_syscall)
-+ CALL(sys_vserver)
- CALL(sys_ioprio_set)
- /* 315 */ CALL(sys_ioprio_get)
- CALL(sys_inotify_init)
-diff -NurpP --minimal linux-3.18.5/arch/arm/kernel/traps.c linux-3.18.5-vs2.3.7.3/arch/arm/kernel/traps.c
---- linux-3.18.5/arch/arm/kernel/traps.c 2015-01-17 02:39:31.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/arm/kernel/traps.c 2015-01-19 10:57:45.000000000 +0000
-@@ -250,8 +250,8 @@ static int __die(const char *str, int er
-
- print_modules();
- __show_regs(regs);
-- printk(KERN_EMERG "Process %.*s (pid: %d, stack limit = 0x%p)\n",
-- TASK_COMM_LEN, tsk->comm, task_pid_nr(tsk), end_of_stack(tsk));
-+ printk(KERN_EMERG "Process %.*s (pid: %d:#%u, stack limit = 0x%p)\n",
-+ TASK_COMM_LEN, tsk->comm, task_pid_nr(tsk), tsk->xid, end_of_stack(tsk));
-
- if (!user_mode(regs) || in_interrupt()) {
- dump_mem(KERN_EMERG, "Stack: ", regs->ARM_sp,
-diff -NurpP --minimal linux-3.18.5/arch/cris/Kconfig linux-3.18.5-vs2.3.7.3/arch/cris/Kconfig
---- linux-3.18.5/arch/cris/Kconfig 2014-06-12 13:00:42.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/cris/Kconfig 2015-01-19 10:57:45.000000000 +0000
-@@ -556,6 +556,8 @@ source "fs/Kconfig"
-
- source "arch/cris/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/ia64/Kconfig linux-3.18.5-vs2.3.7.3/arch/ia64/Kconfig
---- linux-3.18.5/arch/ia64/Kconfig 2015-01-16 22:18:19.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/ia64/Kconfig 2015-01-19 10:57:45.000000000 +0000
-@@ -636,6 +636,8 @@ source "fs/Kconfig"
-
- source "arch/ia64/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/ia64/kernel/entry.S linux-3.18.5-vs2.3.7.3/arch/ia64/kernel/entry.S
---- linux-3.18.5/arch/ia64/kernel/entry.S 2015-01-17 02:39:35.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/ia64/kernel/entry.S 2015-01-19 10:57:45.000000000 +0000
-@@ -1706,7 +1706,7 @@ sys_call_table:
- data8 sys_mq_notify
- data8 sys_mq_getsetattr
- data8 sys_kexec_load
-- data8 sys_ni_syscall // reserved for vserver
-+ data8 sys_vserver
- data8 sys_waitid // 1270
- data8 sys_add_key
- data8 sys_request_key
-diff -NurpP --minimal linux-3.18.5/arch/ia64/kernel/ptrace.c linux-3.18.5-vs2.3.7.3/arch/ia64/kernel/ptrace.c
---- linux-3.18.5/arch/ia64/kernel/ptrace.c 2015-01-17 02:39:35.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/ia64/kernel/ptrace.c 2015-01-19 10:57:45.000000000 +0000
-@@ -21,6 +21,7 @@
- #include <linux/regset.h>
- #include <linux/elf.h>
- #include <linux/tracehook.h>
-+#include <linux/vs_base.h>
-
- #include <asm/pgtable.h>
- #include <asm/processor.h>
-diff -NurpP --minimal linux-3.18.5/arch/ia64/kernel/traps.c linux-3.18.5-vs2.3.7.3/arch/ia64/kernel/traps.c
---- linux-3.18.5/arch/ia64/kernel/traps.c 2015-01-17 02:39:35.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/ia64/kernel/traps.c 2015-01-19 10:57:45.000000000 +0000
-@@ -60,8 +60,9 @@ die (const char *str, struct pt_regs *re
- put_cpu();
-
- if (++die.lock_owner_depth < 3) {
-- printk("%s[%d]: %s %ld [%d]\n",
-- current->comm, task_pid_nr(current), str, err, ++die_counter);
-+ printk("%s[%d:#%u]: %s %ld [%d]\n",
-+ current->comm, task_pid_nr(current), current->xid,
-+ str, err, ++die_counter);
- if (notify_die(DIE_OOPS, str, regs, err, 255, SIGSEGV)
- != NOTIFY_STOP)
- show_regs(regs);
-@@ -324,8 +325,9 @@ handle_fpu_swa (int fp_fault, struct pt_
- if ((last.count & 15) < 5 && (ia64_fetchadd(1, &last.count, acq) & 15) < 5) {
- last.time = current_jiffies + 5 * HZ;
- printk(KERN_WARNING
-- "%s(%d): floating-point assist fault at ip %016lx, isr %016lx\n",
-- current->comm, task_pid_nr(current), regs->cr_iip + ia64_psr(regs)->ri, isr);
-+ "%s(%d:#%u): floating-point assist fault at ip %016lx, isr %016lx\n",
-+ current->comm, task_pid_nr(current), current->xid,
-+ regs->cr_iip + ia64_psr(regs)->ri, isr);
- }
- }
- }
-diff -NurpP --minimal linux-3.18.5/arch/m32r/kernel/traps.c linux-3.18.5-vs2.3.7.3/arch/m32r/kernel/traps.c
---- linux-3.18.5/arch/m32r/kernel/traps.c 2013-07-14 17:00:26.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/m32r/kernel/traps.c 2015-01-19 10:57:45.000000000 +0000
-@@ -184,8 +184,9 @@ static void show_registers(struct pt_reg
- } else {
- printk("SPI: %08lx\n", sp);
- }
-- printk("Process %s (pid: %d, process nr: %d, stackpage=%08lx)",
-- current->comm, task_pid_nr(current), 0xffff & i, 4096+(unsigned long)current);
-+ printk("Process %s (pid: %d:#%u, process nr: %d, stackpage=%08lx)",
-+ current->comm, task_pid_nr(current), current->xid,
-+ 0xffff & i, 4096+(unsigned long)current);
-
- /*
- * When in-kernel, we also print out the stack and code at the
-diff -NurpP --minimal linux-3.18.5/arch/m68k/Kconfig linux-3.18.5-vs2.3.7.3/arch/m68k/Kconfig
---- linux-3.18.5/arch/m68k/Kconfig 2014-06-12 13:00:43.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/m68k/Kconfig 2015-01-19 10:57:45.000000000 +0000
-@@ -159,6 +159,8 @@ source "fs/Kconfig"
-
- source "arch/m68k/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/mips/Kconfig linux-3.18.5-vs2.3.7.3/arch/mips/Kconfig
---- linux-3.18.5/arch/mips/Kconfig 2015-01-17 02:39:35.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/mips/Kconfig 2015-01-19 10:57:45.000000000 +0000
-@@ -2712,6 +2712,8 @@ source "fs/Kconfig"
-
- source "arch/mips/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/mips/kernel/ptrace.c linux-3.18.5-vs2.3.7.3/arch/mips/kernel/ptrace.c
---- linux-3.18.5/arch/mips/kernel/ptrace.c 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/mips/kernel/ptrace.c 2015-01-19 10:57:45.000000000 +0000
-@@ -29,6 +29,7 @@
- #include <linux/audit.h>
- #include <linux/seccomp.h>
- #include <linux/ftrace.h>
-+#include <linux/vs_base.h>
-
- #include <asm/byteorder.h>
- #include <asm/cpu.h>
-@@ -544,6 +545,9 @@ long arch_ptrace(struct task_struct *chi
- void __user *datavp = (void __user *) data;
- unsigned long __user *datalp = (void __user *) data;
-
-+ if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
-+ goto out;
-+
- switch (request) {
- /* when I and D space are separate, these will need to be fixed. */
- case PTRACE_PEEKTEXT: /* read word at location addr. */
-diff -NurpP --minimal linux-3.18.5/arch/mips/kernel/scall32-o32.S linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall32-o32.S
---- linux-3.18.5/arch/mips/kernel/scall32-o32.S 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall32-o32.S 2015-01-19 10:57:45.000000000 +0000
-@@ -501,7 +501,7 @@ EXPORT(sys_call_table)
- PTR sys_mq_timedreceive
- PTR sys_mq_notify /* 4275 */
- PTR sys_mq_getsetattr
-- PTR sys_ni_syscall /* sys_vserver */
-+ PTR sys_vserver
- PTR sys_waitid
- PTR sys_ni_syscall /* available, was setaltroot */
- PTR sys_add_key /* 4280 */
-diff -NurpP --minimal linux-3.18.5/arch/mips/kernel/scall64-64.S linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall64-64.S
---- linux-3.18.5/arch/mips/kernel/scall64-64.S 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall64-64.S 2015-01-19 10:57:45.000000000 +0000
-@@ -355,7 +355,7 @@ EXPORT(sys_call_table)
- PTR sys_mq_timedreceive
- PTR sys_mq_notify
- PTR sys_mq_getsetattr /* 5235 */
-- PTR sys_ni_syscall /* sys_vserver */
-+ PTR sys_vserver
- PTR sys_waitid
- PTR sys_ni_syscall /* available, was setaltroot */
- PTR sys_add_key
-diff -NurpP --minimal linux-3.18.5/arch/mips/kernel/scall64-n32.S linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall64-n32.S
---- linux-3.18.5/arch/mips/kernel/scall64-n32.S 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall64-n32.S 2015-01-19 10:57:45.000000000 +0000
-@@ -348,7 +348,7 @@ EXPORT(sysn32_call_table)
- PTR compat_sys_mq_timedreceive
- PTR compat_sys_mq_notify
- PTR compat_sys_mq_getsetattr
-- PTR sys_ni_syscall /* 6240, sys_vserver */
-+ PTR sys32_vserver /* 6240 */
- PTR compat_sys_waitid
- PTR sys_ni_syscall /* available, was setaltroot */
- PTR sys_add_key
-diff -NurpP --minimal linux-3.18.5/arch/mips/kernel/scall64-o32.S linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall64-o32.S
---- linux-3.18.5/arch/mips/kernel/scall64-o32.S 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/mips/kernel/scall64-o32.S 2015-01-19 10:57:45.000000000 +0000
-@@ -486,7 +486,7 @@ EXPORT(sys32_call_table)
- PTR compat_sys_mq_timedreceive
- PTR compat_sys_mq_notify /* 4275 */
- PTR compat_sys_mq_getsetattr
-- PTR sys_ni_syscall /* sys_vserver */
-+ PTR sys32_vserver
- PTR compat_sys_waitid
- PTR sys_ni_syscall /* available, was setaltroot */
- PTR sys_add_key /* 4280 */
-diff -NurpP --minimal linux-3.18.5/arch/mips/kernel/traps.c linux-3.18.5-vs2.3.7.3/arch/mips/kernel/traps.c
---- linux-3.18.5/arch/mips/kernel/traps.c 2015-01-16 22:18:20.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/mips/kernel/traps.c 2015-01-19 10:57:45.000000000 +0000
-@@ -341,9 +341,10 @@ void show_registers(struct pt_regs *regs
-
- __show_regs(regs);
- print_modules();
-- printk("Process %s (pid: %d, threadinfo=%p, task=%p, tls=%0*lx)\n",
-- current->comm, current->pid, current_thread_info(), current,
-- field, current_thread_info()->tp_value);
-+ printk("Process %s (pid: %d:#%u, threadinfo=%p, task=%p, tls=%0*lx)\n",
-+ current->comm, task_pid_nr(current), current->xid,
-+ current_thread_info(), current,
-+ field, current_thread_info()->tp_value);
- if (cpu_has_userlocal) {
- unsigned long tls;
-
-diff -NurpP --minimal linux-3.18.5/arch/parisc/Kconfig linux-3.18.5-vs2.3.7.3/arch/parisc/Kconfig
---- linux-3.18.5/arch/parisc/Kconfig 2015-01-16 22:18:21.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/parisc/Kconfig 2015-01-19 10:57:45.000000000 +0000
-@@ -337,6 +337,8 @@ config SECCOMP
-
- If unsure, say Y. Only embedded should say N here.
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/parisc/kernel/syscall_table.S linux-3.18.5-vs2.3.7.3/arch/parisc/kernel/syscall_table.S
---- linux-3.18.5/arch/parisc/kernel/syscall_table.S 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/parisc/kernel/syscall_table.S 2015-01-19 10:57:45.000000000 +0000
-@@ -358,7 +358,7 @@
- ENTRY_COMP(mbind) /* 260 */
- ENTRY_COMP(get_mempolicy)
- ENTRY_COMP(set_mempolicy)
-- ENTRY_SAME(ni_syscall) /* 263: reserved for vserver */
-+ ENTRY_DIFF(vserver)
- ENTRY_SAME(add_key)
- ENTRY_SAME(request_key) /* 265 */
- ENTRY_SAME(keyctl)
-diff -NurpP --minimal linux-3.18.5/arch/parisc/kernel/traps.c linux-3.18.5-vs2.3.7.3/arch/parisc/kernel/traps.c
---- linux-3.18.5/arch/parisc/kernel/traps.c 2014-06-12 13:01:26.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/parisc/kernel/traps.c 2015-01-19 10:57:45.000000000 +0000
-@@ -239,8 +239,9 @@ void die_if_kernel(char *str, struct pt_
- return; /* STFU */
-
- parisc_printk_ratelimited(1, regs,
-- KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
-- current->comm, task_pid_nr(current), str, err, regs->iaoq[0]);
-+ KERN_CRIT "%s (pid %d:#%u): %s (code %ld) at " RFMT "\n",
-+ current->comm, task_pid_nr(current), current->xid,
-+ str, err, regs->iaoq[0]);
-
- return;
- }
-@@ -270,8 +271,8 @@ void die_if_kernel(char *str, struct pt_
- pdc_console_restart();
-
- if (err)
-- printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
-- current->comm, task_pid_nr(current), str, err);
-+ printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld)\n",
-+ current->comm, task_pid_nr(current), current->xid, str, err);
-
- /* Wot's wrong wif bein' racy? */
- if (current->thread.flags & PARISC_KERNEL_DEATH) {
-diff -NurpP --minimal linux-3.18.5/arch/powerpc/Kconfig linux-3.18.5-vs2.3.7.3/arch/powerpc/Kconfig
---- linux-3.18.5/arch/powerpc/Kconfig 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/powerpc/Kconfig 2015-01-19 10:57:46.000000000 +0000
-@@ -1068,6 +1068,8 @@ source "lib/Kconfig"
-
- source "arch/powerpc/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- config KEYS_COMPAT
-diff -NurpP --minimal linux-3.18.5/arch/powerpc/include/uapi/asm/unistd.h linux-3.18.5-vs2.3.7.3/arch/powerpc/include/uapi/asm/unistd.h
---- linux-3.18.5/arch/powerpc/include/uapi/asm/unistd.h 2015-01-17 02:39:36.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/powerpc/include/uapi/asm/unistd.h 2015-01-19 10:57:46.000000000 +0000
-@@ -275,7 +275,7 @@
- #endif
- #define __NR_rtas 255
- #define __NR_sys_debug_setcontext 256
--/* Number 257 is reserved for vserver */
-+#define __NR_vserver 257
- #define __NR_migrate_pages 258
- #define __NR_mbind 259
- #define __NR_get_mempolicy 260
-diff -NurpP --minimal linux-3.18.5/arch/powerpc/kernel/traps.c linux-3.18.5-vs2.3.7.3/arch/powerpc/kernel/traps.c
---- linux-3.18.5/arch/powerpc/kernel/traps.c 2015-01-16 22:18:21.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/powerpc/kernel/traps.c 2015-01-19 10:57:46.000000000 +0000
-@@ -1313,8 +1313,9 @@ void nonrecoverable_exception(struct pt_
-
- void trace_syscall(struct pt_regs *regs)
- {
-- printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
-- current, task_pid_nr(current), regs->nip, regs->link, regs->gpr[0],
-+ printk("Task: %p(%d:#%u), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
-+ current, task_pid_nr(current), current->xid,
-+ regs->nip, regs->link, regs->gpr[0],
- regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted());
- }
-
-diff -NurpP --minimal linux-3.18.5/arch/s390/Kconfig linux-3.18.5-vs2.3.7.3/arch/s390/Kconfig
---- linux-3.18.5/arch/s390/Kconfig 2015-01-17 02:39:40.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/s390/Kconfig 2015-01-19 10:57:46.000000000 +0000
-@@ -652,6 +652,8 @@ source "fs/Kconfig"
-
- source "arch/s390/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/s390/include/asm/tlb.h linux-3.18.5-vs2.3.7.3/arch/s390/include/asm/tlb.h
---- linux-3.18.5/arch/s390/include/asm/tlb.h 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/s390/include/asm/tlb.h 2015-01-19 10:57:46.000000000 +0000
-@@ -24,6 +24,7 @@
- #include <linux/mm.h>
- #include <linux/pagemap.h>
- #include <linux/swap.h>
-+
- #include <asm/processor.h>
- #include <asm/pgalloc.h>
- #include <asm/tlbflush.h>
-diff -NurpP --minimal linux-3.18.5/arch/s390/include/uapi/asm/unistd.h linux-3.18.5-vs2.3.7.3/arch/s390/include/uapi/asm/unistd.h
---- linux-3.18.5/arch/s390/include/uapi/asm/unistd.h 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/s390/include/uapi/asm/unistd.h 2015-01-19 10:57:46.000000000 +0000
-@@ -200,7 +200,7 @@
- #define __NR_clock_gettime (__NR_timer_create+6)
- #define __NR_clock_getres (__NR_timer_create+7)
- #define __NR_clock_nanosleep (__NR_timer_create+8)
--/* Number 263 is reserved for vserver */
-+#define __NR_vserver 263
- #define __NR_statfs64 265
- #define __NR_fstatfs64 266
- #define __NR_remap_file_pages 267
-diff -NurpP --minimal linux-3.18.5/arch/s390/kernel/ptrace.c linux-3.18.5-vs2.3.7.3/arch/s390/kernel/ptrace.c
---- linux-3.18.5/arch/s390/kernel/ptrace.c 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/s390/kernel/ptrace.c 2015-01-19 10:57:46.000000000 +0000
-@@ -21,6 +21,7 @@
- #include <linux/tracehook.h>
- #include <linux/seccomp.h>
- #include <linux/compat.h>
-+#include <linux/vs_base.h>
- #include <trace/syscall.h>
- #include <asm/segment.h>
- #include <asm/page.h>
-diff -NurpP --minimal linux-3.18.5/arch/s390/kernel/syscalls.S linux-3.18.5-vs2.3.7.3/arch/s390/kernel/syscalls.S
---- linux-3.18.5/arch/s390/kernel/syscalls.S 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/s390/kernel/syscalls.S 2015-01-19 11:00:51.000000000 +0000
-@@ -271,7 +271,7 @@ SYSCALL(sys_clock_settime,sys_clock_sett
- SYSCALL(sys_clock_gettime,sys_clock_gettime,compat_sys_clock_gettime) /* 260 */
- SYSCALL(sys_clock_getres,sys_clock_getres,compat_sys_clock_getres)
- SYSCALL(sys_clock_nanosleep,sys_clock_nanosleep,compat_sys_clock_nanosleep)
--NI_SYSCALL /* reserved for vserver */
