diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/Makefile DEVEL/linux-2.4.21-vs1.1.0/Makefile --- STABLE/linux-2.4.21-vs1.00/Makefile Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/Makefile Mon Dec 1 16:17:35 2003 @@ -1,7 +1,7 @@ VERSION = 2 PATCHLEVEL = 4 SUBLEVEL = 21 -EXTRAVERSION = -vs1.00 +EXTRAVERSION = -vs1.1.0 KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION) diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/alpha/kernel/entry.S DEVEL/linux-2.4.21-vs1.1.0/arch/alpha/kernel/entry.S --- STABLE/linux-2.4.21-vs1.00/arch/alpha/kernel/entry.S Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/alpha/kernel/entry.S Mon Dec 1 16:17:36 2003 @@ -1044,8 +1044,8 @@ sys_call_table: .quad alpha_ni_syscall /* 270 */ .quad alpha_ni_syscall .quad alpha_ni_syscall - .quad sys_new_s_context /* 273 sys_virtual_context */ - .quad sys_set_ipv4root /* 274 borrowed for now */ + .quad sys_virtual_context /* 273 sys_virtual_context */ + .quad alpha_ni_syscall .quad alpha_ni_syscall /* 275 */ .quad alpha_ni_syscall .quad alpha_ni_syscall diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/i386/kernel/entry.S DEVEL/linux-2.4.21-vs1.1.0/arch/i386/kernel/entry.S --- STABLE/linux-2.4.21-vs1.00/arch/i386/kernel/entry.S Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/i386/kernel/entry.S Mon Dec 1 16:17:36 2003 @@ -677,8 +677,7 @@ ENTRY(sys_call_table) .long SYMBOL_NAME(sys_ni_syscall) /* 270 */ .long SYMBOL_NAME(sys_ni_syscall) .long SYMBOL_NAME(sys_ni_syscall) - .long SYMBOL_NAME(sys_new_s_context) /* 273 sys_virtual_context */ - .long SYMBOL_NAME(sys_set_ipv4root) /* 274 borrowed */ + .long SYMBOL_NAME(sys_virtual_context) /* 273 sys_virtual_context */ .rept NR_syscalls-(.-sys_call_table)/4 .long SYMBOL_NAME(sys_ni_syscall) diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/ppc/kernel/misc.S DEVEL/linux-2.4.21-vs1.1.0/arch/ppc/kernel/misc.S --- STABLE/linux-2.4.21-vs1.00/arch/ppc/kernel/misc.S Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/ppc/kernel/misc.S Mon Dec 1 16:17:36 2003 @@ -1226,8 +1226,7 @@ _GLOBAL(sys_call_table) .long sys_ni_syscall /* 270 */ .long sys_ni_syscall .long sys_ni_syscall - .long sys_new_s_context /* 273 sys_virtual_context */ - .long sys_set_ipv4root /* 274 borrowed */ + .long sys_virtual_context /* 273 sys_virtual_context */ .rept NR_syscalls-(.-sys_call_table)/4 .long sys_ni_syscall diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/sparc/kernel/systbls.S DEVEL/linux-2.4.21-vs1.1.0/arch/sparc/kernel/systbls.S --- STABLE/linux-2.4.21-vs1.00/arch/sparc/kernel/systbls.S Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/sparc/kernel/systbls.S Mon Dec 1 16:17:36 2003 @@ -71,9 +71,9 @@ sys_call_table: /*245*/ .long sys_sched_yield, sys_sched_get_priority_max, sys_sched_get_priority_min, sys_sched_rr_get_interval, sys_nanosleep /*250*/ .long sparc_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nfsservctl /*255*/ .long sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall -/*260*/ .long sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall -/*265*/ .long sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall -/*270*/ .long sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_new_s_context, sys_set_ipv4root +/*260*/ .long sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall +/*265*/ .long sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall +/*270*/ .long sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_virtual_context, sys_nis_syscall #ifdef CONFIG_SUNOS_EMUL /* Now the SunOS syscall table. */ diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/sparc64/kernel/entry.S DEVEL/linux-2.4.21-vs1.1.0/arch/sparc64/kernel/entry.S --- STABLE/linux-2.4.21-vs1.00/arch/sparc64/kernel/entry.S Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/sparc64/kernel/entry.S Mon Dec 1 16:17:36 2003 @@ -26,7 +26,7 @@ #define curptr g6 -#define NR_SYSCALLS 275 /* Each OS is different... */ +#define NR_SYSCALLS 274 /* Each OS is different... */ .text .align 32 diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/sparc64/kernel/systbls.S DEVEL/linux-2.4.21-vs1.1.0/arch/sparc64/kernel/systbls.S --- STABLE/linux-2.4.21-vs1.00/arch/sparc64/kernel/systbls.S Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/sparc64/kernel/systbls.S Mon Dec 1 16:17:36 2003 @@ -73,7 +73,7 @@ sys_call_table32: .word sys_aplib, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall /*260*/ .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall -/*270*/ .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_new_s_context, sys_set_ipv4root +/*270*/ .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_virtual_context, sys_nis_syscall /* Now the 64-bit native Linux syscall table. */ @@ -135,7 +135,7 @@ sys_call_table: .word sys_aplib, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall /*260*/ .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_nis_syscall -/*270*/ .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_new_s_context, sys_set_ipv4root +/*270*/ .word sys_nis_syscall, sys_nis_syscall, sys_nis_syscall, sys_virtual_context, sys_nis_syscall #if defined(CONFIG_SUNOS_EMUL) || defined(CONFIG_SOLARIS_EMUL) || \ defined(CONFIG_SOLARIS_EMUL_MODULE) diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/x86_64/ia32/ia32entry.S DEVEL/linux-2.4.21-vs1.1.0/arch/x86_64/ia32/ia32entry.S --- STABLE/linux-2.4.21-vs1.00/arch/x86_64/ia32/ia32entry.S Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/x86_64/ia32/ia32entry.S Mon Dec 1 16:17:36 2003 @@ -402,8 +402,8 @@ ia32_sys_call_table: .quad quiet_ni_syscall /* 270 */ .quad quiet_ni_syscall .quad quiet_ni_syscall - .quad sys_new_s_context /* 273 sys_virtual_context */ - .quad sys_set_ipv4root /* 274 borrowed for now */ + .quad sys_virtual_context /* 273 sys_virtual_context */ + ia32_syscall_end: .rept IA32_NR_syscalls-(ia32_syscall_end-ia32_sys_call_table)/8 .quad ni_syscall diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/arch/x86_64/kernel/sys_x86_64.c DEVEL/linux-2.4.21-vs1.1.0/arch/x86_64/kernel/sys_x86_64.c --- STABLE/linux-2.4.21-vs1.00/arch/x86_64/kernel/sys_x86_64.c Fri Jun 13 16:51:32 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/arch/x86_64/kernel/sys_x86_64.c Mon Dec 1 16:17:35 2003 @@ -108,8 +108,18 @@ unsigned long arch_get_unmapped_area(str asmlinkage long sys_uname(struct new_utsname * name) { int err; + struct new_utsname tmp, *pttmp; + down_read(&uts_sem); - err=copy_to_user(name, &system_utsname, sizeof (*name)); + if (current->s_info) { + tmp = system_utsname; + strcpy (tmp.nodename, current->s_info->nodename); + strcpy (tmp.domainname, current->s_info->domainname); + pttmp = &tmp; + } + else + pttmp = &system_utsname; + err=copy_to_user(name, pttmp, sizeof (*name)); up_read(&uts_sem); if (personality(current->personality) == PER_LINUX32) err = copy_to_user(name->machine, "i686", 5); diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/fs/proc/array.c DEVEL/linux-2.4.21-vs1.1.0/fs/proc/array.c --- STABLE/linux-2.4.21-vs1.00/fs/proc/array.c Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/fs/proc/array.c Mon Dec 1 16:17:35 2003 @@ -299,7 +299,6 @@ int proc_pid_status(struct task_struct * } buffer = task_sig(task, buffer); buffer = task_cap(task, buffer); -#ifdef __NR_new_s_context if (task->s_info) { int i; buffer += sprintf (buffer,"s_context: %d [",task->s_context); @@ -311,7 +310,8 @@ int proc_pid_status(struct task_struct * *buffer++ = ']'; *buffer++ = '\n'; buffer += sprintf (buffer,"ctxticks: %d %ld %d\n" - ,atomic_read(&task->s_info->ticks),task->counter + ,atomic_read(&task->s_info->ticks) + ,task->counter ,task->s_info->refcount); buffer += sprintf (buffer,"ctxflags: %d\n" ,task->s_info->flags); @@ -340,9 +340,6 @@ int proc_pid_status(struct task_struct * buffer += sprintf (buffer,"ipv4root: 0\n"); buffer += sprintf (buffer,"ipv4root_bcast: 0\n"); } - buffer += sprintf (buffer,"__NR_new_s_context: %d\n",__NR_new_s_context); - buffer += sprintf (buffer,"__NR_set_ipv4root: %d rev3\n",__NR_set_ipv4root); -#endif #if defined(CONFIG_ARCH_S390) buffer = task_show_regs(task, buffer); #endif diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/asm-alpha/unistd.h DEVEL/linux-2.4.21-vs1.1.0/include/asm-alpha/unistd.h --- STABLE/linux-2.4.21-vs1.00/include/asm-alpha/unistd.h Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/asm-alpha/unistd.h Mon Dec 1 16:17:36 2003 @@ -233,8 +233,7 @@ #define __NR_osf_memcntl 260 /* not implemented */ #define __NR_osf_fdatasync 261 /* not implemented */ -#define __NR_new_s_context 273 -#define __NR_set_ipv4root 274 +#define __NR_virtual_context 273 /* * Linux-specific system calls begin at 300 diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/asm-i386/unistd.h DEVEL/linux-2.4.21-vs1.1.0/include/asm-i386/unistd.h --- STABLE/linux-2.4.21-vs1.00/include/asm-i386/unistd.h Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/asm-i386/unistd.h Mon Dec 1 16:17:36 2003 @@ -257,8 +257,8 @@ #define __NR_alloc_hugepages 250 #define __NR_free_hugepages 251 #define __NR_exit_group 252 -#define __NR_new_s_context 273 -#define __NR_set_ipv4root 274 + +#define __NR_virtual_context 273 /* user-visible error numbers are in the range -1 - -124: see */ diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/asm-ppc/unistd.h DEVEL/linux-2.4.21-vs1.1.0/include/asm-ppc/unistd.h --- STABLE/linux-2.4.21-vs1.00/include/asm-ppc/unistd.h Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/asm-ppc/unistd.h Mon Dec 1 16:17:36 2003 @@ -238,8 +238,8 @@ #define __NR_io_submit 230 #define __NR_io_cancel 231 #endif -#define __NR_new_s_context 273 -#define __NR_set_ipv4root 274 + +#define __NR_virtual_context 273 #define __NR(n) #n diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/asm-sparc/unistd.h DEVEL/linux-2.4.21-vs1.1.0/include/asm-sparc/unistd.h --- STABLE/linux-2.4.21-vs1.00/include/asm-sparc/unistd.h Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/asm-sparc/unistd.h Mon Dec 1 16:17:36 2003 @@ -271,8 +271,8 @@ #define __NR_fdatasync 253 #define __NR_nfsservctl 254 #define __NR_aplib 255 -#define __NR_new_s_context 273 -#define __NR_set_ipv4root 274 + +#define __NR_virtual_context 273 #define _syscall0(type,name) \ type name(void) \ diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/asm-sparc64/unistd.h DEVEL/linux-2.4.21-vs1.1.0/include/asm-sparc64/unistd.h --- STABLE/linux-2.4.21-vs1.00/include/asm-sparc64/unistd.h Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/asm-sparc64/unistd.h Mon Dec 1 16:17:36 2003 @@ -273,8 +273,8 @@ #define __NR_fdatasync 253 #define __NR_nfsservctl 254 #define __NR_aplib 255 -#define __NR_new_s_context 273 -#define __NR_set_ipv4root 274 + +#define __NR_virtual_context 273 #define _syscall0(type,name) \ type name(void) \ diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/asm-x86_64/ia32_unistd.h DEVEL/linux-2.4.21-vs1.1.0/include/asm-x86_64/ia32_unistd.h --- STABLE/linux-2.4.21-vs1.00/include/asm-x86_64/ia32_unistd.h Fri Jun 13 16:51:38 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/asm-x86_64/ia32_unistd.h Mon Dec 1 16:17:36 2003 @@ -250,6 +250,8 @@ #define __NR_ia32_sched_setaffinity 241 #define __NR_ia32_sched_getaffinity 242 -#define IA32_NR_syscalls 245 +#define __NR_ia32_virtual_context 273 + +#define IA32_NR_syscalls 274 #endif /* _ASM_X86_64_IA32_UNISTD_H_ */ diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/asm-x86_64/unistd.h DEVEL/linux-2.4.21-vs1.1.0/include/asm-x86_64/unistd.h --- STABLE/linux-2.4.21-vs1.00/include/asm-x86_64/unistd.h Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/asm-x86_64/unistd.h Mon Dec 1 16:17:36 2003 @@ -495,12 +495,11 @@ __SYSCALL(__NR_epoll_wait, sys_ni_syscal __SYSCALL(__NR_remap_file_pages, sys_ni_syscall) #define __NR_getdents64 217 __SYSCALL(__NR_getdents64, sys_getdents64) -#define __NR_new_s_context 273 -__SYSCALL(__NR_new_s_context, sys_new_s_context) -#define __NR_set_ipv4root 274 -__SYSCALL(__NR_set_ipv4root, sys_set_ipv4root) -#define __NR_syscall_max __NR_set_ipv4root +#define __NR_virtual_context 273 +__SYSCALL(__NR_virtual_context, sys_virtual_context) + +#define __NR_syscall_max __NR_virtual_context #ifndef __NO_STUBS diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/linux/sched.h DEVEL/linux-2.4.21-vs1.1.0/include/linux/sched.h --- STABLE/linux-2.4.21-vs1.00/include/linux/sched.h Thu Nov 6 21:35:40 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/linux/sched.h Mon Dec 1 16:17:36 2003 @@ -26,6 +26,7 @@ extern unsigned long event; #include #include #include +#include struct exec_domain; @@ -297,7 +298,6 @@ struct user_struct { /* to become the global limits */ /* of the context */ -#define NB_IPV4ROOT 16 #define NB_S_CONTEXT 16 struct context_info { @@ -306,6 +306,7 @@ struct context_info { /* security context using any in this table */ unsigned long rlim[RLIM_NLIMITS]; /* Per context limit */ atomic_t res[RLIM_NLIMITS]; /* Current value */ + struct proc_dir_entry *procent; char nodename[65]; char domainname[65]; int flags; /* S_CTX_INFO_xxx */ @@ -462,7 +463,6 @@ struct task_struct { unsigned long sas_ss_sp; size_t sas_ss_size; int (*notifier)(void *priv); -/* Field to make virtual server running in chroot more isolated */ int s_context; /* Process can only deal with other processes */ /* with the same s_context */ __u32 cap_bset; /* Maximum capability of this process and children */ diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/linux/sys.h DEVEL/linux-2.4.21-vs1.1.0/include/linux/sys.h --- STABLE/linux-2.4.21-vs1.00/include/linux/sys.h Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/include/linux/sys.h Mon Dec 1 16:17:36 2003 @@ -4,7 +4,7 @@ /* * system call entry points ... but not all are defined */ -#define NR_syscalls 275 +#define NR_syscalls 274 /* * These are system calls that will be removed at some time diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/include/linux/virtual.h DEVEL/linux-2.4.21-vs1.1.0/include/linux/virtual.h --- STABLE/linux-2.4.21-vs1.00/include/linux/virtual.h Thu Jan 1 01:00:00 1970 +++ DEVEL/linux-2.4.21-vs1.1.0/include/linux/virtual.h Mon Dec 1 16:17:36 2003 @@ -0,0 +1,88 @@ +#ifndef _LINUX_VIRTUAL_H +#define _LINUX_VIRTUAL_H + +#include + +#define VC_CATEGORY(c) (((c) >> 24) & 0x3F) +#define VC_COMMAND(c) (((c) >> 16) & 0xFF) +#define VC_VERSION(c) ((c) & 0xFFF) + +#define VC_CMD(c,i,v) ((((VC_CAT_ ## c) & 0x3F) << 24) \ + | (((i) & 0xFF) << 16) | ((v) & 0xFFF)) + +/* + + Syscall Matrix V2.2 + + |VERSION|CREATE |MODIFY |MIGRATE|CONTROL|EXPERIM| |SPECIAL|SPECIAL| + |STATS |DESTROY|ALTER |CHANGE |LIMIT |TEST | | | | + |INFO |SETUP | |MOVE | | | | | | + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + SYSTEM |VERSION| | | | | | |DEVICES| | + HOST | 00| 01| 02| 03| 04| 05| | 06| 07| + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + CPU | | | | | | | |SCHED. | | + PROCESS| 08| 09| 10| 11| 12| 13| | 14| 15| + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + MEMORY | | | | | | | |SWAP | | + | 16| 17| 18| 19| 20| 21| | 22| 23| + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + NETWORK| | | | | | | |SERIAL | | + | 24| 25| 26| 27| 28| 29| | 30| 31| + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + DISK | | | | | | | | | | + VFS | 32| 33| 34| 35| 36| 37| | 38| 39| + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + OTHER | | | | | | | | | | + | 40| 41| 42| 43| 44| 45| | 46| 47| + =======+=======+=======+=======+=======+=======+=======+ +=======+=======+ + SPECIAL| | | | | | | | | | + | 48| 49| 50| 51| 52| 53| | 54| 55| + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + SPECIAL| | | | | |SYSCALL| | |COMPAT | + | 56| 57| 58| 59| 60|TEST 61| | 62| 63| + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+ + +*/ + +#define VC_CAT_VERSION 0 + +#define VC_CAT_SYSTEST 61 +#define VC_CAT_COMPAT 63 + +/* interface version */ + +#define VCI_VERSION 0x00010001 + + + +/* query version */ + +#define VCMD_get_version VC_CMD(VERSION, 0, 0) + + +/* compatibiliy vserver commands */ + +#define VCMD_new_s_context VC_CMD(COMPAT, 1, 1) +#define VCMD_set_ipv4root VC_CMD(COMPAT, 2, 