-+SYSCALL(sys_vserver,sys_vserver,sys32_vserver)
- SYSCALL(sys_s390_fadvise64_64,sys_ni_syscall,compat_sys_s390_fadvise64_64)
- SYSCALL(sys_statfs64,sys_statfs64,compat_sys_statfs64)
- SYSCALL(sys_fstatfs64,sys_fstatfs64,compat_sys_fstatfs64)
-diff -NurpP --minimal linux-3.18.5/arch/sh/Kconfig linux-3.18.5-vs2.3.7.3/arch/sh/Kconfig
---- linux-3.18.5/arch/sh/Kconfig 2015-01-16 22:18:23.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/sh/Kconfig 2015-01-19 10:57:46.000000000 +0000
-@@ -878,6 +878,8 @@ source "fs/Kconfig"
-
- source "arch/sh/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/sh/kernel/irq.c linux-3.18.5-vs2.3.7.3/arch/sh/kernel/irq.c
---- linux-3.18.5/arch/sh/kernel/irq.c 2014-06-12 13:01:29.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/sh/kernel/irq.c 2015-01-19 10:57:46.000000000 +0000
-@@ -14,6 +14,7 @@
- #include <linux/ftrace.h>
- #include <linux/delay.h>
- #include <linux/ratelimit.h>
-+// #include <linux/vs_context.h>
- #include <asm/processor.h>
- #include <asm/machvec.h>
- #include <asm/uaccess.h>
-diff -NurpP --minimal linux-3.18.5/arch/sparc/Kconfig linux-3.18.5-vs2.3.7.3/arch/sparc/Kconfig
---- linux-3.18.5/arch/sparc/Kconfig 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/sparc/Kconfig 2015-01-19 10:57:46.000000000 +0000
-@@ -557,6 +557,8 @@ source "fs/Kconfig"
-
- source "arch/sparc/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/sparc/include/uapi/asm/unistd.h linux-3.18.5-vs2.3.7.3/arch/sparc/include/uapi/asm/unistd.h
---- linux-3.18.5/arch/sparc/include/uapi/asm/unistd.h 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/sparc/include/uapi/asm/unistd.h 2015-01-19 10:57:46.000000000 +0000
-@@ -332,7 +332,7 @@
- #define __NR_timer_getoverrun 264
- #define __NR_timer_delete 265
- #define __NR_timer_create 266
--/* #define __NR_vserver 267 Reserved for VSERVER */
-+#define __NR_vserver 267
- #define __NR_io_setup 268
- #define __NR_io_destroy 269
- #define __NR_io_submit 270
-diff -NurpP --minimal linux-3.18.5/arch/sparc/kernel/systbls_32.S linux-3.18.5-vs2.3.7.3/arch/sparc/kernel/systbls_32.S
---- linux-3.18.5/arch/sparc/kernel/systbls_32.S 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/sparc/kernel/systbls_32.S 2015-01-19 10:57:46.000000000 +0000
-@@ -70,7 +70,7 @@ sys_call_table:
- /*250*/ .long sys_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_ni_syscall
- /*255*/ .long sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
- /*260*/ .long sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
--/*265*/ .long sys_timer_delete, sys_timer_create, sys_nis_syscall, sys_io_setup, sys_io_destroy
-+/*265*/ .long sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
- /*270*/ .long sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
- /*275*/ .long sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
- /*280*/ .long sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
-diff -NurpP --minimal linux-3.18.5/arch/sparc/kernel/systbls_64.S linux-3.18.5-vs2.3.7.3/arch/sparc/kernel/systbls_64.S
---- linux-3.18.5/arch/sparc/kernel/systbls_64.S 2015-01-17 02:39:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/sparc/kernel/systbls_64.S 2015-01-19 10:57:46.000000000 +0000
-@@ -71,7 +71,7 @@ sys_call_table32:
- /*250*/ .word sys_mremap, compat_sys_sysctl, sys_getsid, sys_fdatasync, sys_nis_syscall
- .word sys32_sync_file_range, compat_sys_clock_settime, compat_sys_clock_gettime, compat_sys_clock_getres, sys32_clock_nanosleep
- /*260*/ .word compat_sys_sched_getaffinity, compat_sys_sched_setaffinity, sys32_timer_settime, compat_sys_timer_gettime, sys_timer_getoverrun
-- .word sys_timer_delete, compat_sys_timer_create, sys_ni_syscall, compat_sys_io_setup, sys_io_destroy
-+ .word sys_timer_delete, compat_sys_timer_create, sys32_vserver, compat_sys_io_setup, sys_io_destroy
- /*270*/ .word sys32_io_submit, sys_io_cancel, compat_sys_io_getevents, sys32_mq_open, sys_mq_unlink
- .word compat_sys_mq_timedsend, compat_sys_mq_timedreceive, compat_sys_mq_notify, compat_sys_mq_getsetattr, compat_sys_waitid
- /*280*/ .word sys_tee, sys_add_key, sys_request_key, compat_sys_keyctl, compat_sys_openat
-@@ -150,7 +150,7 @@ sys_call_table:
- /*250*/ .word sys_64_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nis_syscall
- .word sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
- /*260*/ .word sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
-- .word sys_timer_delete, sys_timer_create, sys_ni_syscall, sys_io_setup, sys_io_destroy
-+ .word sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
- /*270*/ .word sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
- .word sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
- /*280*/ .word sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
-diff -NurpP --minimal linux-3.18.5/arch/um/Kconfig.rest linux-3.18.5-vs2.3.7.3/arch/um/Kconfig.rest
---- linux-3.18.5/arch/um/Kconfig.rest 2012-12-11 03:30:57.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/um/Kconfig.rest 2015-01-19 10:57:46.000000000 +0000
-@@ -12,6 +12,8 @@ source "arch/um/Kconfig.net"
-
- source "fs/Kconfig"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/x86/Kconfig linux-3.18.5-vs2.3.7.3/arch/x86/Kconfig
---- linux-3.18.5/arch/x86/Kconfig 2015-02-05 18:02:39.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/x86/Kconfig 2015-02-05 18:08:00.000000000 +0000
-@@ -2506,6 +2506,8 @@ source "fs/Kconfig"
-
- source "arch/x86/Kconfig.debug"
-
-+source "kernel/vserver/Kconfig"
-+
- source "security/Kconfig"
-
- source "crypto/Kconfig"
-diff -NurpP --minimal linux-3.18.5/arch/x86/syscalls/syscall_32.tbl linux-3.18.5-vs2.3.7.3/arch/x86/syscalls/syscall_32.tbl
---- linux-3.18.5/arch/x86/syscalls/syscall_32.tbl 2015-01-17 02:39:43.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/x86/syscalls/syscall_32.tbl 2015-01-19 10:57:46.000000000 +0000
-@@ -279,7 +279,7 @@
- 270 i386 tgkill sys_tgkill
- 271 i386 utimes sys_utimes compat_sys_utimes
- 272 i386 fadvise64_64 sys_fadvise64_64 sys32_fadvise64_64
--273 i386 vserver
-+273 i386 vserver sys_vserver sys32_vserver
- 274 i386 mbind sys_mbind
- 275 i386 get_mempolicy sys_get_mempolicy compat_sys_get_mempolicy
- 276 i386 set_mempolicy sys_set_mempolicy
-diff -NurpP --minimal linux-3.18.5/arch/x86/syscalls/syscall_64.tbl linux-3.18.5-vs2.3.7.3/arch/x86/syscalls/syscall_64.tbl
---- linux-3.18.5/arch/x86/syscalls/syscall_64.tbl 2015-01-17 02:39:43.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/arch/x86/syscalls/syscall_64.tbl 2015-01-19 10:57:46.000000000 +0000
-@@ -242,7 +242,7 @@
- 233 common epoll_ctl sys_epoll_ctl
- 234 common tgkill sys_tgkill
- 235 common utimes sys_utimes
--236 64 vserver
-+236 64 vserver sys_vserver
- 237 common mbind sys_mbind
- 238 common set_mempolicy sys_set_mempolicy
- 239 common get_mempolicy sys_get_mempolicy
-diff -NurpP --minimal linux-3.18.5/block/ioprio.c linux-3.18.5-vs2.3.7.3/block/ioprio.c
---- linux-3.18.5/block/ioprio.c 2015-01-17 02:39:43.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/block/ioprio.c 2015-01-19 13:00:07.000000000 +0000
-@@ -28,6 +28,7 @@
- #include <linux/syscalls.h>
- #include <linux/security.h>
- #include <linux/pid_namespace.h>
-+#include <linux/vs_base.h>
-
- int set_task_ioprio(struct task_struct *task, int ioprio)
- {
-@@ -105,6 +106,8 @@ SYSCALL_DEFINE3(ioprio_set, int, which,
- else
- pgrp = find_vpid(who);
- do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
-+ if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
-+ continue;
- ret = set_task_ioprio(p, ioprio);
- if (ret)
- break;
-@@ -200,6 +203,8 @@ SYSCALL_DEFINE2(ioprio_get, int, which,
- else
- pgrp = find_vpid(who);
- do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
-+ if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
-+ continue;
- tmpio = get_task_ioprio(p);
- if (tmpio < 0)
- continue;
-diff -NurpP --minimal linux-3.18.5/drivers/block/Kconfig linux-3.18.5-vs2.3.7.3/drivers/block/Kconfig
---- linux-3.18.5/drivers/block/Kconfig 2014-06-12 11:33:19.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/block/Kconfig 2015-01-19 10:57:46.000000000 +0000
-@@ -283,6 +283,13 @@ config BLK_DEV_CRYPTOLOOP
-
- source "drivers/block/drbd/Kconfig"
-
-+config BLK_DEV_VROOT
-+ tristate "Virtual Root device support"
-+ depends on QUOTACTL
-+ ---help---
-+ Saying Y here will allow you to use quota/fs ioctls on a shared
-+ partition within a virtual server without compromising security.
-+
- config BLK_DEV_NBD
- tristate "Network block device support"
- depends on NET
-diff -NurpP --minimal linux-3.18.5/drivers/block/Makefile linux-3.18.5-vs2.3.7.3/drivers/block/Makefile
---- linux-3.18.5/drivers/block/Makefile 2014-06-12 11:33:19.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/block/Makefile 2015-01-19 10:57:46.000000000 +0000
-@@ -33,6 +33,7 @@ obj-$(CONFIG_VIRTIO_BLK) += virtio_blk.o
-
- obj-$(CONFIG_BLK_DEV_SX8) += sx8.o
- obj-$(CONFIG_BLK_DEV_HD) += hd.o
-+obj-$(CONFIG_BLK_DEV_VROOT) += vroot.o
-
- obj-$(CONFIG_XEN_BLKDEV_FRONTEND) += xen-blkfront.o
- obj-$(CONFIG_XEN_BLKDEV_BACKEND) += xen-blkback/
-diff -NurpP --minimal linux-3.18.5/drivers/block/loop.c linux-3.18.5-vs2.3.7.3/drivers/block/loop.c
---- linux-3.18.5/drivers/block/loop.c 2014-09-03 13:18:40.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/block/loop.c 2015-01-19 10:57:46.000000000 +0000
-@@ -75,6 +75,7 @@
- #include <linux/sysfs.h>
- #include <linux/miscdevice.h>
- #include <linux/falloc.h>
-+#include <linux/vs_context.h>
- #include "loop.h"
-
- #include <asm/uaccess.h>
-@@ -885,6 +886,7 @@ static int loop_set_fd(struct loop_devic
- lo->lo_blocksize = lo_blocksize;
- lo->lo_device = bdev;
- lo->lo_flags = lo_flags;
-+ lo->lo_xid = vx_current_xid();
- lo->lo_backing_file = file;
- lo->transfer = transfer_none;
- lo->ioctl = NULL;
-@@ -1029,6 +1031,7 @@ static int loop_clr_fd(struct loop_devic
- lo->lo_sizelimit = 0;
- lo->lo_encrypt_key_size = 0;
- lo->lo_thread = NULL;
-+ lo->lo_xid = 0;
- memset(lo->lo_encrypt_key, 0, LO_KEY_SIZE);
- memset(lo->lo_crypt_name, 0, LO_NAME_SIZE);
- memset(lo->lo_file_name, 0, LO_NAME_SIZE);
-@@ -1072,7 +1075,7 @@ loop_set_status(struct loop_device *lo,
-
- if (lo->lo_encrypt_key_size &&
- !uid_eq(lo->lo_key_owner, uid) &&
-- !capable(CAP_SYS_ADMIN))
-+ !vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP))
- return -EPERM;
- if (lo->lo_state != Lo_bound)
- return -ENXIO;
-@@ -1162,7 +1165,8 @@ loop_get_status(struct loop_device *lo,
- memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE);
- info->lo_encrypt_type =
- lo->lo_encryption ? lo->lo_encryption->number : 0;
-- if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) {
-+ if (lo->lo_encrypt_key_size &&
-+ vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP)) {
- info->lo_encrypt_key_size = lo->lo_encrypt_key_size;
- memcpy(info->lo_encrypt_key, lo->lo_encrypt_key,
- lo->lo_encrypt_key_size);
-@@ -1504,6 +1508,11 @@ static int lo_open(struct block_device *
- goto out;
- }
-
-+ if (!vx_check(lo->lo_xid, VS_IDENT|VS_HOSTID|VS_ADMIN_P)) {
-+ err = -EACCES;
-+ goto out;
-+ }
-+
- mutex_lock(&lo->lo_ctl_mutex);
- lo->lo_refcnt++;
- mutex_unlock(&lo->lo_ctl_mutex);
-diff -NurpP --minimal linux-3.18.5/drivers/block/loop.h linux-3.18.5-vs2.3.7.3/drivers/block/loop.h
---- linux-3.18.5/drivers/block/loop.h 2013-11-25 15:44:28.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/block/loop.h 2015-01-19 10:57:46.000000000 +0000
-@@ -41,6 +41,7 @@ struct loop_device {
- struct loop_func_table *lo_encryption;
- __u32 lo_init[2];
- kuid_t lo_key_owner; /* Who set the key */
-+ vxid_t lo_xid;
- int (*ioctl)(struct loop_device *, int cmd,
- unsigned long arg);
-
-diff -NurpP --minimal linux-3.18.5/drivers/block/vroot.c linux-3.18.5-vs2.3.7.3/drivers/block/vroot.c
---- linux-3.18.5/drivers/block/vroot.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/block/vroot.c 2015-01-19 10:57:46.000000000 +0000
-@@ -0,0 +1,290 @@
-+/*
-+ * linux/drivers/block/vroot.c
-+ *
-+ * written by Herbert P�tzl, 9/11/2002
-+ * ported to 2.6.10 by Herbert P�tzl, 30/12/2004
-+ *
-+ * based on the loop.c code by Theodore Ts'o.
-+ *
-+ * Copyright (C) 2002-2007 by Herbert P�tzl.
-+ * Redistribution of this file is permitted under the
-+ * GNU General Public License.
-+ *
-+ */
-+
-+#include <linux/module.h>
-+#include <linux/moduleparam.h>
-+#include <linux/file.h>
-+#include <linux/major.h>
-+#include <linux/blkdev.h>
-+#include <linux/slab.h>
-+
-+#include <linux/vroot.h>
-+#include <linux/vs_context.h>
-+
-+
-+static int max_vroot = 8;
-+
-+static struct vroot_device *vroot_dev;
-+static struct gendisk **disks;
-+
-+
-+static int vroot_set_dev(
-+ struct vroot_device *vr,
-+ struct block_device *bdev,
-+ unsigned int arg)
-+{
-+ struct block_device *real_bdev;
-+ struct file *file;
-+ struct inode *inode;
-+ int error;
-+
-+ error = -EBUSY;
-+ if (vr->vr_state != Vr_unbound)
-+ goto out;
-+
-+ error = -EBADF;
-+ file = fget(arg);
-+ if (!file)
-+ goto out;
-+
-+ error = -EINVAL;
-+ inode = file->f_dentry->d_inode;
-+
-+
-+ if (S_ISBLK(inode->i_mode)) {
-+ real_bdev = inode->i_bdev;
-+ vr->vr_device = real_bdev;
-+ __iget(real_bdev->bd_inode);
-+ } else
-+ goto out_fput;
-+
-+ vxdprintk(VXD_CBIT(misc, 0),
-+ "vroot[%d]_set_dev: dev=" VXF_DEV,
-+ vr->vr_number, VXD_DEV(real_bdev));
-+
-+ vr->vr_state = Vr_bound;
-+ error = 0;
-+
-+ out_fput:
-+ fput(file);
-+ out:
-+ return error;
-+}
-+
-+static int vroot_clr_dev(
-+ struct vroot_device *vr,
-+ struct block_device *bdev)
-+{
-+ struct block_device *real_bdev;
-+
-+ if (vr->vr_state != Vr_bound)
-+ return -ENXIO;
-+ if (vr->vr_refcnt > 1) /* we needed one fd for the ioctl */
-+ return -EBUSY;
-+
-+ real_bdev = vr->vr_device;
-+
-+ vxdprintk(VXD_CBIT(misc, 0),
-+ "vroot[%d]_clr_dev: dev=" VXF_DEV,
-+ vr->vr_number, VXD_DEV(real_bdev));
-+
-+ bdput(real_bdev);
-+ vr->vr_state = Vr_unbound;
-+ vr->vr_device = NULL;
-+ return 0;
-+}
-+
-+
-+static int vr_ioctl(struct block_device *bdev, fmode_t mode,
-+ unsigned int cmd, unsigned long arg)
-+{
-+ struct vroot_device *vr = bdev->bd_disk->private_data;
-+ int err;
-+
-+ down(&vr->vr_ctl_mutex);
-+ switch (cmd) {
-+ case VROOT_SET_DEV:
-+ err = vroot_set_dev(vr, bdev, arg);
-+ break;
-+ case VROOT_CLR_DEV:
-+ err = vroot_clr_dev(vr, bdev);
-+ break;
-+ default:
-+ err = -EINVAL;
-+ break;
-+ }
-+ up(&vr->vr_ctl_mutex);
-+ return err;
-+}
-+
-+static int vr_open(struct block_device *bdev, fmode_t mode)
-+{
-+ struct vroot_device *vr = bdev->bd_disk->private_data;
-+
-+ down(&vr->vr_ctl_mutex);
-+ vr->vr_refcnt++;
-+ up(&vr->vr_ctl_mutex);
-+ return 0;
-+}
-+
-+static void vr_release(struct gendisk *disk, fmode_t mode)
-+{
-+ struct vroot_device *vr = disk->private_data;
-+
-+ down(&vr->vr_ctl_mutex);
-+ --vr->vr_refcnt;
-+ up(&vr->vr_ctl_mutex);
-+}
-+
-+static struct block_device_operations vr_fops = {
-+ .owner = THIS_MODULE,
-+ .open = vr_open,
-+ .release = vr_release,
-+ .ioctl = vr_ioctl,
-+};
-+
-+static void vroot_make_request(struct request_queue *q, struct bio *bio)
-+{
-+ printk("vroot_make_request %p, %p\n", q, bio);
-+ bio_io_error(bio);
-+}
-+
-+struct block_device *__vroot_get_real_bdev(struct block_device *bdev)
-+{
-+ struct inode *inode = bdev->bd_inode;
-+ struct vroot_device *vr;
-+ struct block_device *real_bdev;
-+ int minor = iminor(inode);
-+
-+ vr = &vroot_dev[minor];
-+ real_bdev = vr->vr_device;
-+
-+ vxdprintk(VXD_CBIT(misc, 0),
-+ "vroot[%d]_get_real_bdev: dev=" VXF_DEV,
-+ vr->vr_number, VXD_DEV(real_bdev));
-+
-+ if (vr->vr_state != Vr_bound)
-+ return ERR_PTR(-ENXIO);
-+
-+ __iget(real_bdev->bd_inode);
-+ return real_bdev;
-+}
-+
-+
-+
-+/*
-+ * And now the modules code and kernel interface.
-+ */
-+
-+module_param(max_vroot, int, 0);
-+
-+MODULE_PARM_DESC(max_vroot, "Maximum number of vroot devices (1-256)");
-+MODULE_LICENSE("GPL");
-+MODULE_ALIAS_BLOCKDEV_MAJOR(VROOT_MAJOR);
-+
-+MODULE_AUTHOR ("Herbert P�tzl");
-+MODULE_DESCRIPTION ("Virtual Root Device Mapper");
-+
-+
-+int __init vroot_init(void)
-+{
-+ int err, i;
-+
-+ if (max_vroot < 1 || max_vroot > 256) {
-+ max_vroot = MAX_VROOT_DEFAULT;
-+ printk(KERN_WARNING "vroot: invalid max_vroot "
-+ "(must be between 1 and 256), "
-+ "using default (%d)\n", max_vroot);
-+ }
-+
-+ if (register_blkdev(VROOT_MAJOR, "vroot"))
-+ return -EIO;
-+
-+ err = -ENOMEM;
-+ vroot_dev = kmalloc(max_vroot * sizeof(struct vroot_device), GFP_KERNEL);
-+ if (!vroot_dev)
-+ goto out_mem1;
-+ memset(vroot_dev, 0, max_vroot * sizeof(struct vroot_device));
-+
-+ disks = kmalloc(max_vroot * sizeof(struct gendisk *), GFP_KERNEL);
-+ if (!disks)
-+ goto out_mem2;
-+
-+ for (i = 0; i < max_vroot; i++) {
-+ disks[i] = alloc_disk(1);
-+ if (!disks[i])
-+ goto out_mem3;
-+ disks[i]->queue = blk_alloc_queue(GFP_KERNEL);
-+ if (!disks[i]->queue)
-+ goto out_mem3;
-+ blk_queue_make_request(disks[i]->queue, vroot_make_request);
-+ }
-+
-+ for (i = 0; i < max_vroot; i++) {
-+ struct vroot_device *vr = &vroot_dev[i];
-+ struct gendisk *disk = disks[i];
-+
-+ memset(vr, 0, sizeof(*vr));
-+ sema_init(&vr->vr_ctl_mutex, 1);
-+ vr->vr_number = i;
-+ disk->major = VROOT_MAJOR;
-+ disk->first_minor = i;
-+ disk->fops = &vr_fops;
-+ sprintf(disk->disk_name, "vroot%d", i);
-+ disk->private_data = vr;
-+ }
-+
-+ err = register_vroot_grb(&__vroot_get_real_bdev);
-+ if (err)
-+ goto out_mem3;
-+
-+ for (i = 0; i < max_vroot; i++)
-+ add_disk(disks[i]);
-+ printk(KERN_INFO "vroot: loaded (max %d devices)\n", max_vroot);
-+ return 0;
-+
-+out_mem3:
-+ while (i--)
-+ put_disk(disks[i]);
-+ kfree(disks);
-+out_mem2:
-+ kfree(vroot_dev);
-+out_mem1:
-+ unregister_blkdev(VROOT_MAJOR, "vroot");
-+ printk(KERN_ERR "vroot: ran out of memory\n");
-+ return err;
-+}
-+
-+void vroot_exit(void)
-+{
-+ int i;
-+
-+ if (unregister_vroot_grb(&__vroot_get_real_bdev))
-+ printk(KERN_WARNING "vroot: cannot unregister grb\n");
-+
-+ for (i = 0; i < max_vroot; i++) {
-+ del_gendisk(disks[i]);
-+ put_disk(disks[i]);
-+ }
-+ unregister_blkdev(VROOT_MAJOR, "vroot");
-+
-+ kfree(disks);
-+ kfree(vroot_dev);
-+}
-+
-+module_init(vroot_init);
-+module_exit(vroot_exit);
-+
-+#ifndef MODULE
-+
-+static int __init max_vroot_setup(char *str)
-+{
-+ max_vroot = simple_strtol(str, NULL, 0);
-+ return 1;
-+}
-+
-+__setup("max_vroot=", max_vroot_setup);
-+
-+#endif
-+
-diff -NurpP --minimal linux-3.18.5/drivers/infiniband/core/addr.c linux-3.18.5-vs2.3.7.3/drivers/infiniband/core/addr.c
---- linux-3.18.5/drivers/infiniband/core/addr.c 2014-06-12 11:33:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/infiniband/core/addr.c 2015-01-19 10:57:46.000000000 +0000
-@@ -284,7 +284,7 @@ static int addr6_resolve(struct sockaddr
-
- if (ipv6_addr_any(&fl6.saddr)) {
- ret = ipv6_dev_get_saddr(&init_net, ip6_dst_idev(dst)->dev,
-- &fl6.daddr, 0, &fl6.saddr);
-+ &fl6.daddr, 0, &fl6.saddr, NULL);
- if (ret)
- goto put;
-
-diff -NurpP --minimal linux-3.18.5/drivers/md/dm-ioctl.c linux-3.18.5-vs2.3.7.3/drivers/md/dm-ioctl.c
---- linux-3.18.5/drivers/md/dm-ioctl.c 2015-01-17 02:39:51.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/md/dm-ioctl.c 2015-01-19 10:57:46.000000000 +0000
-@@ -16,6 +16,7 @@
- #include <linux/dm-ioctl.h>
- #include <linux/hdreg.h>
- #include <linux/compat.h>
-+#include <linux/vs_context.h>
-
- #include <asm/uaccess.h>
-
-@@ -114,7 +115,8 @@ static struct hash_cell *__get_name_cell
- unsigned int h = hash_str(str);
-
- list_for_each_entry (hc, _name_buckets + h, name_list)
-- if (!strcmp(hc->name, str)) {
-+ if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
-+ !strcmp(hc->name, str)) {
- dm_get(hc->md);
- return hc;
- }
-@@ -128,7 +130,8 @@ static struct hash_cell *__get_uuid_cell
- unsigned int h = hash_str(str);
-
- list_for_each_entry (hc, _uuid_buckets + h, uuid_list)
-- if (!strcmp(hc->uuid, str)) {
-+ if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
-+ !strcmp(hc->uuid, str)) {
- dm_get(hc->md);
- return hc;
- }
-@@ -139,13 +142,15 @@ static struct hash_cell *__get_uuid_cell
- static struct hash_cell *__get_dev_cell(uint64_t dev)
- {
- struct mapped_device *md;
-- struct hash_cell *hc;
-+ struct hash_cell *hc = NULL;
-
- md = dm_get_md(huge_decode_dev(dev));
- if (!md)
- return NULL;
-
-- hc = dm_get_mdptr(md);
-+ if (vx_check(dm_get_xid(md), VS_WATCH_P | VS_IDENT))
-+ hc = dm_get_mdptr(md);
-+
- if (!hc) {
- dm_put(md);
- return NULL;
-@@ -467,6 +472,9 @@ typedef int (*ioctl_fn)(struct dm_ioctl
-
- static int remove_all(struct dm_ioctl *param, size_t param_size)
- {
-+ if (!vx_check(0, VS_ADMIN))
-+ return -EPERM;
-+
- dm_hash_remove_all(true, !!(param->flags & DM_DEFERRED_REMOVE), false);
- param->data_size = 0;
- return 0;
-@@ -514,6 +522,8 @@ static int list_devices(struct dm_ioctl
- */
- for (i = 0; i < NUM_BUCKETS; i++) {
- list_for_each_entry (hc, _name_buckets + i, name_list) {
-+ if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
-+ continue;
- needed += sizeof(struct dm_name_list);
- needed += strlen(hc->name) + 1;
- needed += ALIGN_MASK;
-@@ -537,6 +547,8 @@ static int list_devices(struct dm_ioctl
- */
- for (i = 0; i < NUM_BUCKETS; i++) {
- list_for_each_entry (hc, _name_buckets + i, name_list) {
-+ if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
-+ continue;
- if (old_nl)
- old_nl->next = (uint32_t) ((void *) nl -
- (void *) old_nl);
-@@ -1797,8 +1809,8 @@ static int ctl_ioctl(uint command, struc
- size_t input_param_size;
- struct dm_ioctl param_kernel;
-
-- /* only root can play with this */
-- if (!capable(CAP_SYS_ADMIN))
-+ /* only root and certain contexts can play with this */
-+ if (!vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_MAPPER))
- return -EACCES;
-
- if (_IOC_TYPE(command) != DM_IOCTL)
-diff -NurpP --minimal linux-3.18.5/drivers/md/dm.c linux-3.18.5-vs2.3.7.3/drivers/md/dm.c
---- linux-3.18.5/drivers/md/dm.c 2015-02-05 18:02:42.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/md/dm.c 2015-01-28 11:48:02.000000000 +0000
-@@ -19,6 +19,7 @@
- #include <linux/idr.h>
- #include <linux/hdreg.h>
- #include <linux/delay.h>
-+#include <linux/vs_base.h>
-
- #include <trace/events/block.h>
-
-@@ -134,6 +135,7 @@ struct mapped_device {
- struct mutex suspend_lock;
- atomic_t holders;
- atomic_t open_count;
-+ vxid_t xid;
-
- /*
- * The current mapping.
-@@ -397,6 +399,7 @@ int dm_deleting_md(struct mapped_device
- static int dm_blk_open(struct block_device *bdev, fmode_t mode)
- {
- struct mapped_device *md;
-+ int ret = -ENXIO;
-
- spin_lock(&_minor_lock);
-
-@@ -405,18 +408,19 @@ static int dm_blk_open(struct block_devi
- goto out;
-
- if (test_bit(DMF_FREEING, &md->flags) ||
-- dm_deleting_md(md)) {
-- md = NULL;
-+ dm_deleting_md(md))
-+ goto out;
-+
-+ ret = -EACCES;
-+ if (!vx_check(md->xid, VS_IDENT|VS_HOSTID))
- goto out;
-- }
-
- dm_get(md);
- atomic_inc(&md->open_count);
--
-+ ret = 0;
- out:
- spin_unlock(&_minor_lock);
--
-- return md ? 0 : -ENXIO;
-+ return ret;
- }
-
- static void dm_blk_close(struct gendisk *disk, fmode_t mode)
-@@ -819,6 +823,14 @@ int dm_set_geometry(struct mapped_device
- return 0;
- }
-
-+/*
-+ * Get the xid associated with a dm device
-+ */
-+vxid_t dm_get_xid(struct mapped_device *md)
-+{
-+ return md->xid;
-+}
-+
- /*-----------------------------------------------------------------
- * CRUD START:
- * A more elegant soln is in the works that uses the queue
-@@ -2077,6 +2089,7 @@ static struct mapped_device *alloc_dev(i
- INIT_LIST_HEAD(&md->table_devices);
- spin_lock_init(&md->uevent_lock);
-
-+ md->xid = vx_current_xid();
- md->queue = blk_alloc_queue(GFP_KERNEL);
- if (!md->queue)
- goto bad_queue;
-diff -NurpP --minimal linux-3.18.5/drivers/md/dm.h linux-3.18.5-vs2.3.7.3/drivers/md/dm.h
---- linux-3.18.5/drivers/md/dm.h 2015-01-17 02:39:51.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/md/dm.h 2015-01-19 10:57:46.000000000 +0000
-@@ -50,6 +50,8 @@ struct dm_dev_internal {
- struct dm_table;
- struct dm_md_mempools;
-
-+vxid_t dm_get_xid(struct mapped_device *md);
-+
- /*-----------------------------------------------------------------
- * Internal table functions.
- *---------------------------------------------------------------*/
-diff -NurpP --minimal linux-3.18.5/drivers/net/tun.c linux-3.18.5-vs2.3.7.3/drivers/net/tun.c
---- linux-3.18.5/drivers/net/tun.c 2015-01-17 02:40:00.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/net/tun.c 2015-01-19 10:57:46.000000000 +0000
-@@ -65,6 +65,7 @@
- #include <linux/nsproxy.h>
- #include <linux/virtio_net.h>
- #include <linux/rcupdate.h>
-+#include <linux/vs_network.h>
- #include <net/ipv6.h>
- #include <net/net_namespace.h>
- #include <net/netns/generic.h>
-@@ -171,6 +172,7 @@ struct tun_struct {
- unsigned int flags;
- kuid_t owner;
- kgid_t group;
-+ vnid_t nid;
-
- struct net_device *dev;
- netdev_features_t set_features;
-@@ -404,6 +406,7 @@ static inline bool tun_not_capable(struc
- return ((uid_valid(tun->owner) && !uid_eq(cred->euid, tun->owner)) ||
- (gid_valid(tun->group) && !in_egroup_p(tun->group))) &&
- !ns_capable(net->user_ns, CAP_NET_ADMIN);
-+ /* !cap_raised(current_cap(), CAP_NET_ADMIN) */
- }
-
- static void tun_set_real_num_queues(struct tun_struct *tun)
-@@ -1413,6 +1416,7 @@ static void tun_setup(struct net_device
-
- tun->owner = INVALID_UID;
- tun->group = INVALID_GID;
-+ tun->nid = nx_current_nid();
-
- dev->ethtool_ops = &tun_ethtool_ops;
- dev->destructor = tun_free_netdev;
-@@ -1629,7 +1633,7 @@ static int tun_set_iff(struct net *net,
- int queues = ifr->ifr_flags & IFF_MULTI_QUEUE ?
- MAX_TAP_QUEUES : 1;
-
-- if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
-+ if (!nx_ns_capable(net->user_ns, CAP_NET_ADMIN, NXC_TUN_CREATE))
- return -EPERM;
- err = security_tun_dev_create();
- if (err < 0)
-@@ -1996,6 +2000,16 @@ static long __tun_chr_ioctl(struct file
- from_kgid(&init_user_ns, tun->group));
- break;
-
-+ case TUNSETNID:
-+ if (!capable(CAP_CONTEXT))
-+ return -EPERM;
-+
-+ /* Set nid owner of the device */
-+ tun->nid = (vnid_t) arg;
-+
-+ tun_debug(KERN_INFO, tun, "nid owner set to %u\n", tun->nid);
-+ break;
-+
- case TUNSETLINK:
- /* Only allow setting the type when the interface is down */
- if (tun->dev->flags & IFF_UP) {
-diff -NurpP --minimal linux-3.18.5/drivers/scsi/cxgbi/libcxgbi.c linux-3.18.5-vs2.3.7.3/drivers/scsi/cxgbi/libcxgbi.c
---- linux-3.18.5/drivers/scsi/cxgbi/libcxgbi.c 2015-01-17 02:40:05.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/scsi/cxgbi/libcxgbi.c 2015-02-06 01:59:47.000000000 +0000
-@@ -764,7 +764,8 @@ static struct cxgbi_sock *cxgbi_check_ro
- struct inet6_dev *idev = ip6_dst_idev((struct dst_entry *)rt);
-
- err = ipv6_dev_get_saddr(&init_net, idev ? idev->dev : NULL,
-- &daddr6->sin6_addr, 0, &pref_saddr);
-+ &daddr6->sin6_addr, 0, &pref_saddr,
-+ NULL);
- if (err) {
- pr_info("failed to get source address to reach %pI6\n",
- &daddr6->sin6_addr);
-diff -NurpP --minimal linux-3.18.5/drivers/tty/sysrq.c linux-3.18.5-vs2.3.7.3/drivers/tty/sysrq.c
---- linux-3.18.5/drivers/tty/sysrq.c 2015-01-16 22:19:12.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/tty/sysrq.c 2015-01-19 11:01:25.000000000 +0000
-@@ -47,6 +47,7 @@
- #include <linux/syscalls.h>
- #include <linux/of.h>
- #include <linux/rcupdate.h>
-+#include <linux/vserver/debug.h>
-
- #include <asm/ptrace.h>
- #include <asm/irq_regs.h>
-@@ -408,6 +409,21 @@ static struct sysrq_key_op sysrq_unrt_op
- .enable_mask = SYSRQ_ENABLE_RTNICE,
- };
-
-+
-+#ifdef CONFIG_VSERVER_DEBUG
-+static void sysrq_handle_vxinfo(int key)
-+{
-+ dump_vx_info_inactive((key == 'x') ? 0 : 1);
-+}
-+
-+static struct sysrq_key_op sysrq_showvxinfo_op = {
-+ .handler = sysrq_handle_vxinfo,
-+ .help_msg = "conteXt",
-+ .action_msg = "Show Context Info",
-+ .enable_mask = SYSRQ_ENABLE_DUMP,
-+};
-+#endif
-+
- /* Key Operations table and lock */
- static DEFINE_SPINLOCK(sysrq_key_table_lock);
-
-@@ -463,7 +479,11 @@ static struct sysrq_key_op *sysrq_key_ta
- &sysrq_showstate_blocked_op, /* w */
- /* x: May be registered on ppc/powerpc for xmon */
- /* x: May be registered on sparc64 for global PMU dump */
-+#ifdef CONFIG_VSERVER_DEBUG
-+ &sysrq_showvxinfo_op, /* x */
-+#else
- NULL, /* x */
-+#endif
- /* y: May be registered on sparc64 for global register dump */
- NULL, /* y */
- &sysrq_ftrace_dump_op, /* z */
-@@ -478,6 +498,8 @@ static int sysrq_key_table_key2index(int
- retval = key - '0';
- else if ((key >= 'a') && (key <= 'z'))
- retval = key + 10 - 'a';
-+ else if ((key >= 'A') && (key <= 'Z'))
-+ retval = key + 10 - 'A';
- else
- retval = -1;
- return retval;
-diff -NurpP --minimal linux-3.18.5/drivers/tty/tty_io.c linux-3.18.5-vs2.3.7.3/drivers/tty/tty_io.c
---- linux-3.18.5/drivers/tty/tty_io.c 2015-01-17 02:40:14.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/drivers/tty/tty_io.c 2015-01-19 10:57:46.000000000 +0000
-@@ -104,6 +104,7 @@
-
- #include <linux/kmod.h>
- #include <linux/nsproxy.h>
-+#include <linux/vs_pid.h>
-
- #undef TTY_DEBUG_HANGUP
-
-@@ -2237,7 +2238,8 @@ static int tiocsti(struct tty_struct *tt
- char ch, mbz = 0;
- struct tty_ldisc *ld;
-
-- if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
-+ if (((current->signal->tty != tty) &&
-+ !vx_capable(CAP_SYS_ADMIN, VXC_TIOCSTI)))
- return -EPERM;
- if (get_user(ch, p))
- return -EFAULT;
-@@ -2525,6 +2527,7 @@ static int tiocspgrp(struct tty_struct *
- return -ENOTTY;
- if (get_user(pgrp_nr, p))
- return -EFAULT;
-+ pgrp_nr = vx_rmap_pid(pgrp_nr);
- if (pgrp_nr < 0)
- return -EINVAL;
- rcu_read_lock();
-diff -NurpP --minimal linux-3.18.5/fs/attr.c linux-3.18.5-vs2.3.7.3/fs/attr.c
---- linux-3.18.5/fs/attr.c 2014-09-03 13:19:35.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/attr.c 2015-01-19 10:57:46.000000000 +0000
-@@ -15,6 +15,9 @@
- #include <linux/security.h>
- #include <linux/evm.h>
- #include <linux/ima.h>
-+#include <linux/proc_fs.h>
-+#include <linux/devpts_fs.h>
-+#include <linux/vs_tag.h>
-
- /**
- * inode_change_ok - check if attribute changes to an inode are allowed
-@@ -77,6 +80,10 @@ int inode_change_ok(const struct inode *
- return -EPERM;
- }
-
-+ /* check for inode tag permission */
-+ if (dx_permission(inode, MAY_WRITE))
-+ return -EACCES;
-+
- return 0;
- }
- EXPORT_SYMBOL(inode_change_ok);
-@@ -147,6 +154,8 @@ void setattr_copy(struct inode *inode, c
- inode->i_uid = attr->ia_uid;
- if (ia_valid & ATTR_GID)
- inode->i_gid = attr->ia_gid;
-+ if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode))
-+ inode->i_tag = attr->ia_tag;
- if (ia_valid & ATTR_ATIME)
- inode->i_atime = timespec_trunc(attr->ia_atime,
- inode->i_sb->s_time_gran);
-@@ -197,7 +206,8 @@ int notify_change(struct dentry * dentry
-
- WARN_ON_ONCE(!mutex_is_locked(&inode->i_mutex));
-
-- if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_TIMES_SET)) {
-+ if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID |
-+ ATTR_TAG | ATTR_TIMES_SET)) {
- if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
- return -EPERM;
- }
-diff -NurpP --minimal linux-3.18.5/fs/block_dev.c linux-3.18.5-vs2.3.7.3/fs/block_dev.c
---- linux-3.18.5/fs/block_dev.c 2015-01-17 02:40:16.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/block_dev.c 2015-01-19 10:57:46.000000000 +0000
-@@ -28,6 +28,7 @@
- #include <linux/log2.h>
- #include <linux/cleancache.h>
- #include <linux/aio.h>
-+#include <linux/vs_device.h>
- #include <asm/uaccess.h>
- #include "internal.h"
-
-@@ -575,6 +576,7 @@ struct block_device *bdget(dev_t dev)