3) + +/* compatibiliy vserver arguments */ + +struct vcmd_new_s_context_v1 { + uint32_t remove_cap; + uint32_t flags; +}; + +#define NB_IPV4ROOT 16 + +struct vcmd_set_ipv4root_v3 { + /* number of pairs in id */ + uint32_t broadcast; + struct { + uint32_t ip; + uint32_t mask; + } ip_mask_pair[NB_IPV4ROOT]; +}; + + +#endif /* _LINUX_VIRTUAL_H */ diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/kernel/Makefile DEVEL/linux-2.4.21-vs1.1.0/kernel/Makefile --- STABLE/linux-2.4.21-vs1.00/kernel/Makefile Mon Sep 17 06:22:40 2001 +++ DEVEL/linux-2.4.21-vs1.1.0/kernel/Makefile Mon Dec 1 16:17:36 2003 @@ -14,7 +14,7 @@ export-objs = signal.o sys.o kmod.o cont obj-y = sched.o dma.o fork.o exec_domain.o panic.o printk.o \ module.o exit.o itimer.o info.o time.o softirq.o resource.o \ sysctl.o acct.o capability.o ptrace.o timer.o user.o \ - signal.o sys.o kmod.o context.o + signal.o sys.o kmod.o context.o virtual.o obj-$(CONFIG_UID16) += uid16.o obj-$(CONFIG_MODULES) += ksyms.o diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/kernel/signal.c DEVEL/linux-2.4.21-vs1.1.0/kernel/signal.c --- STABLE/linux-2.4.21-vs1.00/kernel/signal.c Sat Nov 1 10:50:41 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/kernel/signal.c Mon Dec 1 16:17:36 2003 @@ -13,6 +13,7 @@ #include #include #include +#include #include @@ -1377,11 +1378,14 @@ static inline int switch_user_struct(int Change to a new security context and reduce the capability basic set of the current process */ -asmlinkage int -sys_new_s_context(int ctx, __u32 remove_cap, int flags) +int vc_new_s_context(uint32_t ctx, void *data) { - #define MAX_S_CONTEXT 65535 /* Arbitrary limit */ int ret = -EPERM; + struct vcmd_new_s_context_v1 vc_data; + #define MAX_S_CONTEXT 65535 /* Arbitrary limit */ + + if (copy_from_user (&vc_data, data, sizeof(vc_data))) + return -EFAULT; if (ctx == -1) { if (current->s_info == NULL || !(current->s_info->flags & S_CTX_INFO_LOCK)) { @@ -1414,26 +1418,26 @@ sys_new_s_context(int ctx, __u32 remove_ ret = switch_user_struct(alloc_ctx); if (ret == 0) { current->s_context = alloc_ctx; - current->cap_bset &= (~remove_cap); + current->cap_bset &= (~vc_data.remove_cap); ret = alloc_ctx; sys_alloc_s_info(); if (current->s_info) { - set_initpid (flags); - current->s_info->flags |= flags; + set_initpid (vc_data.flags); + current->s_info->flags |= vc_data.flags; } } spin_unlock(&alloc_ctx_lock); } } else if (ctx == -2) { - ret = set_initpid(flags); + ret = set_initpid(vc_data.flags); if (ret == 0) { /* We keep the same s_context, but lower the capabilities */ - current->cap_bset &= (~remove_cap); + current->cap_bset &= (~vc_data.remove_cap); ret = current->s_context; if (current->s_info) { - if (flags & S_CTX_INFO_INIT) + if (vc_data.flags & S_CTX_INFO_INIT) current->s_info->initpid = current->tgid; - current->s_info->flags |= flags; + current->s_info->flags |= vc_data.flags; } } } else if (ctx <= 0 || ctx > MAX_S_CONTEXT) { @@ -1467,11 +1471,11 @@ sys_new_s_context(int ctx, __u32 remove_ ret = switch_user_struct(ctx); if (ret == 0) { current->s_context = ctx; - current->cap_bset &= (~remove_cap); + current->cap_bset &= (~vc_data.remove_cap); if (!found) sys_alloc_s_info(); if (current->s_info) - current->s_info->flags |= flags; + current->s_info->flags |= vc_data.flags; } } } diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/kernel/virtual.c DEVEL/linux-2.4.21-vs1.1.0/kernel/virtual.c --- STABLE/linux-2.4.21-vs1.00/kernel/virtual.c Thu Jan 1 01:00:00 1970 +++ DEVEL/linux-2.4.21-vs1.1.0/kernel/virtual.c Mon Dec 1 16:17:36 2003 @@ -0,0 +1,51 @@ +/* + * linux/kernel/virtual.c + * + * Virtual Context Support + * + * Copyright (C) 2003 Herbert Pötzl + * + * V0.01 syscall switch + * + */ + +#include +#include +#include + +#include + + +static inline int +vc_get_version(uint32_t id) +{ + return VCI_VERSION; +} + + +extern int vc_new_s_context(uint32_t, void *); +extern int vc_set_ipv4root(uint32_t, void *); + + +asmlinkage int +sys_virtual_context(uint32_t cmd, uint32_t id, void *data) +{ + int ret = -EINVAL; + + switch (cmd) { + case VCMD_get_version: + ret = vc_get_version(id); + break; + + case VCMD_new_s_context: + ret = vc_new_s_context(id, data); + break; + + case VCMD_set_ipv4root: + ret = vc_set_ipv4root(id, data); + break; + + } + return ret; +} + diff -NurpP --minimal STABLE/linux-2.4.21-vs1.00/net/socket.c DEVEL/linux-2.4.21-vs1.1.0/net/socket.c --- STABLE/linux-2.4.21-vs1.00/net/socket.c Sat Nov 1 10:50:42 2003 +++ DEVEL/linux-2.4.21-vs1.1.0/net/socket.c Mon Dec 1 16:17:37 2003 @@ -84,6 +84,7 @@ #include #include #include +#include static int sock_no_open(struct inode *irrelevant, struct file *dontcare); static ssize_t sock_read(struct file *file, char *buf, @@ -1755,24 +1756,18 @@ int socket_get_info(char *buffer, char * return len; } -asmlinkage int sys_set_ipv4root ( - __u32 ip[], - int nbip, - __u32 bcast, - __u32 mask[]) +int vc_set_ipv4root(uint32_t nbip, void *data) { int ret = -EPERM; - __u32 tbip[NB_IPV4ROOT]; - __u32 tbmask[NB_IPV4ROOT]; + struct vcmd_set_ipv4root_v3 vc_data; struct iproot_info *ip_info = current->ip_info; + + if (copy_from_user (&vc_data, data, sizeof(vc_data))) + return -EFAULT; + if (nbip < 0 || nbip > NB_IPV4ROOT) ret = -EINVAL; - else if (copy_from_user(tbip,ip,nbip*sizeof(ip[0])) - || copy_from_user(tbmask,mask,nbip*sizeof(ip[0]))) - ret = -EFAULT; - else if (!ip_info - || ip_info->ipv4[0] == 0 - || capable(CAP_NET_ADMIN)) + if (!ip_info || ip_info->ipv4[0] == 0 || capable(CAP_NET_ADMIN)) // We are allowed to change everything ret = 0; else if (current->ip_info) { @@ -1783,7 +1778,7 @@ asmlinkage int sys_set_ipv4root ( int found = 0; for (i=0; inbipv4; j++) { if (ipi == ip_info->ipv4[j]) { found++; @@ -1791,17 +1786,20 @@ asmlinkage int sys_set_ipv4root ( } } } - if (found == nbip && bcast == ip_info->v4_bcast) { + if (found == nbip && vc_data.broadcast == ip_info->v4_bcast) ret = 0; - } - } if (ret == 0) { - sys_alloc_ip_info(); - current->ip_info->nbipv4 = nbip; - memcpy (current->ip_info->ipv4,tbip,nbip*sizeof(tbip[0])); - current->ip_info->v4_bcast = bcast; - memcpy (current->ip_info->mask,tbmask,nbip*sizeof(tbmask[0])); + int i; + + sys_alloc_ip_info(); /* release existing? */ + ip_info = current->ip_info; + ip_info->nbipv4 = nbip; + for (i=0; iipv4[i] = vc_data.ip_mask_pair[i].ip; + ip_info->mask[i] = vc_data.ip_mask_pair[i].mask; + } + ip_info->v4_bcast = vc_data.broadcast; } return ret; }