- bdev->bd_invalidated = 0;
- inode->i_mode = S_IFBLK;
- inode->i_rdev = dev;
-+ inode->i_mdev = dev;
- inode->i_bdev = bdev;
- inode->i_data.a_ops = &def_blk_aops;
- mapping_set_gfp_mask(&inode->i_data, GFP_USER);
-@@ -622,6 +624,11 @@ EXPORT_SYMBOL(bdput);
- static struct block_device *bd_acquire(struct inode *inode)
- {
- struct block_device *bdev;
-+ dev_t mdev;
-+
-+ if (!vs_map_blkdev(inode->i_rdev, &mdev, DATTR_OPEN))
-+ return NULL;
-+ inode->i_mdev = mdev;
-
- spin_lock(&bdev_lock);
- bdev = inode->i_bdev;
-@@ -632,7 +639,7 @@ static struct block_device *bd_acquire(s
- }
- spin_unlock(&bdev_lock);
-
-- bdev = bdget(inode->i_rdev);
-+ bdev = bdget(mdev);
- if (bdev) {
- spin_lock(&bdev_lock);
- if (!inode->i_bdev) {
-diff -NurpP --minimal linux-3.18.5/fs/btrfs/ctree.h linux-3.18.5-vs2.3.7.3/fs/btrfs/ctree.h
---- linux-3.18.5/fs/btrfs/ctree.h 2015-01-17 02:40:16.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/btrfs/ctree.h 2015-01-19 10:57:46.000000000 +0000
-@@ -728,11 +728,14 @@ struct btrfs_inode_item {
- /* modification sequence number for NFS */
- __le64 sequence;
-
-+ __le16 tag;
- /*
- * a little future expansion, for more than this we can
- * just grow the inode item and version it
- */
-- __le64 reserved[4];
-+ __le16 reserved16;
-+ __le32 reserved32;
-+ __le64 reserved[3];
- struct btrfs_timespec atime;
- struct btrfs_timespec ctime;
- struct btrfs_timespec mtime;
-@@ -2098,6 +2101,8 @@ struct btrfs_ioctl_defrag_range_args {
- #define BTRFS_DEFAULT_COMMIT_INTERVAL (30)
- #define BTRFS_DEFAULT_MAX_INLINE (8192)
-
-+#define BTRFS_MOUNT_TAGGED (1 << 24)
-+
- #define btrfs_clear_opt(o, opt) ((o) &= ~BTRFS_MOUNT_##opt)
- #define btrfs_set_opt(o, opt) ((o) |= BTRFS_MOUNT_##opt)
- #define btrfs_raw_test_opt(o, opt) ((o) & BTRFS_MOUNT_##opt)
-@@ -2381,6 +2386,7 @@ BTRFS_SETGET_FUNCS(inode_block_group, st
- BTRFS_SETGET_FUNCS(inode_nlink, struct btrfs_inode_item, nlink, 32);
- BTRFS_SETGET_FUNCS(inode_uid, struct btrfs_inode_item, uid, 32);
- BTRFS_SETGET_FUNCS(inode_gid, struct btrfs_inode_item, gid, 32);
-+BTRFS_SETGET_FUNCS(inode_tag, struct btrfs_inode_item, tag, 16);
- BTRFS_SETGET_FUNCS(inode_mode, struct btrfs_inode_item, mode, 32);
- BTRFS_SETGET_FUNCS(inode_rdev, struct btrfs_inode_item, rdev, 64);
- BTRFS_SETGET_FUNCS(inode_flags, struct btrfs_inode_item, flags, 64);
-@@ -2453,6 +2459,10 @@ BTRFS_SETGET_FUNCS(extent_flags, struct
-
- BTRFS_SETGET_FUNCS(extent_refs_v0, struct btrfs_extent_item_v0, refs, 32);
-
-+#define BTRFS_INODE_IXUNLINK (1 << 24)
-+#define BTRFS_INODE_BARRIER (1 << 25)
-+#define BTRFS_INODE_COW (1 << 26)
-+
-
- BTRFS_SETGET_FUNCS(tree_block_level, struct btrfs_tree_block_info, level, 8);
-
-@@ -3864,6 +3874,7 @@ long btrfs_ioctl(struct file *file, unsi
- void btrfs_update_iflags(struct inode *inode);
- void btrfs_inherit_iflags(struct inode *inode, struct inode *dir);
- int btrfs_is_empty_uuid(u8 *uuid);
-+int btrfs_sync_flags(struct inode *inode, int, int);
- int btrfs_defrag_file(struct inode *inode, struct file *file,
- struct btrfs_ioctl_defrag_range_args *range,
- u64 newer_than, unsigned long max_pages);
-diff -NurpP --minimal linux-3.18.5/fs/btrfs/disk-io.c linux-3.18.5-vs2.3.7.3/fs/btrfs/disk-io.c
---- linux-3.18.5/fs/btrfs/disk-io.c 2015-02-05 18:02:44.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/btrfs/disk-io.c 2015-01-19 10:57:46.000000000 +0000
-@@ -2460,6 +2460,9 @@ int open_ctree(struct super_block *sb,
- goto fail_alloc;
- }
-
-+ if (btrfs_test_opt(tree_root, TAGGED))
-+ sb->s_flags |= MS_TAGGED;
-+
- features = btrfs_super_incompat_flags(disk_super) &
- ~BTRFS_FEATURE_INCOMPAT_SUPP;
- if (features) {
-diff -NurpP --minimal linux-3.18.5/fs/btrfs/inode.c linux-3.18.5-vs2.3.7.3/fs/btrfs/inode.c
---- linux-3.18.5/fs/btrfs/inode.c 2015-01-17 02:40:16.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/btrfs/inode.c 2015-01-19 12:26:30.000000000 +0000
-@@ -43,6 +43,7 @@
- #include <linux/btrfs.h>
- #include <linux/blkdev.h>
- #include <linux/posix_acl_xattr.h>
-+#include <linux/vs_tag.h>
- #include "ctree.h"
- #include "disk-io.h"
- #include "transaction.h"
-@@ -3477,6 +3478,9 @@ static void btrfs_read_locked_inode(stru
- unsigned long ptr;
- int maybe_acls;
- u32 rdev;
-+ kuid_t kuid;
-+ kgid_t kgid;
-+ ktag_t ktag;
- int ret;
- bool filled = false;
- int first_xattr_slot;
-@@ -3504,8 +3508,14 @@ static void btrfs_read_locked_inode(stru
- struct btrfs_inode_item);
- inode->i_mode = btrfs_inode_mode(leaf, inode_item);
- set_nlink(inode, btrfs_inode_nlink(leaf, inode_item));
-- i_uid_write(inode, btrfs_inode_uid(leaf, inode_item));
-- i_gid_write(inode, btrfs_inode_gid(leaf, inode_item));
-+
-+ kuid = make_kuid(&init_user_ns, btrfs_inode_uid(leaf, inode_item));
-+ kgid = make_kgid(&init_user_ns, btrfs_inode_gid(leaf, inode_item));
-+ ktag = make_ktag(&init_user_ns, btrfs_inode_tag(leaf, inode_item));
-+
-+ inode->i_uid = INOTAG_KUID(DX_TAG(inode), kuid, kgid);
-+ inode->i_gid = INOTAG_KGID(DX_TAG(inode), kuid, kgid);
-+ inode->i_tag = INOTAG_KTAG(DX_TAG(inode), kuid, kgid, ktag);
- btrfs_i_size_write(inode, btrfs_inode_size(leaf, inode_item));
-
- tspec = btrfs_inode_atime(inode_item);
-@@ -3629,11 +3639,18 @@ static void fill_inode_item(struct btrfs
- struct inode *inode)
- {
- struct btrfs_map_token token;
-+ uid_t uid = from_kuid(&init_user_ns,
-+ TAGINO_KUID(DX_TAG(inode), inode->i_uid, inode->i_tag));
-+ gid_t gid = from_kgid(&init_user_ns,
-+ TAGINO_KGID(DX_TAG(inode), inode->i_gid, inode->i_tag));
-
- btrfs_init_map_token(&token);
-
-- btrfs_set_token_inode_uid(leaf, item, i_uid_read(inode), &token);
-- btrfs_set_token_inode_gid(leaf, item, i_gid_read(inode), &token);
-+ btrfs_set_token_inode_uid(leaf, item, uid, &token);
-+ btrfs_set_token_inode_gid(leaf, item, gid, &token);
-+#ifdef CONFIG_TAGGING_INTERN
-+ btrfs_set_token_inode_tag(leaf, item, i_tag_read(inode), &token);
-+#endif
- btrfs_set_token_inode_size(leaf, item, BTRFS_I(inode)->disk_i_size,
- &token);
- btrfs_set_token_inode_mode(leaf, item, inode->i_mode, &token);
-@@ -9459,6 +9476,7 @@ static const struct inode_operations btr
- .listxattr = btrfs_listxattr,
- .removexattr = btrfs_removexattr,
- .permission = btrfs_permission,
-+ .sync_flags = btrfs_sync_flags,
- .get_acl = btrfs_get_acl,
- .set_acl = btrfs_set_acl,
- .update_time = btrfs_update_time,
-@@ -9467,6 +9485,7 @@ static const struct inode_operations btr
- static const struct inode_operations btrfs_dir_ro_inode_operations = {
- .lookup = btrfs_lookup,
- .permission = btrfs_permission,
-+ .sync_flags = btrfs_sync_flags,
- .get_acl = btrfs_get_acl,
- .set_acl = btrfs_set_acl,
- .update_time = btrfs_update_time,
-@@ -9537,6 +9556,7 @@ static const struct inode_operations btr
- .removexattr = btrfs_removexattr,
- .permission = btrfs_permission,
- .fiemap = btrfs_fiemap,
-+ .sync_flags = btrfs_sync_flags,
- .get_acl = btrfs_get_acl,
- .set_acl = btrfs_set_acl,
- .update_time = btrfs_update_time,
-diff -NurpP --minimal linux-3.18.5/fs/btrfs/ioctl.c linux-3.18.5-vs2.3.7.3/fs/btrfs/ioctl.c
---- linux-3.18.5/fs/btrfs/ioctl.c 2015-01-17 02:40:16.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/btrfs/ioctl.c 2015-01-21 09:54:51.000000000 +0000
-@@ -107,10 +107,13 @@ static unsigned int btrfs_flags_to_ioctl
- {
- unsigned int iflags = 0;
-
-- if (flags & BTRFS_INODE_SYNC)
-- iflags |= FS_SYNC_FL;
- if (flags & BTRFS_INODE_IMMUTABLE)
- iflags |= FS_IMMUTABLE_FL;
-+ if (flags & BTRFS_INODE_IXUNLINK)
-+ iflags |= FS_IXUNLINK_FL;
-+
-+ if (flags & BTRFS_INODE_SYNC)
-+ iflags |= FS_SYNC_FL;
- if (flags & BTRFS_INODE_APPEND)
- iflags |= FS_APPEND_FL;
- if (flags & BTRFS_INODE_NODUMP)
-@@ -127,34 +130,84 @@ static unsigned int btrfs_flags_to_ioctl
- else if (flags & BTRFS_INODE_NOCOMPRESS)
- iflags |= FS_NOCOMP_FL;
-
-+ if (flags & BTRFS_INODE_BARRIER)
-+ iflags |= FS_BARRIER_FL;
-+ if (flags & BTRFS_INODE_COW)
-+ iflags |= FS_COW_FL;
- return iflags;
- }
-
- /*
-- * Update inode->i_flags based on the btrfs internal flags.
-+ * Update inode->i_(v)flags based on the btrfs internal flags.
- */
- void btrfs_update_iflags(struct inode *inode)
- {
- struct btrfs_inode *ip = BTRFS_I(inode);
- unsigned int new_fl = 0;
-
-- if (ip->flags & BTRFS_INODE_SYNC)
-- new_fl |= S_SYNC;
- if (ip->flags & BTRFS_INODE_IMMUTABLE)
- new_fl |= S_IMMUTABLE;
-+ if (ip->flags & BTRFS_INODE_IXUNLINK)
-+ new_fl |= S_IXUNLINK;
-+
-+ if (ip->flags & BTRFS_INODE_SYNC)
-+ new_fl |= S_SYNC;
- if (ip->flags & BTRFS_INODE_APPEND)
- new_fl |= S_APPEND;
- if (ip->flags & BTRFS_INODE_NOATIME)
- new_fl |= S_NOATIME;
- if (ip->flags & BTRFS_INODE_DIRSYNC)
- new_fl |= S_DIRSYNC;
--
- set_mask_bits(&inode->i_flags,
-- S_SYNC | S_APPEND | S_IMMUTABLE | S_NOATIME | S_DIRSYNC,
-+ S_SYNC | S_APPEND | S_IMMUTABLE | S_IXUNLINK | S_NOATIME | S_DIRSYNC,
- new_fl);
-+
-+ new_fl = 0;
-+ if (ip->flags & BTRFS_INODE_BARRIER)
-+ new_fl |= V_BARRIER;
-+ if (ip->flags & BTRFS_INODE_COW)
-+ new_fl |= V_COW;
-+
-+ set_mask_bits(&inode->i_vflags,
-+ V_BARRIER | V_COW, new_fl);
- }
-
- /*
-+ * Update btrfs internal flags from inode->i_(v)flags.
-+ */
-+void btrfs_update_flags(struct inode *inode)
-+{
-+ struct btrfs_inode *ip = BTRFS_I(inode);
-+
-+ unsigned int flags = inode->i_flags;
-+ unsigned int vflags = inode->i_vflags;
-+
-+ ip->flags &= ~(BTRFS_INODE_SYNC | BTRFS_INODE_APPEND |
-+ BTRFS_INODE_IMMUTABLE | BTRFS_INODE_IXUNLINK |
-+ BTRFS_INODE_NOATIME | BTRFS_INODE_DIRSYNC |
-+ BTRFS_INODE_BARRIER | BTRFS_INODE_COW);
-+
-+ if (flags & S_IMMUTABLE)
-+ ip->flags |= BTRFS_INODE_IMMUTABLE;
-+ if (flags & S_IXUNLINK)
-+ ip->flags |= BTRFS_INODE_IXUNLINK;
-+
-+ if (flags & S_SYNC)
-+ ip->flags |= BTRFS_INODE_SYNC;
-+ if (flags & S_APPEND)
-+ ip->flags |= BTRFS_INODE_APPEND;
-+ if (flags & S_NOATIME)
-+ ip->flags |= BTRFS_INODE_NOATIME;
-+ if (flags & S_DIRSYNC)
-+ ip->flags |= BTRFS_INODE_DIRSYNC;
-+
-+ if (vflags & V_BARRIER)
-+ ip->flags |= BTRFS_INODE_BARRIER;
-+ if (vflags & V_COW)
-+ ip->flags |= BTRFS_INODE_COW;
-+ }
-+
-+/*
- * Inherit flags from the parent inode.
- *
- * Currently only the compression flags and the cow flags are inherited.
-@@ -167,6 +220,7 @@ void btrfs_inherit_iflags(struct inode *
- return;
-
- flags = BTRFS_I(dir)->flags;
-+ flags &= ~BTRFS_INODE_BARRIER;
-
- if (flags & BTRFS_INODE_NOCOMPRESS) {
- BTRFS_I(inode)->flags &= ~BTRFS_INODE_COMPRESS;
-@@ -185,6 +239,30 @@ void btrfs_inherit_iflags(struct inode *
- btrfs_update_iflags(inode);
- }
-
-+int btrfs_sync_flags(struct inode *inode, int flags, int vflags)
-+{
-+ struct btrfs_inode *ip = BTRFS_I(inode);
-+ struct btrfs_root *root = ip->root;
-+ struct btrfs_trans_handle *trans;
-+ int ret;
-+
-+ trans = btrfs_join_transaction(root);
-+ BUG_ON(!trans);
-+
-+ inode->i_flags = flags;
-+ inode->i_vflags = vflags;
-+ btrfs_update_flags(inode);
-+
-+ ret = btrfs_update_inode(trans, root, inode);
-+ BUG_ON(ret);
-+
-+ btrfs_update_iflags(inode);
-+ inode->i_ctime = CURRENT_TIME;
-+ btrfs_end_transaction(trans, root);
-+
-+ return 0;
-+}
-+
- static int btrfs_ioctl_getflags(struct file *file, void __user *arg)
- {
- struct btrfs_inode *ip = BTRFS_I(file_inode(file));
-@@ -247,21 +325,27 @@ static int btrfs_ioctl_setflags(struct f
-
- flags = btrfs_mask_flags(inode->i_mode, flags);
- oldflags = btrfs_flags_to_ioctl(ip->flags);
-- if ((flags ^ oldflags) & (FS_APPEND_FL | FS_IMMUTABLE_FL)) {
-+ if ((flags ^ oldflags) & (FS_APPEND_FL |
-+ FS_IMMUTABLE_FL | FS_IXUNLINK_FL)) {
- if (!capable(CAP_LINUX_IMMUTABLE)) {
- ret = -EPERM;
- goto out_unlock;
- }
- }
-
-- if (flags & FS_SYNC_FL)
-- ip->flags |= BTRFS_INODE_SYNC;
-- else
-- ip->flags &= ~BTRFS_INODE_SYNC;
- if (flags & FS_IMMUTABLE_FL)
- ip->flags |= BTRFS_INODE_IMMUTABLE;
- else
- ip->flags &= ~BTRFS_INODE_IMMUTABLE;
-+ if (flags & FS_IXUNLINK_FL)
-+ ip->flags |= BTRFS_INODE_IXUNLINK;
-+ else
-+ ip->flags &= ~BTRFS_INODE_IXUNLINK;
-+
-+ if (flags & FS_SYNC_FL)
-+ ip->flags |= BTRFS_INODE_SYNC;
-+ else
-+ ip->flags &= ~BTRFS_INODE_SYNC;
- if (flags & FS_APPEND_FL)
- ip->flags |= BTRFS_INODE_APPEND;
- else
-diff -NurpP --minimal linux-3.18.5/fs/btrfs/super.c linux-3.18.5-vs2.3.7.3/fs/btrfs/super.c
---- linux-3.18.5/fs/btrfs/super.c 2015-02-05 18:02:44.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/btrfs/super.c 2015-01-19 10:57:46.000000000 +0000
-@@ -325,7 +325,7 @@ enum {
- Opt_commit_interval, Opt_barrier, Opt_nodefrag, Opt_nodiscard,
- Opt_noenospc_debug, Opt_noflushoncommit, Opt_acl, Opt_datacow,
- Opt_datasum, Opt_treelog, Opt_noinode_cache,
-- Opt_err,
-+ Opt_tag, Opt_notag, Opt_tagid, Opt_err,
- };
-
- static match_table_t tokens = {
-@@ -377,6 +377,9 @@ static match_table_t tokens = {
- {Opt_rescan_uuid_tree, "rescan_uuid_tree"},
- {Opt_fatal_errors, "fatal_errors=%s"},
- {Opt_commit_interval, "commit=%d"},
-+ {Opt_tag, "tag"},
-+ {Opt_notag, "notag"},
-+ {Opt_tagid, "tagid=%u"},
- {Opt_err, NULL},
- };
-
-@@ -743,6 +746,22 @@ int btrfs_parse_options(struct btrfs_roo
- info->commit_interval = BTRFS_DEFAULT_COMMIT_INTERVAL;
- }
- break;
-+#ifndef CONFIG_TAGGING_NONE
-+ case Opt_tag:
-+ printk(KERN_INFO "btrfs: use tagging\n");
-+ btrfs_set_opt(info->mount_opt, TAGGED);
-+ break;
-+ case Opt_notag:
-+ printk(KERN_INFO "btrfs: disabled tagging\n");
-+ btrfs_clear_opt(info->mount_opt, TAGGED);
-+ break;
-+#endif
-+#ifdef CONFIG_PROPAGATE
-+ case Opt_tagid:
-+ /* use args[0] */
-+ btrfs_set_opt(info->mount_opt, TAGGED);
-+ break;
-+#endif
- case Opt_err:
- btrfs_info(root->fs_info, "unrecognized mount option '%s'", p);
- ret = -EINVAL;
-@@ -1495,6 +1514,12 @@ static int btrfs_remount(struct super_bl
- btrfs_resize_thread_pool(fs_info,
- fs_info->thread_pool_size, old_thread_pool_size);
-
-+ if (btrfs_test_opt(root, TAGGED) && !(sb->s_flags & MS_TAGGED)) {
-+ printk("btrfs: %s: tagging not permitted on remount.\n",
-+ sb->s_id);
-+ return -EINVAL;
-+ }
-+
- if ((*flags & MS_RDONLY) == (sb->s_flags & MS_RDONLY))
- goto out;
-
-diff -NurpP --minimal linux-3.18.5/fs/char_dev.c linux-3.18.5-vs2.3.7.3/fs/char_dev.c
---- linux-3.18.5/fs/char_dev.c 2014-01-22 20:39:05.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/char_dev.c 2015-01-19 10:57:46.000000000 +0000
-@@ -21,6 +21,8 @@
- #include <linux/mutex.h>
- #include <linux/backing-dev.h>
- #include <linux/tty.h>
-+#include <linux/vs_context.h>
-+#include <linux/vs_device.h>
-
- #include "internal.h"
-
-@@ -372,14 +374,21 @@ static int chrdev_open(struct inode *ino
- struct cdev *p;
- struct cdev *new = NULL;
- int ret = 0;
-+ dev_t mdev;
-+
-+ if (!vs_map_chrdev(inode->i_rdev, &mdev, DATTR_OPEN))
-+ return -EPERM;
-+ inode->i_mdev = mdev;
-
- spin_lock(&cdev_lock);
- p = inode->i_cdev;
- if (!p) {
- struct kobject *kobj;
- int idx;
-+
- spin_unlock(&cdev_lock);
-- kobj = kobj_lookup(cdev_map, inode->i_rdev, &idx);
-+
-+ kobj = kobj_lookup(cdev_map, mdev, &idx);
- if (!kobj)
- return -ENXIO;
- new = container_of(kobj, struct cdev, kobj);
-diff -NurpP --minimal linux-3.18.5/fs/dcache.c linux-3.18.5-vs2.3.7.3/fs/dcache.c
---- linux-3.18.5/fs/dcache.c 2015-02-05 18:02:45.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/dcache.c 2015-01-19 12:06:59.000000000 +0000
-@@ -38,6 +38,7 @@
- #include <linux/prefetch.h>
- #include <linux/ratelimit.h>
- #include <linux/list_lru.h>
-+#include <linux/vs_limit.h>
- #include "internal.h"
- #include "mount.h"
-
-@@ -654,6 +655,7 @@ EXPORT_SYMBOL(dput);
- static inline void __dget_dlock(struct dentry *dentry)
- {
- dentry->d_lockref.count++;
-+ vx_dentry_inc(dentry);
- }
-
- static inline void __dget(struct dentry *dentry)
-@@ -666,6 +668,8 @@ struct dentry *dget_parent(struct dentry
- int gotref;
- struct dentry *ret;
-
-+ vx_dentry_dec(dentry);
-+
- /*
- * Do optimistic parent lookup without any
- * locking.
-@@ -1410,6 +1414,9 @@ struct dentry *__d_alloc(struct super_bl
- struct dentry *dentry;
- char *dname;
-
-+ if (!vx_dentry_avail(1))
-+ return NULL;
-+
- dentry = kmem_cache_alloc(dentry_cache, GFP_KERNEL);
- if (!dentry)
- return NULL;
-@@ -1445,6 +1452,7 @@ struct dentry *__d_alloc(struct super_bl
-
- dentry->d_lockref.count = 1;
- dentry->d_flags = 0;
-+ vx_dentry_inc(dentry);
- spin_lock_init(&dentry->d_lock);
- seqcount_init(&dentry->d_seq);
- dentry->d_inode = NULL;
-@@ -2184,6 +2192,7 @@ struct dentry *__d_lookup(const struct d
- }
-
- dentry->d_lockref.count++;
-+ vx_dentry_inc(dentry);
- found = dentry;
- spin_unlock(&dentry->d_lock);
- break;
-diff -NurpP --minimal linux-3.18.5/fs/devpts/inode.c linux-3.18.5-vs2.3.7.3/fs/devpts/inode.c
---- linux-3.18.5/fs/devpts/inode.c 2014-09-03 13:19:39.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/devpts/inode.c 2015-01-19 10:57:47.000000000 +0000
-@@ -27,6 +27,7 @@
- #include <linux/parser.h>
- #include <linux/fsnotify.h>
- #include <linux/seq_file.h>
-+#include <linux/vs_base.h>
-
- #define DEVPTS_DEFAULT_MODE 0600
- /*
-@@ -38,6 +39,21 @@
- #define DEVPTS_DEFAULT_PTMX_MODE 0000
- #define PTMX_MINOR 2
-
-+static int devpts_permission(struct inode *inode, int mask)
-+{
-+ int ret = -EACCES;
-+
-+ /* devpts is xid tagged */
-+ if (vx_check((vxid_t)i_tag_read(inode), VS_WATCH_P | VS_IDENT))
-+ ret = generic_permission(inode, mask);
-+ return ret;
-+}
-+
-+static struct inode_operations devpts_file_inode_operations = {
-+ .permission = devpts_permission,
-+};
-+
-+
- /*
- * sysctl support for setting limits on the number of Unix98 ptys allocated.
- * Otherwise one can eat up all kernel memory by opening /dev/ptmx repeatedly.
-@@ -350,6 +366,34 @@ static int devpts_show_options(struct se
- return 0;
- }
-
-+static int devpts_filter(struct dentry *de)
-+{
-+ vxid_t xid = 0;
-+
-+ /* devpts is xid tagged */
-+ if (de && de->d_inode)
-+ xid = (vxid_t)i_tag_read(de->d_inode);
-+#ifdef CONFIG_VSERVER_WARN_DEVPTS
-+ else
-+ vxwprintk_task(1, "devpts " VS_Q("%.*s") " without inode.",
-+ de->d_name.len, de->d_name.name);
-+#endif
-+ return vx_check(xid, VS_WATCH_P | VS_IDENT);
-+}
-+
-+static int devpts_readdir(struct file * filp, struct dir_context *ctx)
-+{
-+ return dcache_readdir_filter(filp, ctx, devpts_filter);
-+}
-+
-+static struct file_operations devpts_dir_operations = {
-+ .open = dcache_dir_open,
-+ .release = dcache_dir_close,
-+ .llseek = dcache_dir_lseek,
-+ .read = generic_read_dir,
-+ .iterate = devpts_readdir,
-+};
-+
- static const struct super_operations devpts_sops = {
- .statfs = simple_statfs,
- .remount_fs = devpts_remount,
-@@ -393,8 +437,10 @@ devpts_fill_super(struct super_block *s,
- inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
- inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO | S_IWUSR;
- inode->i_op = &simple_dir_inode_operations;
-- inode->i_fop = &simple_dir_operations;
-+ inode->i_fop = &devpts_dir_operations;
- set_nlink(inode, 2);
-+ /* devpts is xid tagged */
-+ i_tag_write(inode, (vtag_t)vx_current_xid());
-
- s->s_root = d_make_root(inode);
- if (s->s_root)
-@@ -598,6 +644,9 @@ struct inode *devpts_pty_new(struct inod
- inode->i_gid = opts->setgid ? opts->gid : current_fsgid();
- inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
- init_special_inode(inode, S_IFCHR|opts->mode, device);
-+ /* devpts is xid tagged */
-+ i_tag_write(inode, (vtag_t)vx_current_xid());
-+ inode->i_op = &devpts_file_inode_operations;
- inode->i_private = priv;
-
- sprintf(s, "%d", index);
-diff -NurpP --minimal linux-3.18.5/fs/ext2/balloc.c linux-3.18.5-vs2.3.7.3/fs/ext2/balloc.c
---- linux-3.18.5/fs/ext2/balloc.c 2013-05-31 13:45:23.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/balloc.c 2015-01-19 10:57:47.000000000 +0000
-@@ -693,7 +693,6 @@ ext2_try_to_allocate(struct super_block
- start = 0;
- end = EXT2_BLOCKS_PER_GROUP(sb);
- }
--
- BUG_ON(start > EXT2_BLOCKS_PER_GROUP(sb));
-
- repeat:
-diff -NurpP --minimal linux-3.18.5/fs/ext2/ext2.h linux-3.18.5-vs2.3.7.3/fs/ext2/ext2.h
---- linux-3.18.5/fs/ext2/ext2.h 2012-12-11 03:30:57.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/ext2.h 2015-01-19 10:57:47.000000000 +0000
-@@ -244,8 +244,12 @@ struct ext2_group_desc
- #define EXT2_NOTAIL_FL FS_NOTAIL_FL /* file tail should not be merged */
- #define EXT2_DIRSYNC_FL FS_DIRSYNC_FL /* dirsync behaviour (directories only) */
- #define EXT2_TOPDIR_FL FS_TOPDIR_FL /* Top of directory hierarchies*/
-+#define EXT2_IXUNLINK_FL FS_IXUNLINK_FL /* Immutable invert on unlink */
- #define EXT2_RESERVED_FL FS_RESERVED_FL /* reserved for ext2 lib */
-
-+#define EXT2_BARRIER_FL FS_BARRIER_FL /* Barrier for chroot() */
-+#define EXT2_COW_FL FS_COW_FL /* Copy on Write marker */
-+
- #define EXT2_FL_USER_VISIBLE FS_FL_USER_VISIBLE /* User visible flags */
- #define EXT2_FL_USER_MODIFIABLE FS_FL_USER_MODIFIABLE /* User modifiable flags */
-
-@@ -329,7 +333,8 @@ struct ext2_inode {
- __u16 i_pad1;
- __le16 l_i_uid_high; /* these 2 fields */
- __le16 l_i_gid_high; /* were reserved2[0] */
-- __u32 l_i_reserved2;
-+ __le16 l_i_tag; /* Context Tag */
-+ __u16 l_i_reserved2;
- } linux2;
- struct {
- __u8 h_i_frag; /* Fragment number */
-@@ -357,6 +362,7 @@ struct ext2_inode {
- #define i_gid_low i_gid
- #define i_uid_high osd2.linux2.l_i_uid_high
- #define i_gid_high osd2.linux2.l_i_gid_high
-+#define i_raw_tag osd2.linux2.l_i_tag
- #define i_reserved2 osd2.linux2.l_i_reserved2
-
- /*
-@@ -384,6 +390,7 @@ struct ext2_inode {
- #define EXT2_MOUNT_USRQUOTA 0x020000 /* user quota */
- #define EXT2_MOUNT_GRPQUOTA 0x040000 /* group quota */
- #define EXT2_MOUNT_RESERVATION 0x080000 /* Preallocation */
-+#define EXT2_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
-
-
- #define clear_opt(o, opt) o &= ~EXT2_MOUNT_##opt
-@@ -757,6 +764,7 @@ extern void ext2_set_inode_flags(struct
- extern void ext2_get_inode_flags(struct ext2_inode_info *);
- extern int ext2_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
- u64 start, u64 len);
-+extern int ext2_sync_flags(struct inode *, int, int);
-
- /* ioctl.c */
- extern long ext2_ioctl(struct file *, unsigned int, unsigned long);
-diff -NurpP --minimal linux-3.18.5/fs/ext2/file.c linux-3.18.5-vs2.3.7.3/fs/ext2/file.c
---- linux-3.18.5/fs/ext2/file.c 2014-09-03 13:19:39.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/file.c 2015-01-19 10:57:47.000000000 +0000
-@@ -105,4 +105,5 @@ const struct inode_operations ext2_file_
- .get_acl = ext2_get_acl,
- .set_acl = ext2_set_acl,
- .fiemap = ext2_fiemap,
-+ .sync_flags = ext2_sync_flags,
- };
-diff -NurpP --minimal linux-3.18.5/fs/ext2/ialloc.c linux-3.18.5-vs2.3.7.3/fs/ext2/ialloc.c
---- linux-3.18.5/fs/ext2/ialloc.c 2014-06-12 13:02:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/ialloc.c 2015-01-19 10:57:47.000000000 +0000
-@@ -17,6 +17,7 @@
- #include <linux/backing-dev.h>
- #include <linux/buffer_head.h>
- #include <linux/random.h>
-+#include <linux/vs_tag.h>
- #include "ext2.h"
- #include "xattr.h"
- #include "acl.h"
-@@ -546,6 +547,7 @@ got:
- inode->i_mode = mode;
- inode->i_uid = current_fsuid();
- inode->i_gid = dir->i_gid;
-+ i_tag_write(inode, dx_current_fstag(sb));
- } else
- inode_init_owner(inode, dir, mode);
-
-diff -NurpP --minimal linux-3.18.5/fs/ext2/inode.c linux-3.18.5-vs2.3.7.3/fs/ext2/inode.c
---- linux-3.18.5/fs/ext2/inode.c 2014-09-03 13:19:39.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/inode.c 2015-01-19 10:57:47.000000000 +0000
-@@ -32,6 +32,7 @@
- #include <linux/fiemap.h>
- #include <linux/namei.h>
- #include <linux/aio.h>
-+#include <linux/vs_tag.h>
- #include "ext2.h"
- #include "acl.h"
- #include "xip.h"
-@@ -1182,7 +1183,7 @@ static void ext2_truncate_blocks(struct
- return;
- if (ext2_inode_is_fast_symlink(inode))
- return;
-- if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
-+ if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
- return;
- __ext2_truncate_blocks(inode, offset);
- }
-@@ -1273,36 +1274,61 @@ void ext2_set_inode_flags(struct inode *
- {
- unsigned int flags = EXT2_I(inode)->i_flags;
-
-- inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
-+ inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
-+ S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
-+
-+
-+ if (flags & EXT2_IMMUTABLE_FL)
-+ inode->i_flags |= S_IMMUTABLE;
-+ if (flags & EXT2_IXUNLINK_FL)
-+ inode->i_flags |= S_IXUNLINK;
-+
- if (flags & EXT2_SYNC_FL)
- inode->i_flags |= S_SYNC;
- if (flags & EXT2_APPEND_FL)
- inode->i_flags |= S_APPEND;
-- if (flags & EXT2_IMMUTABLE_FL)
-- inode->i_flags |= S_IMMUTABLE;
- if (flags & EXT2_NOATIME_FL)
- inode->i_flags |= S_NOATIME;
- if (flags & EXT2_DIRSYNC_FL)
- inode->i_flags |= S_DIRSYNC;
-+
-+ inode->i_vflags &= ~(V_BARRIER | V_COW);
-+
-+ if (flags & EXT2_BARRIER_FL)
-+ inode->i_vflags |= V_BARRIER;
-+ if (flags & EXT2_COW_FL)
-+ inode->i_vflags |= V_COW;
- }
-
- /* Propagate flags from i_flags to EXT2_I(inode)->i_flags */
- void ext2_get_inode_flags(struct ext2_inode_info *ei)
- {
- unsigned int flags = ei->vfs_inode.i_flags;
-+ unsigned int vflags = ei->vfs_inode.i_vflags;
-+
-+ ei->i_flags &= ~(EXT2_SYNC_FL | EXT2_APPEND_FL |
-+ EXT2_IMMUTABLE_FL | EXT2_IXUNLINK_FL |
-+ EXT2_NOATIME_FL | EXT2_DIRSYNC_FL |
-+ EXT2_BARRIER_FL | EXT2_COW_FL);
-+
-+ if (flags & S_IMMUTABLE)
-+ ei->i_flags |= EXT2_IMMUTABLE_FL;
-+ if (flags & S_IXUNLINK)
-+ ei->i_flags |= EXT2_IXUNLINK_FL;
-
-- ei->i_flags &= ~(EXT2_SYNC_FL|EXT2_APPEND_FL|
-- EXT2_IMMUTABLE_FL|EXT2_NOATIME_FL|EXT2_DIRSYNC_FL);
- if (flags & S_SYNC)
- ei->i_flags |= EXT2_SYNC_FL;
- if (flags & S_APPEND)
- ei->i_flags |= EXT2_APPEND_FL;
-- if (flags & S_IMMUTABLE)
-- ei->i_flags |= EXT2_IMMUTABLE_FL;
- if (flags & S_NOATIME)
- ei->i_flags |= EXT2_NOATIME_FL;
- if (flags & S_DIRSYNC)
- ei->i_flags |= EXT2_DIRSYNC_FL;
-+
-+ if (vflags & V_BARRIER)
-+ ei->i_flags |= EXT2_BARRIER_FL;
-+ if (vflags & V_COW)
-+ ei->i_flags |= EXT2_COW_FL;
- }
-
- struct inode *ext2_iget (struct super_block *sb, unsigned long ino)
-@@ -1338,8 +1364,10 @@ struct inode *ext2_iget (struct super_bl
- i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
- i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
- }
-- i_uid_write(inode, i_uid);
-- i_gid_write(inode, i_gid);
-+ i_uid_write(inode, INOTAG_UID(DX_TAG(inode), i_uid, i_gid));
-+ i_gid_write(inode, INOTAG_GID(DX_TAG(inode), i_uid, i_gid));
-+ i_tag_write(inode, INOTAG_TAG(DX_TAG(inode), i_uid, i_gid,
-+ le16_to_cpu(raw_inode->i_raw_tag)));
- set_nlink(inode, le16_to_cpu(raw_inode->i_links_count));
- inode->i_size = le32_to_cpu(raw_inode->i_size);
- inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
-@@ -1437,8 +1465,10 @@ static int __ext2_write_inode(struct ino
- struct ext2_inode_info *ei = EXT2_I(inode);
- struct super_block *sb = inode->i_sb;
- ino_t ino = inode->i_ino;
-- uid_t uid = i_uid_read(inode);
-- gid_t gid = i_gid_read(inode);
-+ uid_t uid = from_kuid(&init_user_ns,
-+ TAGINO_KUID(DX_TAG(inode), inode->i_uid, inode->i_tag));
-+ gid_t gid = from_kgid(&init_user_ns,
-+ TAGINO_KGID(DX_TAG(inode), inode->i_gid, inode->i_tag));
- struct buffer_head * bh;
- struct ext2_inode * raw_inode = ext2_get_inode(sb, ino, &bh);
- int n;
-@@ -1474,6 +1504,9 @@ static int __ext2_write_inode(struct ino
- raw_inode->i_uid_high = 0;
- raw_inode->i_gid_high = 0;
- }
-+#ifdef CONFIG_TAGGING_INTERN
-+ raw_inode->i_raw_tag = cpu_to_le16(i_tag_read(inode));
-+#endif
- raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
- raw_inode->i_size = cpu_to_le32(inode->i_size);
- raw_inode->i_atime = cpu_to_le32(inode->i_atime.tv_sec);
-@@ -1554,7 +1587,8 @@ int ext2_setattr(struct dentry *dentry,
- if (is_quota_modification(inode, iattr))
- dquot_initialize(inode);
- if ((iattr->ia_valid & ATTR_UID && !uid_eq(iattr->ia_uid, inode->i_uid)) ||
-- (iattr->ia_valid & ATTR_GID && !gid_eq(iattr->ia_gid, inode->i_gid))) {
-+ (iattr->ia_valid & ATTR_GID && !gid_eq(iattr->ia_gid, inode->i_gid)) ||
-+ (iattr->ia_valid & ATTR_TAG && !tag_eq(iattr->ia_tag, inode->i_tag))) {
- error = dquot_transfer(inode, iattr);
- if (error)
- return error;
-diff -NurpP --minimal linux-3.18.5/fs/ext2/ioctl.c linux-3.18.5-vs2.3.7.3/fs/ext2/ioctl.c
---- linux-3.18.5/fs/ext2/ioctl.c 2013-05-31 13:45:23.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/ioctl.c 2015-01-19 10:57:47.000000000 +0000
-@@ -17,6 +17,16 @@
- #include <asm/uaccess.h>
-
-
-+int ext2_sync_flags(struct inode *inode, int flags, int vflags)
-+{
-+ inode->i_flags = flags;
-+ inode->i_vflags = vflags;
-+ ext2_get_inode_flags(EXT2_I(inode));
-+ inode->i_ctime = CURRENT_TIME_SEC;
-+ mark_inode_dirty(inode);
-+ return 0;
-+}
-+
- long ext2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
- {
- struct inode *inode = file_inode(filp);
-@@ -51,6 +61,11 @@ long ext2_ioctl(struct file *filp, unsig
-
- flags = ext2_mask_flags(inode->i_mode, flags);
-
-+ if (IS_BARRIER(inode)) {
-+ vxwprintk_task(1, "messing with the barrier.");
-+ return -EACCES;
-+ }
-+
- mutex_lock(&inode->i_mutex);
- /* Is it quota file? Do not allow user to mess with it */
- if (IS_NOQUOTA(inode)) {
-@@ -66,7 +81,9 @@ long ext2_ioctl(struct file *filp, unsig
- *
- * This test looks nicer. Thanks to Pauline Middelink
- */
-- if ((flags ^ oldflags) & (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL)) {
-+ if ((oldflags & EXT2_IMMUTABLE_FL) ||
-+ ((flags ^ oldflags) & (EXT2_APPEND_FL |
-+ EXT2_IMMUTABLE_FL | EXT2_IXUNLINK_FL))) {
- if (!capable(CAP_LINUX_IMMUTABLE)) {
- mutex_unlock(&inode->i_mutex);
- ret = -EPERM;
-@@ -74,7 +91,7 @@ long ext2_ioctl(struct file *filp, unsig
- }
- }
-
-- flags = flags & EXT2_FL_USER_MODIFIABLE;
-+ flags &= EXT2_FL_USER_MODIFIABLE;
- flags |= oldflags & ~EXT2_FL_USER_MODIFIABLE;
- ei->i_flags = flags;
-
-diff -NurpP --minimal linux-3.18.5/fs/ext2/namei.c linux-3.18.5-vs2.3.7.3/fs/ext2/namei.c
---- linux-3.18.5/fs/ext2/namei.c 2014-06-12 11:34:57.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/namei.c 2015-01-19 10:57:47.000000000 +0000
-@@ -32,6 +32,7 @@
-
- #include <linux/pagemap.h>
- #include <linux/quotaops.h>
-+#include <linux/vs_tag.h>
- #include "ext2.h"
- #include "xattr.h"
- #include "acl.h"
-@@ -73,6 +74,7 @@ static struct dentry *ext2_lookup(struct
- (unsigned long) ino);
- return ERR_PTR(-EIO);
- }
-+ dx_propagate_tag(nd, inode);
- }
- return d_splice_alias(inode, dentry);
- }
-@@ -433,6 +435,7 @@ const struct inode_operations ext2_speci
- .removexattr = generic_removexattr,
- #endif
- .setattr = ext2_setattr,
-+ .sync_flags = ext2_sync_flags,
- .get_acl = ext2_get_acl,
- .set_acl = ext2_set_acl,
- };
-diff -NurpP --minimal linux-3.18.5/fs/ext2/super.c linux-3.18.5-vs2.3.7.3/fs/ext2/super.c
---- linux-3.18.5/fs/ext2/super.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext2/super.c 2015-01-19 10:57:47.000000000 +0000
-@@ -395,7 +395,8 @@ enum {
- Opt_err_ro, Opt_nouid32, Opt_nocheck, Opt_debug,
- Opt_oldalloc, Opt_orlov, Opt_nobh, Opt_user_xattr, Opt_nouser_xattr,
- Opt_acl, Opt_noacl, Opt_xip, Opt_ignore, Opt_err, Opt_quota,
-- Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation
-+ Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation,
-+ Opt_tag, Opt_notag, Opt_tagid
- };
-
- static const match_table_t tokens = {
-@@ -423,6 +424,9 @@ static const match_table_t tokens = {
- {Opt_acl, "acl"},
- {Opt_noacl, "noacl"},
- {Opt_xip, "xip"},
-+ {Opt_tag, "tag"},
-+ {Opt_notag, "notag"},
-+ {Opt_tagid, "tagid=%u"},
- {Opt_grpquota, "grpquota"},
- {Opt_ignore, "noquota"},
- {Opt_quota, "quota"},
-@@ -506,6 +510,20 @@ static int parse_options(char *options,
- case Opt_nouid32:
- set_opt (sbi->s_mount_opt, NO_UID32);
- break;
-+#ifndef CONFIG_TAGGING_NONE
-+ case Opt_tag:
-+ set_opt (sbi->s_mount_opt, TAGGED);
-+ break;
-+ case Opt_notag:
-+ clear_opt (sbi->s_mount_opt, TAGGED);
-+ break;
-+#endif
-+#ifdef CONFIG_PROPAGATE
-+ case Opt_tagid:
-+ /* use args[0] */
-+ set_opt (sbi->s_mount_opt, TAGGED);
-+ break;
-+#endif
- case Opt_nocheck:
- clear_opt (sbi->s_mount_opt, CHECK);
- break;
-@@ -864,6 +882,8 @@ static int ext2_fill_super(struct super_
- if (!parse_options((char *) data, sb))
- goto failed_mount;
-
-+ if (EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_TAGGED)
-+ sb->s_flags |= MS_TAGGED;
- sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
- ((EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ?
- MS_POSIXACL : 0);
-@@ -1270,6 +1290,14 @@ static int ext2_remount (struct super_bl
- err = -EINVAL;
- goto restore_opts;
- }
-+
-+ if ((sbi->s_mount_opt & EXT2_MOUNT_TAGGED) &&
-+ !(sb->s_flags & MS_TAGGED)) {
-+ printk("EXT2-fs: %s: tagging not permitted on remount.\n",
-+ sb->s_id);
-+ err = -EINVAL;
-+ goto restore_opts;
-+ }
-
- sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
- ((sbi->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
-diff -NurpP --minimal linux-3.18.5/fs/ext3/ext3.h linux-3.18.5-vs2.3.7.3/fs/ext3/ext3.h
---- linux-3.18.5/fs/ext3/ext3.h 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext3/ext3.h 2015-01-19 10:57:47.000000000 +0000
-@@ -151,10 +151,14 @@ struct ext3_group_desc
- #define EXT3_NOTAIL_FL 0x00008000 /* file tail should not be merged */
- #define EXT3_DIRSYNC_FL 0x00010000 /* dirsync behaviour (directories only) */
- #define EXT3_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
-+#define EXT3_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
- #define EXT3_RESERVED_FL 0x80000000 /* reserved for ext3 lib */
-
--#define EXT3_FL_USER_VISIBLE 0x0003DFFF /* User visible flags */
--#define EXT3_FL_USER_MODIFIABLE 0x000380FF /* User modifiable flags */
-+#define EXT3_BARRIER_FL 0x04000000 /* Barrier for chroot() */
-+#define EXT3_COW_FL 0x20000000 /* Copy on Write marker */
-+
-+#define EXT3_FL_USER_VISIBLE 0x0103DFFF /* User visible flags */
-+#define EXT3_FL_USER_MODIFIABLE 0x010380FF /* User modifiable flags */
-
- /* Flags that should be inherited by new inodes from their parent. */
- #define EXT3_FL_INHERITED (EXT3_SECRM_FL | EXT3_UNRM_FL | EXT3_COMPR_FL |\
-@@ -292,7 +296,8 @@ struct ext3_inode {
- __u16 i_pad1;
- __le16 l_i_uid_high; /* these 2 fields */
- __le16 l_i_gid_high; /* were reserved2[0] */
-- __u32 l_i_reserved2;
-+ __le16 l_i_tag; /* Context Tag */
-+ __u16 l_i_reserved2;
- } linux2;
- struct {
- __u8 h_i_frag; /* Fragment number */
-@@ -322,6 +327,7 @@ struct ext3_inode {
- #define i_gid_low i_gid
- #define i_uid_high osd2.linux2.l_i_uid_high
- #define i_gid_high osd2.linux2.l_i_gid_high
-+#define i_raw_tag osd2.linux2.l_i_tag
- #define i_reserved2 osd2.linux2.l_i_reserved2
-
- /*
-@@ -366,6 +372,7 @@ struct ext3_inode {
- #define EXT3_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */
- #define EXT3_MOUNT_DATA_ERR_ABORT 0x400000 /* Abort on file data write
- * error in ordered mode */
-+#define EXT3_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
-
- /* Compatibility, for having both ext2_fs.h and ext3_fs.h included at once */
- #ifndef _LINUX_EXT2_FS_H
-@@ -1063,6 +1070,7 @@ extern void ext3_get_inode_flags(struct
- extern void ext3_set_aops(struct inode *inode);
- extern int ext3_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
- u64 start, u64 len);
-+extern int ext3_sync_flags(struct inode *, int, int);
-
- /* ioctl.c */
- extern long ext3_ioctl(struct file *, unsigned int, unsigned long);
-diff -NurpP --minimal linux-3.18.5/fs/ext3/file.c linux-3.18.5-vs2.3.7.3/fs/ext3/file.c
---- linux-3.18.5/fs/ext3/file.c 2014-09-03 13:19:39.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext3/file.c 2015-01-19 10:57:47.000000000 +0000
-@@ -77,5 +77,6 @@ const struct inode_operations ext3_file_
- .get_acl = ext3_get_acl,
- .set_acl = ext3_set_acl,
- .fiemap = ext3_fiemap,
-+ .sync_flags = ext3_sync_flags,
- };
-
-diff -NurpP --minimal linux-3.18.5/fs/ext3/ialloc.c linux-3.18.5-vs2.3.7.3/fs/ext3/ialloc.c
---- linux-3.18.5/fs/ext3/ialloc.c 2014-06-12 13:02:41.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext3/ialloc.c 2015-01-19 10:57:47.000000000 +0000
-@@ -14,6 +14,7 @@
-
- #include <linux/quotaops.h>
- #include <linux/random.h>
-+#include <linux/vs_tag.h>
-
- #include "ext3.h"
- #include "xattr.h"
-@@ -469,6 +470,7 @@ got:
- inode->i_mode = mode;
- inode->i_uid = current_fsuid();
- inode->i_gid = dir->i_gid;
-+ i_tag_write(inode, dx_current_fstag(sb));
- } else
- inode_init_owner(inode, dir, mode);
-
-diff -NurpP --minimal linux-3.18.5/fs/ext3/inode.c linux-3.18.5-vs2.3.7.3/fs/ext3/inode.c
---- linux-3.18.5/fs/ext3/inode.c 2014-09-03 13:19:39.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext3/inode.c 2015-01-19 10:57:47.000000000 +0000
-@@ -28,6 +28,8 @@
- #include <linux/mpage.h>
- #include <linux/namei.h>
- #include <linux/aio.h>
-+#include <linux/vs_tag.h>
-+
- #include "ext3.h"
- #include "xattr.h"
- #include "acl.h"
-@@ -2813,36 +2815,60 @@ void ext3_set_inode_flags(struct inode *
- {
- unsigned int flags = EXT3_I(inode)->i_flags;
-
-- inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
-+ inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
-+ S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
-+
-+ if (flags & EXT3_IMMUTABLE_FL)
-+ inode->i_flags |= S_IMMUTABLE;
-+ if (flags & EXT3_IXUNLINK_FL)
-+ inode->i_flags |= S_IXUNLINK;
-+
- if (flags & EXT3_SYNC_FL)
- inode->i_flags |= S_SYNC;
- if (flags & EXT3_APPEND_FL)
- inode->i_flags |= S_APPEND;
-- if (flags & EXT3_IMMUTABLE_FL)
-- inode->i_flags |= S_IMMUTABLE;
- if (flags & EXT3_NOATIME_FL)
- inode->i_flags |= S_NOATIME;
- if (flags & EXT3_DIRSYNC_FL)
- inode->i_flags |= S_DIRSYNC;
-+
-+ inode->i_vflags &= ~(V_BARRIER | V_COW);
-+
-+ if (flags & EXT3_BARRIER_FL)
-+ inode->i_vflags |= V_BARRIER;
-+ if (flags & EXT3_COW_FL)
-+ inode->i_vflags |= V_COW;
- }
-
- /* Propagate flags from i_flags to EXT3_I(inode)->i_flags */
- void ext3_get_inode_flags(struct ext3_inode_info *ei)
- {
- unsigned int flags = ei->vfs_inode.i_flags;
-+ unsigned int vflags = ei->vfs_inode.i_vflags;
-+
-+ ei->i_flags &= ~(EXT3_SYNC_FL | EXT3_APPEND_FL |
-+ EXT3_IMMUTABLE_FL | EXT3_IXUNLINK_FL |
-+ EXT3_NOATIME_FL | EXT3_DIRSYNC_FL |
-+ EXT3_BARRIER_FL | EXT3_COW_FL);
-+
-+ if (flags & S_IMMUTABLE)
-+ ei->i_flags |= EXT3_IMMUTABLE_FL;
-+ if (flags & S_IXUNLINK)
-+ ei->i_flags |= EXT3_IXUNLINK_FL;
-
-- ei->i_flags &= ~(EXT3_SYNC_FL|EXT3_APPEND_FL|
-- EXT3_IMMUTABLE_FL|EXT3_NOATIME_FL|EXT3_DIRSYNC_FL);
- if (flags & S_SYNC)
- ei->i_flags |= EXT3_SYNC_FL;
- if (flags & S_APPEND)
- ei->i_flags |= EXT3_APPEND_FL;
-- if (flags & S_IMMUTABLE)
-- ei->i_flags |= EXT3_IMMUTABLE_FL;
- if (flags & S_NOATIME)
- ei->i_flags |= EXT3_NOATIME_FL;
- if (flags & S_DIRSYNC)
- ei->i_flags |= EXT3_DIRSYNC_FL;
-+
-+ if (vflags & V_BARRIER)
-+ ei->i_flags |= EXT3_BARRIER_FL;
-+ if (vflags & V_COW)
-+ ei->i_flags |= EXT3_COW_FL;
- }
-
- struct inode *ext3_iget(struct super_block *sb, unsigned long ino)
-@@ -2880,8 +2906,10 @@ struct inode *ext3_iget(struct super_blo
- i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
- i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
- }
-- i_uid_write(inode, i_uid);
-- i_gid_write(inode, i_gid);
-+ i_uid_write(inode, INOTAG_UID(DX_TAG(inode), i_uid, i_gid));
-+ i_gid_write(inode, INOTAG_GID(DX_TAG(inode), i_uid, i_gid));
-+ i_tag_write(inode, INOTAG_TAG(DX_TAG(inode), i_uid, i_gid,
-+ le16_to_cpu(raw_inode->i_raw_tag)));
- set_nlink(inode, le16_to_cpu(raw_inode->i_links_count));
- inode->i_size = le32_to_cpu(raw_inode->i_size);
- inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
-@@ -3053,8 +3081,10 @@ again:
-
- ext3_get_inode_flags(ei);
- raw_inode->i_mode = cpu_to_le16(inode->i_mode);
-- i_uid = i_uid_read(inode);
-- i_gid = i_gid_read(inode);
-+ i_uid = from_kuid(&init_user_ns,
-+ TAGINO_KUID(DX_TAG(inode), inode->i_uid, inode->i_tag));
-+ i_gid = from_kgid(&init_user_ns,
-+ TAGINO_KGID(DX_TAG(inode), inode->i_gid, inode->i_tag));
- if(!(test_opt(inode->i_sb, NO_UID32))) {
- raw_inode->i_uid_low = cpu_to_le16(low_16_bits(i_uid));
- raw_inode->i_gid_low = cpu_to_le16(low_16_bits(i_gid));
-@@ -3079,6 +3109,9 @@ again:
- raw_inode->i_uid_high = 0;
- raw_inode->i_gid_high = 0;
- }
-+#ifdef CONFIG_TAGGING_INTERN
-+ raw_inode->i_raw_tag = cpu_to_le16(i_tag_read(inode));
-+#endif
- raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
- disksize = cpu_to_le32(ei->i_disksize);
- if (disksize != raw_inode->i_size) {
-@@ -3251,7 +3284,8 @@ int ext3_setattr(struct dentry *dentry,
- if (is_quota_modification(inode, attr))
- dquot_initialize(inode);
- if ((ia_valid & ATTR_UID && !uid_eq(attr->ia_uid, inode->i_uid)) ||
-- (ia_valid & ATTR_GID && !gid_eq(attr->ia_gid, inode->i_gid))) {
-+ (ia_valid & ATTR_GID && !gid_eq(attr->ia_gid, inode->i_gid)) ||
-+ (ia_valid & ATTR_TAG && !tag_eq(attr->ia_tag, inode->i_tag))) {
- handle_t *handle;
-
- /* (user+group)*(old+new) structure, inode write (sb,
-@@ -3273,6 +3307,8 @@ int ext3_setattr(struct dentry *dentry,
- inode->i_uid = attr->ia_uid;
- if (attr->ia_valid & ATTR_GID)
- inode->i_gid = attr->ia_gid;
-+ if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
-+ inode->i_tag = attr->ia_tag;
- error = ext3_mark_inode_dirty(handle, inode);
- ext3_journal_stop(handle);
- }
-diff -NurpP --minimal linux-3.18.5/fs/ext3/ioctl.c linux-3.18.5-vs2.3.7.3/fs/ext3/ioctl.c
---- linux-3.18.5/fs/ext3/ioctl.c 2013-05-31 13:45:23.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext3/ioctl.c 2015-01-19 10:57:47.000000000 +0000
-@@ -12,6 +12,34 @@
- #include <asm/uaccess.h>
- #include "ext3.h"
-
-+
-+int ext3_sync_flags(struct inode *inode, int flags, int vflags)
-+{
-+ handle_t *handle = NULL;
-+ struct ext3_iloc iloc;
-+ int err;
-+
-+ handle = ext3_journal_start(inode, 1);
-+ if (IS_ERR(handle))
-+ return PTR_ERR(handle);
-+
-+ if (IS_SYNC(inode))
-+ handle->h_sync = 1;
-+ err = ext3_reserve_inode_write(handle, inode, &iloc);
-+ if (err)
-+ goto flags_err;
-+
-+ inode->i_flags = flags;
-+ inode->i_vflags = vflags;
-+ ext3_get_inode_flags(EXT3_I(inode));
-+ inode->i_ctime = CURRENT_TIME_SEC;
-+
-+ err = ext3_mark_iloc_dirty(handle, inode, &iloc);
-+flags_err:
-+ ext3_journal_stop(handle);
-+ return err;
-+}
-+
- long ext3_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
- {
- struct inode *inode = file_inode(filp);
-@@ -45,6 +73,11 @@ long ext3_ioctl(struct file *filp, unsig
-
- flags = ext3_mask_flags(inode->i_mode, flags);
-
-+ if (IS_BARRIER(inode)) {
-+ vxwprintk_task(1, "messing with the barrier.");
-+ return -EACCES;
-+ }
-+
- mutex_lock(&inode->i_mutex);
-
- /* Is it quota file? Do not allow user to mess with it */
-@@ -63,7 +96,9 @@ long ext3_ioctl(struct file *filp, unsig
- *
- * This test looks nicer. Thanks to Pauline Middelink
- */
-- if ((flags ^ oldflags) & (EXT3_APPEND_FL | EXT3_IMMUTABLE_FL)) {
-+ if ((oldflags & EXT3_IMMUTABLE_FL) ||
-+ ((flags ^ oldflags) & (EXT3_APPEND_FL |
-+ EXT3_IMMUTABLE_FL | EXT3_IXUNLINK_FL))) {
- if (!capable(CAP_LINUX_IMMUTABLE))
- goto flags_out;
- }
-@@ -88,7 +123,7 @@ long ext3_ioctl(struct file *filp, unsig
- if (err)
- goto flags_err;
-
-- flags = flags & EXT3_FL_USER_MODIFIABLE;
-+ flags &= EXT3_FL_USER_MODIFIABLE;
- flags |= oldflags & ~EXT3_FL_USER_MODIFIABLE;
- ei->i_flags = flags;
-
-diff -NurpP --minimal linux-3.18.5/fs/ext3/namei.c linux-3.18.5-vs2.3.7.3/fs/ext3/namei.c
---- linux-3.18.5/fs/ext3/namei.c 2014-06-12 11:34:57.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext3/namei.c 2015-01-19 10:57:47.000000000 +0000
-@@ -25,6 +25,8 @@
- */
-
- #include <linux/quotaops.h>
-+#include <linux/vs_tag.h>
-+
- #include "ext3.h"
- #include "namei.h"
- #include "xattr.h"
-@@ -915,6 +917,7 @@ restart:
- submit_bh(READ | REQ_META | REQ_PRIO,
- bh);
- }
-+ dx_propagate_tag(nd, inode);
- }
- }
- if ((bh = bh_use[ra_ptr++]) == NULL)
-@@ -2568,6 +2571,7 @@ const struct inode_operations ext3_dir_i
- .listxattr = ext3_listxattr,
- .removexattr = generic_removexattr,
- #endif
-+ .sync_flags = ext3_sync_flags,
- .get_acl = ext3_get_acl,
- .set_acl = ext3_set_acl,
- };
-diff -NurpP --minimal linux-3.18.5/fs/ext3/super.c linux-3.18.5-vs2.3.7.3/fs/ext3/super.c
---- linux-3.18.5/fs/ext3/super.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext3/super.c 2015-01-19 10:57:47.000000000 +0000
-@@ -826,7 +826,8 @@ enum {
- Opt_usrjquota, Opt_grpjquota, Opt_offusrjquota, Opt_offgrpjquota,
- Opt_jqfmt_vfsold, Opt_jqfmt_vfsv0, Opt_jqfmt_vfsv1, Opt_quota,
- Opt_noquota, Opt_ignore, Opt_barrier, Opt_nobarrier, Opt_err,
-- Opt_resize, Opt_usrquota, Opt_grpquota
-+ Opt_resize, Opt_usrquota, Opt_grpquota,
-+ Opt_tag, Opt_notag, Opt_tagid
- };
-
- static const match_table_t tokens = {
-@@ -884,6 +885,9 @@ static const match_table_t tokens = {
- {Opt_barrier, "barrier"},
- {Opt_nobarrier, "nobarrier"},
- {Opt_resize, "resize"},
-+ {Opt_tag, "tag"},
-+ {Opt_notag, "notag"},
-+ {Opt_tagid, "tagid=%u"},
- {Opt_err, NULL},
- };
-
-@@ -1056,6 +1060,20 @@ static int parse_options (char *options,
- case Opt_nouid32:
- set_opt (sbi->s_mount_opt, NO_UID32);
- break;
-+#ifndef CONFIG_TAGGING_NONE
-+ case Opt_tag:
-+ set_opt (sbi->s_mount_opt, TAGGED);
-+ break;
-+ case Opt_notag:
-+ clear_opt (sbi->s_mount_opt, TAGGED);
-+ break;
-+#endif
-+#ifdef CONFIG_PROPAGATE
-+ case Opt_tagid:
-+ /* use args[0] */
-+ set_opt (sbi->s_mount_opt, TAGGED);
-+ break;
-+#endif
- case Opt_nocheck:
- clear_opt (sbi->s_mount_opt, CHECK);
- break;
-@@ -1781,6 +1799,9 @@ static int ext3_fill_super (struct super
- NULL, 0))
- goto failed_mount;
-
-+ if (EXT3_SB(sb)->s_mount_opt & EXT3_MOUNT_TAGGED)
-+ sb->s_flags |= MS_TAGGED;
-+
- sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
- (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
-
-@@ -2678,6 +2699,14 @@ static int ext3_remount (struct super_bl
- if (test_opt(sb, ABORT))
- ext3_abort(sb, __func__, "Abort forced by user");
-
-+ if ((sbi->s_mount_opt & EXT3_MOUNT_TAGGED) &&
-+ !(sb->s_flags & MS_TAGGED)) {
-+ printk("EXT3-fs: %s: tagging not permitted on remount.\n",
-+ sb->s_id);
-+ err = -EINVAL;
-+ goto restore_opts;
-+ }
-+
- sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
- (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
-
-diff -NurpP --minimal linux-3.18.5/fs/ext4/ext4.h linux-3.18.5-vs2.3.7.3/fs/ext4/ext4.h
---- linux-3.18.5/fs/ext4/ext4.h 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext4/ext4.h 2015-01-19 10:57:47.000000000 +0000
-@@ -385,7 +385,10 @@ struct flex_groups {
- #define EXT4_EXTENTS_FL 0x00080000 /* Inode uses extents */
- #define EXT4_EA_INODE_FL 0x00200000 /* Inode used for large EA */
- #define EXT4_EOFBLOCKS_FL 0x00400000 /* Blocks allocated beyond EOF */
-+#define EXT4_BARRIER_FL 0x04000000 /* Barrier for chroot() */
-+#define EXT4_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
- #define EXT4_INLINE_DATA_FL 0x10000000 /* Inode has inline data. */
-+#define EXT4_COW_FL 0x20000000 /* Copy on Write marker */
- #define EXT4_RESERVED_FL 0x80000000 /* reserved for ext4 lib */
-
- #define EXT4_FL_USER_VISIBLE 0x004BDFFF /* User visible flags */
-@@ -671,7 +674,7 @@ struct ext4_inode {
- __le16 l_i_uid_high; /* these 2 fields */
- __le16 l_i_gid_high; /* were reserved2[0] */
- __le16 l_i_checksum_lo;/* crc32c(uuid+inum+inode) LE */
-- __le16 l_i_reserved;
-+ __le16 l_i_tag; /* Context Tag */
- } linux2;
- struct {
- __le16 h_i_reserved1; /* Obsoleted fragment number/size which are removed in ext4 */
-@@ -791,6 +794,7 @@ do { \
- #define i_gid_low i_gid
- #define i_uid_high osd2.linux2.l_i_uid_high
- #define i_gid_high osd2.linux2.l_i_gid_high
-+#define i_raw_tag osd2.linux2.l_i_tag
- #define i_checksum_lo osd2.linux2.l_i_checksum_lo
-
- #elif defined(__GNU__)
-@@ -980,6 +984,7 @@ struct ext4_inode_info {
- #define EXT4_MOUNT_POSIX_ACL 0x08000 /* POSIX Access Control Lists */
- #define EXT4_MOUNT_NO_AUTO_DA_ALLOC 0x10000 /* No auto delalloc mapping */
- #define EXT4_MOUNT_BARRIER 0x20000 /* Use block barriers */
-+#define EXT4_MOUNT_TAGGED 0x40000 /* Enable Context Tags */
- #define EXT4_MOUNT_QUOTA 0x80000 /* Some quota option set */
- #define EXT4_MOUNT_USRQUOTA 0x100000 /* "old" user quota */
- #define EXT4_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */
-@@ -2644,6 +2649,7 @@ extern struct buffer_head *ext4_get_firs
- extern int ext4_inline_data_fiemap(struct inode *inode,
- struct fiemap_extent_info *fieinfo,
- int *has_inline);
-+extern int ext4_sync_flags(struct inode *, int, int);
- extern int ext4_try_to_evict_inline_data(handle_t *handle,
- struct inode *inode,
- int needed);
-diff -NurpP --minimal linux-3.18.5/fs/ext4/file.c linux-3.18.5-vs2.3.7.3/fs/ext4/file.c
---- linux-3.18.5/fs/ext4/file.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext4/file.c 2015-01-19 10:57:47.000000000 +0000
-@@ -610,5 +610,6 @@ const struct inode_operations ext4_file_
- .get_acl = ext4_get_acl,
- .set_acl = ext4_set_acl,
- .fiemap = ext4_fiemap,
-+ .sync_flags = ext4_sync_flags,
- };
-
-diff -NurpP --minimal linux-3.18.5/fs/ext4/ialloc.c linux-3.18.5-vs2.3.7.3/fs/ext4/ialloc.c
---- linux-3.18.5/fs/ext4/ialloc.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext4/ialloc.c 2015-01-19 10:57:47.000000000 +0000
-@@ -22,6 +22,7 @@
- #include <linux/random.h>
- #include <linux/bitops.h>
- #include <linux/blkdev.h>
-+#include <linux/vs_tag.h>
- #include <asm/byteorder.h>
-
- #include "ext4.h"
-@@ -754,6 +755,7 @@ struct inode *__ext4_new_inode(handle_t
- inode->i_mode = mode;
- inode->i_uid = current_fsuid();
- inode->i_gid = dir->i_gid;
-+ i_tag_write(inode, dx_current_fstag(sb));
- } else
- inode_init_owner(inode, dir, mode);
- dquot_initialize(inode);
-diff -NurpP --minimal linux-3.18.5/fs/ext4/inode.c linux-3.18.5-vs2.3.7.3/fs/ext4/inode.c
---- linux-3.18.5/fs/ext4/inode.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext4/inode.c 2015-01-19 12:50:18.000000000 +0000
-@@ -39,6 +39,7 @@
- #include <linux/ratelimit.h>
- #include <linux/aio.h>
- #include <linux/bitops.h>
-+#include <linux/vs_tag.h>
-
- #include "ext4_jbd2.h"
- #include "xattr.h"
-@@ -3811,42 +3812,66 @@ void ext4_set_inode_flags(struct inode *
- unsigned int flags = EXT4_I(inode)->i_flags;
- unsigned int new_fl = 0;
-
-+ if (flags & EXT4_IMMUTABLE_FL)
-+ new_fl |= S_IMMUTABLE;
-+ if (flags & EXT4_IXUNLINK_FL)
-+ new_fl |= S_IXUNLINK;
-+
- if (flags & EXT4_SYNC_FL)
- new_fl |= S_SYNC;
- if (flags & EXT4_APPEND_FL)
- new_fl |= S_APPEND;
-- if (flags & EXT4_IMMUTABLE_FL)
-- new_fl |= S_IMMUTABLE;
- if (flags & EXT4_NOATIME_FL)
- new_fl |= S_NOATIME;
- if (flags & EXT4_DIRSYNC_FL)
- new_fl |= S_DIRSYNC;
- inode_set_flags(inode, new_fl,
-- S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
-+ S_IXUNLINK | S_IMMUTABLE |
-+ S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
-+
-+ new_fl = 0;
-+ if (flags & EXT4_BARRIER_FL)
-+ new_fl |= V_BARRIER;
-+ if (flags & EXT4_COW_FL)
-+ new_fl |= V_COW;
-+
-+ set_mask_bits(&inode->i_vflags,
-+ V_BARRIER | V_COW, new_fl);
- }
-
- /* Propagate flags from i_flags to EXT4_I(inode)->i_flags */
- void ext4_get_inode_flags(struct ext4_inode_info *ei)
- {
-- unsigned int vfs_fl;
-+ unsigned int vfs_fl, vfs_vf;
- unsigned long old_fl, new_fl;
-
- do {
- vfs_fl = ei->vfs_inode.i_flags;
-+ vfs_vf = ei->vfs_inode.i_vflags;
- old_fl = ei->i_flags;
- new_fl = old_fl & ~(EXT4_SYNC_FL|EXT4_APPEND_FL|
- EXT4_IMMUTABLE_FL|EXT4_NOATIME_FL|
-- EXT4_DIRSYNC_FL);
-+ EXT4_DIRSYNC_FL|EXT4_BARRIER_FL|
-+ EXT4_COW_FL);
-+
-+ if (vfs_fl & S_IMMUTABLE)
-+ new_fl |= EXT4_IMMUTABLE_FL;
-+ if (vfs_fl & S_IXUNLINK)
-+ new_fl |= EXT4_IXUNLINK_FL;
-+
- if (vfs_fl & S_SYNC)
- new_fl |= EXT4_SYNC_FL;
- if (vfs_fl & S_APPEND)
- new_fl |= EXT4_APPEND_FL;
-- if (vfs_fl & S_IMMUTABLE)
-- new_fl |= EXT4_IMMUTABLE_FL;
- if (vfs_fl & S_NOATIME)
- new_fl |= EXT4_NOATIME_FL;
- if (vfs_fl & S_DIRSYNC)
- new_fl |= EXT4_DIRSYNC_FL;
-+
-+ if (vfs_vf & V_BARRIER)
-+ new_fl |= EXT4_BARRIER_FL;
-+ if (vfs_vf & V_COW)
-+ new_fl |= EXT4_COW_FL;
- } while (cmpxchg(&ei->i_flags, old_fl, new_fl) != old_fl);
- }
-
-@@ -3950,8 +3975,10 @@ struct inode *ext4_iget(struct super_blo
- i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
- i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
- }
-- i_uid_write(inode, i_uid);
-- i_gid_write(inode, i_gid);
-+ i_uid_write(inode, INOTAG_UID(DX_TAG(inode), i_uid, i_gid));
-+ i_gid_write(inode, INOTAG_GID(DX_TAG(inode), i_uid, i_gid));
-+ i_tag_write(inode, INOTAG_TAG(DX_TAG(inode), i_uid, i_gid,
-+ le16_to_cpu(raw_inode->i_raw_tag)));
- set_nlink(inode, le16_to_cpu(raw_inode->i_links_count));
-
- ext4_clear_state_flags(ei); /* Only relevant on 32-bit archs */
-@@ -4191,8 +4218,10 @@ static int ext4_do_update_inode(handle_t
-
- ext4_get_inode_flags(ei);
- raw_inode->i_mode = cpu_to_le16(inode->i_mode);
-- i_uid = i_uid_read(inode);
-- i_gid = i_gid_read(inode);
-+ i_uid = from_kuid(&init_user_ns,
-+ TAGINO_KUID(DX_TAG(inode), inode->i_uid, inode->i_tag));
-+ i_gid = from_kgid(&init_user_ns,
-+ TAGINO_KGID(DX_TAG(inode), inode->i_gid, inode->i_tag));
- if (!(test_opt(inode->i_sb, NO_UID32))) {
- raw_inode->i_uid_low = cpu_to_le16(low_16_bits(i_uid));
- raw_inode->i_gid_low = cpu_to_le16(low_16_bits(i_gid));
-@@ -4215,6 +4244,9 @@ static int ext4_do_update_inode(handle_t
- raw_inode->i_uid_high = 0;
- raw_inode->i_gid_high = 0;
- }
-+#ifdef CONFIG_TAGGING_INTERN
-+ raw_inode->i_raw_tag = cpu_to_le16(i_tag_read(inode));
-+#endif
- raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
-
- EXT4_INODE_SET_XTIME(i_ctime, inode, raw_inode);
-@@ -4458,7 +4490,8 @@ int ext4_setattr(struct dentry *dentry,
- if (is_quota_modification(inode, attr))
- dquot_initialize(inode);
- if ((ia_valid & ATTR_UID && !uid_eq(attr->ia_uid, inode->i_uid)) ||
-- (ia_valid & ATTR_GID && !gid_eq(attr->ia_gid, inode->i_gid))) {
-+ (ia_valid & ATTR_GID && !gid_eq(attr->ia_gid, inode->i_gid)) ||
-+ (ia_valid & ATTR_TAG && !tag_eq(attr->ia_tag, inode->i_tag))) {
- handle_t *handle;
-
- /* (user+group)*(old+new) structure, inode write (sb,
-@@ -4481,6 +4514,8 @@ int ext4_setattr(struct dentry *dentry,
- inode->i_uid = attr->ia_uid;
- if (attr->ia_valid & ATTR_GID)
- inode->i_gid = attr->ia_gid;
-+ if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
-+ inode->i_tag = attr->ia_tag;
- error = ext4_mark_inode_dirty(handle, inode);
- ext4_journal_stop(handle);
- }
-diff -NurpP --minimal linux-3.18.5/fs/ext4/ioctl.c linux-3.18.5-vs2.3.7.3/fs/ext4/ioctl.c
---- linux-3.18.5/fs/ext4/ioctl.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext4/ioctl.c 2015-01-19 10:57:47.000000000 +0000
-@@ -14,6 +14,7 @@
- #include <linux/compat.h>
- #include <linux/mount.h>
- #include <linux/file.h>
-+#include <linux/vs_tag.h>
- #include <asm/uaccess.h>
- #include "ext4_jbd2.h"
- #include "ext4.h"
-@@ -198,6 +199,33 @@ journal_err_out:
- return err;
- }
-
-+int ext4_sync_flags(struct inode *inode, int flags, int vflags)
-+{
-+ handle_t *handle = NULL;
-+ struct ext4_iloc iloc;
-+ int err;
-+
-+ handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
-+ if (IS_ERR(handle))
-+ return PTR_ERR(handle);
-+
-+ if (IS_SYNC(inode))
-+ ext4_handle_sync(handle);
-+ err = ext4_reserve_inode_write(handle, inode, &iloc);
-+ if (err)
-+ goto flags_err;
-+
-+ inode->i_flags = flags;
-+ inode->i_vflags = vflags;
-+ ext4_get_inode_flags(EXT4_I(inode));
-+ inode->i_ctime = ext4_current_time(inode);
-+
-+ err = ext4_mark_iloc_dirty(handle, inode, &iloc);
-+flags_err:
-+ ext4_journal_stop(handle);
-+ return err;
-+}
-+
- long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
- {
- struct inode *inode = file_inode(filp);
-@@ -231,6 +259,11 @@ long ext4_ioctl(struct file *filp, unsig
-
- flags = ext4_mask_flags(inode->i_mode, flags);
-
-+ if (IS_BARRIER(inode)) {
-+ vxwprintk_task(1, "messing with the barrier.");
-+ return -EACCES;
-+ }
-+
- err = -EPERM;
- mutex_lock(&inode->i_mutex);
- /* Is it quota file? Do not allow user to mess with it */
-@@ -248,7 +281,9 @@ long ext4_ioctl(struct file *filp, unsig
- *
- * This test looks nicer. Thanks to Pauline Middelink
- */
-- if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) {
-+ if ((oldflags & EXT4_IMMUTABLE_FL) ||
-+ ((flags ^ oldflags) & (EXT4_APPEND_FL |
-+ EXT4_IMMUTABLE_FL | EXT4_IXUNLINK_FL))) {
- if (!capable(CAP_LINUX_IMMUTABLE))
- goto flags_out;
- }
-diff -NurpP --minimal linux-3.18.5/fs/ext4/namei.c linux-3.18.5-vs2.3.7.3/fs/ext4/namei.c
---- linux-3.18.5/fs/ext4/namei.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext4/namei.c 2015-01-19 10:57:47.000000000 +0000
-@@ -34,6 +34,7 @@
- #include <linux/quotaops.h>
- #include <linux/buffer_head.h>
- #include <linux/bio.h>
-+#include <linux/vs_tag.h>
- #include "ext4.h"
- #include "ext4_jbd2.h"
-
-@@ -1279,6 +1280,7 @@ restart:
- ll_rw_block(READ | REQ_META | REQ_PRIO,
- 1, &bh);
- }
-+ dx_propagate_tag(nd, inode);
- }
- if ((bh = bh_use[ra_ptr++]) == NULL)
- goto next;
-@@ -3539,6 +3541,7 @@ const struct inode_operations ext4_dir_i
- .get_acl = ext4_get_acl,
- .set_acl = ext4_set_acl,
- .fiemap = ext4_fiemap,
-+ .sync_flags = ext4_sync_flags,
- };
-
- const struct inode_operations ext4_special_inode_operations = {
-diff -NurpP --minimal linux-3.18.5/fs/ext4/super.c linux-3.18.5-vs2.3.7.3/fs/ext4/super.c
---- linux-3.18.5/fs/ext4/super.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ext4/super.c 2015-01-19 10:57:47.000000000 +0000
-@@ -1146,7 +1146,7 @@ enum {
- Opt_inode_readahead_blks, Opt_journal_ioprio,
- Opt_dioread_nolock, Opt_dioread_lock,
- Opt_discard, Opt_nodiscard, Opt_init_itable, Opt_noinit_itable,
-- Opt_max_dir_size_kb,
-+ Opt_max_dir_size_kb, Opt_tag, Opt_notag, Opt_tagid
- };
-
- static const match_table_t tokens = {
-@@ -1227,6 +1227,9 @@ static const match_table_t tokens = {
- {Opt_removed, "reservation"}, /* mount option from ext2/3 */
- {Opt_removed, "noreservation"}, /* mount option from ext2/3 */
- {Opt_removed, "journal=%u"}, /* mount option from ext2/3 */
-+ {Opt_tag, "tag"},
-+ {Opt_notag, "notag"},
-+ {Opt_tagid, "tagid=%u"},
- {Opt_err, NULL},
- };
-
-@@ -1459,6 +1462,20 @@ static int handle_mount_opt(struct super
- case Opt_i_version:
- sb->s_flags |= MS_I_VERSION;
- return 1;
-+#ifndef CONFIG_TAGGING_NONE
-+ case Opt_tag:
-+ set_opt(sb, TAGGED);
-+ return 1;
-+ case Opt_notag:
-+ clear_opt(sb, TAGGED);
-+ return 1;
-+#endif
-+#ifdef CONFIG_PROPAGATE
-+ case Opt_tagid:
-+ /* use args[0] */
-+ set_opt(sb, TAGGED);
-+ return 1;
-+#endif
- }
-
- for (m = ext4_mount_opts; m->token != Opt_err; m++)
-@@ -3600,6 +3617,9 @@ static int ext4_fill_super(struct super_
- clear_opt(sb, DELALLOC);
- }
-
-+ if (EXT4_SB(sb)->s_mount_opt & EXT4_MOUNT_TAGGED)
-+ sb->s_flags |= MS_TAGGED;
-+
- sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
- (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
-
-@@ -4872,6 +4892,14 @@ static int ext4_remount(struct super_blo
- if (sbi->s_mount_flags & EXT4_MF_FS_ABORTED)
- ext4_abort(sb, "Abort forced by user");
-
-+ if ((sbi->s_mount_opt & EXT4_MOUNT_TAGGED) &&
-+ !(sb->s_flags & MS_TAGGED)) {
-+ printk("EXT4-fs: %s: tagging not permitted on remount.\n",
-+ sb->s_id);
-+ err = -EINVAL;
-+ goto restore_opts;
-+ }
-+
- sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
- (test_opt(sb, POSIX_ACL) ? MS_POSIXACL : 0);
-
-diff -NurpP --minimal linux-3.18.5/fs/fcntl.c linux-3.18.5-vs2.3.7.3/fs/fcntl.c
---- linux-3.18.5/fs/fcntl.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/fcntl.c 2015-01-19 11:48:08.000000000 +0000
-@@ -22,6 +22,7 @@
- #include <linux/pid_namespace.h>
- #include <linux/user_namespace.h>
- #include <linux/shmem_fs.h>
-+#include <linux/vs_limit.h>
-
- #include <asm/poll.h>
- #include <asm/siginfo.h>
-@@ -385,6 +386,8 @@ SYSCALL_DEFINE3(fcntl64, unsigned int, f
-
- if (!f.file)
- goto out;
-+ if (!vx_files_avail(1))
-+ goto out;
-
- if (unlikely(f.file->f_mode & FMODE_PATH)) {
- if (!check_fcntl_cmd(cmd))
-diff -NurpP --minimal linux-3.18.5/fs/file.c linux-3.18.5-vs2.3.7.3/fs/file.c
---- linux-3.18.5/fs/file.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/file.c 2015-01-19 10:57:47.000000000 +0000
-@@ -22,6 +22,7 @@
- #include <linux/spinlock.h>
- #include <linux/rcupdate.h>
- #include <linux/workqueue.h>
-+#include <linux/vs_limit.h>
-
- int sysctl_nr_open __read_mostly = 1024*1024;
- int sysctl_nr_open_min = BITS_PER_LONG;
-@@ -309,6 +310,8 @@ struct files_struct *dup_fd(struct files
- struct file *f = *old_fds++;
- if (f) {
- get_file(f);
-+ /* TODO: sum it first for check and performance */
-+ vx_openfd_inc(open_files - i);
- } else {
- /*
- * The fd may be claimed in the fd bitmap but not yet
-@@ -369,9 +372,11 @@ static struct fdtable *close_files(struc
- filp_close(file, files);
- cond_resched_rcu_qs();
- }
-+ vx_openfd_dec(i);
- }
- i++;
- set >>= 1;
-+ cond_resched();
- }
- }
-
-@@ -487,6 +492,7 @@ repeat:
- else
- __clear_close_on_exec(fd, fdt);
- error = fd;
-+ vx_openfd_inc(fd);
- #if 1
- /* Sanity check */
- if (rcu_access_pointer(fdt->fd[fd]) != NULL) {
-@@ -517,6 +523,7 @@ static void __put_unused_fd(struct files
- __clear_open_fd(fd, fdt);
- if (fd < files->next_fd)
- files->next_fd = fd;
-+ vx_openfd_dec(fd);
- }
-
- void put_unused_fd(unsigned int fd)
-@@ -784,6 +791,8 @@ __releases(&files->file_lock)
-
- if (tofree)
- filp_close(tofree, files);
-+ else
-+ vx_openfd_inc(fd); /* fd was unused */
-
- return fd;
-
-diff -NurpP --minimal linux-3.18.5/fs/file_table.c linux-3.18.5-vs2.3.7.3/fs/file_table.c
---- linux-3.18.5/fs/file_table.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/file_table.c 2015-01-19 12:36:42.000000000 +0000
-@@ -26,6 +26,8 @@
- #include <linux/hardirq.h>
- #include <linux/task_work.h>
- #include <linux/ima.h>
-+#include <linux/vs_limit.h>
-+#include <linux/vs_context.h>
-
- #include <linux/atomic.h>
-
-@@ -137,6 +139,8 @@ struct file *get_empty_filp(void)
- mutex_init(&f->f_pos_lock);
- eventpoll_init_file(f);
- /* f->f_version: 0 */
-+ f->f_xid = vx_current_xid();
-+ vx_files_inc(f);
- return f;
-
- over:
-@@ -219,6 +223,8 @@ static void __fput(struct file *file)
- put_write_access(inode);
- __mnt_drop_write(mnt);
- }
-+ vx_files_dec(file);
-+ file->f_xid = 0;
- file->f_path.dentry = NULL;
- file->f_path.mnt = NULL;
- file->f_inode = NULL;
-@@ -305,6 +311,8 @@ void put_filp(struct file *file)
- {
- if (atomic_long_dec_and_test(&file->f_count)) {
- security_file_free(file);
-+ vx_files_dec(file);
-+ file->f_xid = 0;
- file_free(file);
- }
- }
-diff -NurpP --minimal linux-3.18.5/fs/fs_struct.c linux-3.18.5-vs2.3.7.3/fs/fs_struct.c
---- linux-3.18.5/fs/fs_struct.c 2014-01-22 20:39:06.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/fs_struct.c 2015-01-19 10:57:47.000000000 +0000
-@@ -4,6 +4,7 @@
- #include <linux/path.h>
- #include <linux/slab.h>
- #include <linux/fs_struct.h>
-+#include <linux/vserver/global.h>
- #include "internal.h"
-
- /*
-@@ -87,6 +88,7 @@ void free_fs_struct(struct fs_struct *fs
- {
- path_put(&fs->root);
- path_put(&fs->pwd);
-+ atomic_dec(&vs_global_fs);
- kmem_cache_free(fs_cachep, fs);
- }
-
-@@ -124,6 +126,7 @@ struct fs_struct *copy_fs_struct(struct
- fs->pwd = old->pwd;
- path_get(&fs->pwd);
- spin_unlock(&old->lock);
-+ atomic_inc(&vs_global_fs);
- }
- return fs;
- }
-diff -NurpP --minimal linux-3.18.5/fs/gfs2/file.c linux-3.18.5-vs2.3.7.3/fs/gfs2/file.c
---- linux-3.18.5/fs/gfs2/file.c 2015-01-17 02:40:17.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/gfs2/file.c 2015-01-19 10:57:47.000000000 +0000
-@@ -138,6 +138,9 @@ static const u32 fsflags_to_gfs2[32] = {
- [12] = GFS2_DIF_EXHASH,
- [14] = GFS2_DIF_INHERIT_JDATA,
- [17] = GFS2_DIF_TOPDIR,
-+ [27] = GFS2_DIF_IXUNLINK,
-+ [26] = GFS2_DIF_BARRIER,
-+ [29] = GFS2_DIF_COW,
- };
-
- static const u32 gfs2_to_fsflags[32] = {
-@@ -148,6 +151,9 @@ static const u32 gfs2_to_fsflags[32] = {
- [gfs2fl_ExHash] = FS_INDEX_FL,
- [gfs2fl_TopLevel] = FS_TOPDIR_FL,
- [gfs2fl_InheritJdata] = FS_JOURNAL_DATA_FL,
-+ [gfs2fl_IXUnlink] = FS_IXUNLINK_FL,
-+ [gfs2fl_Barrier] = FS_BARRIER_FL,
-+ [gfs2fl_Cow] = FS_COW_FL,
- };
-
- static int gfs2_get_flags(struct file *filp, u32 __user *ptr)
-@@ -178,12 +184,18 @@ void gfs2_set_inode_flags(struct inode *
- {
- struct gfs2_inode *ip = GFS2_I(inode);
- unsigned int flags = inode->i_flags;
-+ unsigned int vflags = inode->i_vflags;
-+
-+ flags &= ~(S_IMMUTABLE | S_IXUNLINK |
-+ S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC | S_NOSEC);
-
-- flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC|S_NOSEC);
- if ((ip->i_eattr == 0) && !is_sxid(inode->i_mode))
- inode->i_flags |= S_NOSEC;
- if (ip->i_diskflags & GFS2_DIF_IMMUTABLE)
- flags |= S_IMMUTABLE;
-+ if (ip->i_diskflags & GFS2_DIF_IXUNLINK)
-+ flags |= S_IXUNLINK;
-+
- if (ip->i_diskflags & GFS2_DIF_APPENDONLY)
- flags |= S_APPEND;
- if (ip->i_diskflags & GFS2_DIF_NOATIME)
-@@ -191,6 +203,43 @@ void gfs2_set_inode_flags(struct inode *
- if (ip->i_diskflags & GFS2_DIF_SYNC)
- flags |= S_SYNC;
- inode->i_flags = flags;
-+
-+ vflags &= ~(V_BARRIER | V_COW);
-+
-+ if (ip->i_diskflags & GFS2_DIF_BARRIER)
-+ vflags |= V_BARRIER;
-+ if (ip->i_diskflags & GFS2_DIF_COW)
-+ vflags |= V_COW;
-+ inode->i_vflags = vflags;
-+}
-+
-+void gfs2_get_inode_flags(struct inode *inode)
-+{
-+ struct gfs2_inode *ip = GFS2_I(inode);
-+ unsigned int flags = inode->i_flags;
-+ unsigned int vflags = inode->i_vflags;
-+
-+ ip->i_diskflags &= ~(GFS2_DIF_APPENDONLY |
-+ GFS2_DIF_NOATIME | GFS2_DIF_SYNC |
-+ GFS2_DIF_IMMUTABLE | GFS2_DIF_IXUNLINK |
-+ GFS2_DIF_BARRIER | GFS2_DIF_COW);
-+
-+ if (flags & S_IMMUTABLE)
-+ ip->i_diskflags |= GFS2_DIF_IMMUTABLE;
-+ if (flags & S_IXUNLINK)
-+ ip->i_diskflags |= GFS2_DIF_IXUNLINK;
-+
-+ if (flags & S_APPEND)
-+ ip->i_diskflags |= GFS2_DIF_APPENDONLY;
-+ if (flags & S_NOATIME)
-+ ip->i_diskflags |= GFS2_DIF_NOATIME;
-+ if (flags & S_SYNC)
-+ ip->i_diskflags |= GFS2_DIF_SYNC;
-+
-+ if (vflags & V_BARRIER)
-+ ip->i_diskflags |= GFS2_DIF_BARRIER;
-+ if (vflags & V_COW)
-+ ip->i_diskflags |= GFS2_DIF_COW;
- }
-
- /* Flags that can be set by user space */
-@@ -304,6 +353,37 @@ static int gfs2_set_flags(struct file *f
- return do_gfs2_set_flags(filp, gfsflags, ~GFS2_DIF_JDATA);
- }
-
-+int gfs2_sync_flags(struct inode *inode, int flags, int vflags)
-+{
-+ struct gfs2_inode *ip = GFS2_I(inode);
-+ struct gfs2_sbd *sdp = GFS2_SB(inode);
-+ struct buffer_head *bh;
-+ struct gfs2_holder gh;
-+ int error;
-+
-+ error = gfs2_glock_nq_init(ip->i_gl, LM_ST_EXCLUSIVE, 0, &gh);
-+ if (error)
-+ return error;
-+ error = gfs2_trans_begin(sdp, RES_DINODE, 0);
-+ if (error)
-+ goto out;
-+ error = gfs2_meta_inode_buffer(ip, &bh);
-+ if (error)
-+ goto out_trans_end;
-+ gfs2_trans_add_meta(ip->i_gl, bh);
-+ inode->i_flags = flags;
-+ inode->i_vflags = vflags;
-+ gfs2_get_inode_flags(inode);
-+ gfs2_dinode_out(ip, bh->b_data);
-+ brelse(bh);
-+ gfs2_set_aops(inode);
-+out_trans_end:
-+ gfs2_trans_end(sdp);
-+out:
-+ gfs2_glock_dq_uninit(&gh);
-+ return error;
-+}
-+
- static long gfs2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
- {
- switch(cmd) {
-diff -NurpP --minimal linux-3.18.5/fs/gfs2/inode.h linux-3.18.5-vs2.3.7.3/fs/gfs2/inode.h
---- linux-3.18.5/fs/gfs2/inode.h 2013-11-25 15:45:01.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/gfs2/inode.h 2015-01-19 10:57:47.000000000 +0000
-@@ -118,6 +118,7 @@ extern const struct file_operations gfs2
- extern const struct file_operations gfs2_dir_fops_nolock;
-
- extern void gfs2_set_inode_flags(struct inode *inode);
-+extern int gfs2_sync_flags(struct inode *inode, int flags, int vflags);
-
- #ifdef CONFIG_GFS2_FS_LOCKING_DLM
- extern const struct file_operations gfs2_file_fops;
-diff -NurpP --minimal linux-3.18.5/fs/hostfs/hostfs.h linux-3.18.5-vs2.3.7.3/fs/hostfs/hostfs.h
---- linux-3.18.5/fs/hostfs/hostfs.h 2015-01-16 22:19:18.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/hostfs/hostfs.h 2015-01-19 10:57:47.000000000 +0000
-@@ -42,6 +42,7 @@ struct hostfs_iattr {
- unsigned short ia_mode;
- uid_t ia_uid;
- gid_t ia_gid;
-+ vtag_t ia_tag;
- loff_t ia_size;
- struct timespec ia_atime;
- struct timespec ia_mtime;
-diff -NurpP --minimal linux-3.18.5/fs/inode.c linux-3.18.5-vs2.3.7.3/fs/inode.c
---- linux-3.18.5/fs/inode.c 2015-01-16 22:19:18.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/inode.c 2015-01-19 10:57:47.000000000 +0000
-@@ -18,6 +18,7 @@
- #include <linux/buffer_head.h> /* for inode_has_buffers */
- #include <linux/ratelimit.h>
- #include <linux/list_lru.h>
-+#include <linux/vs_tag.h>
- #include "internal.h"
-
- /*
-@@ -129,6 +130,8 @@ int inode_init_always(struct super_block
- struct address_space *const mapping = &inode->i_data;
-
- inode->i_sb = sb;
-+
-+ /* essential because of inode slab reuse */
- inode->i_blkbits = sb->s_blocksize_bits;
- inode->i_flags = 0;
- atomic_set(&inode->i_count, 1);
-@@ -138,6 +141,7 @@ int inode_init_always(struct super_block
- inode->i_opflags = 0;
- i_uid_write(inode, 0);
- i_gid_write(inode, 0);
-+ i_tag_write(inode, 0);
- atomic_set(&inode->i_writecount, 0);
- inode->i_size = 0;
- inode->i_blocks = 0;
-@@ -150,6 +154,7 @@ int inode_init_always(struct super_block
- inode->i_bdev = NULL;
- inode->i_cdev = NULL;
- inode->i_rdev = 0;
-+ inode->i_mdev = 0;
- inode->dirtied_when = 0;
-
- if (security_inode_alloc(inode))
-@@ -478,6 +483,8 @@ void __insert_inode_hash(struct inode *i
- }
- EXPORT_SYMBOL(__insert_inode_hash);
-
-+EXPORT_SYMBOL_GPL(__iget);
-+
- /**
- * __remove_inode_hash - remove an inode from the hash
- * @inode: inode to unhash
-@@ -1795,9 +1802,11 @@ void init_special_inode(struct inode *in
- if (S_ISCHR(mode)) {
- inode->i_fop = &def_chr_fops;
- inode->i_rdev = rdev;
-+ inode->i_mdev = rdev;
- } else if (S_ISBLK(mode)) {
- inode->i_fop = &def_blk_fops;
- inode->i_rdev = rdev;
-+ inode->i_mdev = rdev;
- } else if (S_ISFIFO(mode))
- inode->i_fop = &pipefifo_fops;
- else if (S_ISSOCK(mode))
-@@ -1826,6 +1835,7 @@ void inode_init_owner(struct inode *inod
- } else
- inode->i_gid = current_fsgid();
- inode->i_mode = mode;
-+ i_tag_write(inode, dx_current_fstag(inode->i_sb));
- }
- EXPORT_SYMBOL(inode_init_owner);
-
-diff -NurpP --minimal linux-3.18.5/fs/ioctl.c linux-3.18.5-vs2.3.7.3/fs/ioctl.c
---- linux-3.18.5/fs/ioctl.c 2014-01-22 20:39:06.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/ioctl.c 2015-01-19 10:57:47.000000000 +0000
-@@ -15,6 +15,9 @@
- #include <linux/writeback.h>
- #include <linux/buffer_head.h>
- #include <linux/falloc.h>
-+#include <linux/proc_fs.h>
-+#include <linux/vserver/inode.h>
-+#include <linux/vs_tag.h>
-
- #include <asm/ioctls.h>
-
-diff -NurpP --minimal linux-3.18.5/fs/jfs/file.c linux-3.18.5-vs2.3.7.3/fs/jfs/file.c
---- linux-3.18.5/fs/jfs/file.c 2014-09-03 13:19:40.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/jfs/file.c 2015-01-19 10:58:03.000000000 +0000
-@@ -110,7 +110,8 @@ int jfs_setattr(struct dentry *dentry, s
- if (is_quota_modification(inode, iattr))
- dquot_initialize(inode);
- if ((iattr->ia_valid & ATTR_UID && !uid_eq(iattr->ia_uid, inode->i_uid)) ||
-- (iattr->ia_valid & ATTR_GID && !gid_eq(iattr->ia_gid, inode->i_gid))) {
-+ (iattr->ia_valid & ATTR_GID && !gid_eq(iattr->ia_gid, inode->i_gid)) ||
-+ (iattr->ia_valid & ATTR_TAG && !tag_eq(iattr->ia_tag, inode->i_tag))) {
- rc = dquot_transfer(inode, iattr);
- if (rc)
- return rc;
-@@ -146,6 +147,7 @@ const struct inode_operations jfs_file_i
- .get_acl = jfs_get_acl,
- .set_acl = jfs_set_acl,
- #endif
-+ .sync_flags = jfs_sync_flags,
- };
-
- const struct file_operations jfs_file_operations = {
-diff -NurpP --minimal linux-3.18.5/fs/jfs/ioctl.c linux-3.18.5-vs2.3.7.3/fs/jfs/ioctl.c
---- linux-3.18.5/fs/jfs/ioctl.c 2013-05-31 13:45:24.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/jfs/ioctl.c 2015-01-19 10:58:03.000000000 +0000
-@@ -12,6 +12,7 @@
- #include <linux/time.h>
- #include <linux/sched.h>
- #include <linux/blkdev.h>
-+#include <linux/mount.h>
- #include <asm/current.h>
- #include <asm/uaccess.h>
-
-@@ -56,6 +57,16 @@ static long jfs_map_ext2(unsigned long f
- }
-
-
-+int jfs_sync_flags(struct inode *inode, int flags, int vflags)
-+{
-+ inode->i_flags = flags;
-+ inode->i_vflags = vflags;
-+ jfs_get_inode_flags(JFS_IP(inode));
-+ inode->i_ctime = CURRENT_TIME_SEC;
-+ mark_inode_dirty(inode);
-+ return 0;
-+}
-+
- long jfs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
- {
- struct inode *inode = file_inode(filp);
-@@ -89,6 +100,11 @@ long jfs_ioctl(struct file *filp, unsign
- if (!S_ISDIR(inode->i_mode))
- flags &= ~JFS_DIRSYNC_FL;
-
-+ if (IS_BARRIER(inode)) {
-+ vxwprintk_task(1, "messing with the barrier.");
-+ return -EACCES;
-+ }
-+
- /* Is it quota file? Do not allow user to mess with it */
- if (IS_NOQUOTA(inode)) {
- err = -EPERM;
-@@ -106,8 +122,8 @@ long jfs_ioctl(struct file *filp, unsign
- * the relevant capability.
- */
- if ((oldflags & JFS_IMMUTABLE_FL) ||
-- ((flags ^ oldflags) &
-- (JFS_APPEND_FL | JFS_IMMUTABLE_FL))) {
-+ ((flags ^ oldflags) & (JFS_APPEND_FL |
-+ JFS_IMMUTABLE_FL | JFS_IXUNLINK_FL))) {
- if (!capable(CAP_LINUX_IMMUTABLE)) {
- mutex_unlock(&inode->i_mutex);
- err = -EPERM;
-@@ -115,7 +131,7 @@ long jfs_ioctl(struct file *filp, unsign
- }
- }
-
-- flags = flags & JFS_FL_USER_MODIFIABLE;
-+ flags &= JFS_FL_USER_MODIFIABLE;
- flags |= oldflags & ~JFS_FL_USER_MODIFIABLE;
- jfs_inode->mode2 = flags;
-
-diff -NurpP --minimal linux-3.18.5/fs/jfs/jfs_dinode.h linux-3.18.5-vs2.3.7.3/fs/jfs/jfs_dinode.h
---- linux-3.18.5/fs/jfs/jfs_dinode.h 2012-12-11 03:30:57.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/jfs/jfs_dinode.h 2015-01-19 10:58:03.000000000 +0000
-@@ -161,9 +161,13 @@ struct dinode {
-
- #define JFS_APPEND_FL 0x01000000 /* writes to file may only append */
- #define JFS_IMMUTABLE_FL 0x02000000 /* Immutable file */
-+#define JFS_IXUNLINK_FL 0x08000000 /* Immutable invert on unlink */
-
--#define JFS_FL_USER_VISIBLE 0x03F80000
--#define JFS_FL_USER_MODIFIABLE 0x03F80000
-+#define JFS_BARRIER_FL 0x04000000 /* Barrier for chroot() */
-+#define JFS_COW_FL 0x20000000 /* Copy on Write marker */
-+
-+#define JFS_FL_USER_VISIBLE 0x07F80000
-+#define JFS_FL_USER_MODIFIABLE 0x07F80000
- #define JFS_FL_INHERIT 0x03C80000
-
- /* These are identical to EXT[23]_IOC_GETFLAGS/SETFLAGS */
-diff -NurpP --minimal linux-3.18.5/fs/jfs/jfs_filsys.h linux-3.18.5-vs2.3.7.3/fs/jfs/jfs_filsys.h
---- linux-3.18.5/fs/jfs/jfs_filsys.h 2012-12-11 03:30:57.000000000 +0000
-+++ linux-3.18.5-vs2.3.7.3/fs/jfs/jfs_filsys.h 2015-01-19 10:58:03.000000000 +0000
-@@ -266,6 +266,7 @@
- #define JFS_NAME_MAX 255
- #define JFS_PATH_MAX BPSIZE
-
-+#define JFS_TAGGED 0x00800000 /* Context Tagging */
<Skipped 21396 lines>
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/kernel.git/commitdiff/c3eefe75c2da6369ca28c4bc6a1fde3d804bb812
More information about the pld-cvs-commit
mailing list