--- linux-2.6.18.2/include/linux/vserver/signal.h	1970-01-01 01:00:00 +0100
+++ linux-2.6.18.2-vs2.1.1/include/linux/vserver/signal.h	2006-09-20 17:01:45 +0200
@@ -0,0 +1,14 @@
+#ifndef _VX_SIGNAL_H
+#define _VX_SIGNAL_H
+
+
+#ifdef	__KERNEL__
+
+struct vx_info;
+
+int vx_info_kill(struct vx_info *, int, int);
+
+#endif	/* __KERNEL__ */
+#else	/* _VX_SIGNAL_H */
+#warning duplicate inclusion
+#endif	/* _VX_SIGNAL_H */
--- linux-2.6.18.2/kernel/signal.c	2006-09-20 16:58:44 +0200
+++ linux-2.6.18.2-vs2.1.1/kernel/signal.c	2006-10-25 03:39:09 +0200
@@ -572,11 +573,16 @@ static int check_kill_permission(int sig
 				 struct task_struct *t)
 {
 	int error = -EINVAL;
+
 	if (!valid_signal(sig))
 		return error;
+
+	if ((info != SEND_SIG_NOINFO) &&
+		(is_si_special(info) || !SI_FROMUSER(info)))
+		goto skip;
+
 	error = -EPERM;
-	if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info)))
-	    && ((sig != SIGCONT) ||
+	if (((sig != SIGCONT) ||
 		(current->signal->session != t->signal->session))
 	    && (current->euid ^ t->suid) && (current->euid ^ t->uid)
 	    && (current->uid ^ t->suid) && (current->uid ^ t->uid)
--- linux-2.6.18.2/kernel/signal.c	2006-09-20 16:58:44 +0200
+++ linux-2.6.18.2-vs2.1.1/kernel/signal.c	2006-10-25 03:39:09 +0200
@@ -583,6 +589,14 @@ *****
 	    && !capable(CAP_KILL))
 		return error;
 
+	error = -ESRCH;
+	if (!vx_check(vx_task_xid(t), VX_WATCH_P|VX_IDENT)) {
+		vxwprintk(current->xid,
+			"signal xid mismatch %p[#%u,%u] xid=#%u\n",
+			t, vx_task_xid(t), t->pid, current->xid);
+		return error;
+	}
+skip:
 	error = security_task_kill(t, info, sig, 0);
 	if (!error)
 		audit_signal_info(sig, t); /* Let audit system see the signal */
--- linux-2.6.18.2/kernel/signal.c	2006-09-20 16:58:44 +0200
+++ linux-2.6.18.2-vs2.1.1/kernel/signal.c	2006-10-25 03:39:09 +0200
@@ -1105,7 +1119,7 @@ kill_proc_info(int sig, struct siginfo *
 	}
 	p = find_task_by_pid(pid);
 	error = -ESRCH;
-	if (p)
+	if (p && vx_check(vx_task_xid(p), VX_IDENT))
 		error = group_send_sig_info(sig, info, p);
 	if (unlikely(acquired_tasklist_lock))
 		read_unlock(&tasklist_lock);
--- linux-2.6.18.2/kernel/signal.c	2006-09-20 16:58:44 +0200
+++ linux-2.6.18.2-vs2.1.1/kernel/signal.c	2006-10-25 03:39:09 +0200
@@ -1167,7 +1181,8 @@ static int kill_something_info(int sig, 
 
 		read_lock(&tasklist_lock);
 		for_each_process(p) {
-			if (p->pid > 1 && p->tgid != current->tgid) {
+			if (vx_check(vx_task_xid(p), VX_ADMIN_P|VX_IDENT) &&
+				p->pid > 1 && p->tgid != current->tgid) {
 				int err = group_send_sig_info(sig, info, p);
 				++count;
 				if (err != -EPERM)
--- linux-2.6.18.2/kernel/vserver/signal.c	1970-01-01 01:00:00 +0100
+++ linux-2.6.18.2-vs2.1.1/kernel/vserver/signal.c	2006-10-25 03:39:09 +0200
@@ -0,0 +1,136 @@
+/*
+ *  linux/kernel/vserver/signal.c
+ *
+ *  Virtual Server: Signal Support
+ *
+ *  Copyright (C) 2003-2006  Herbert Pötzl
+ *
+ *  V0.01  broken out from vcontext V0.05
+ *  V0.02  changed vcmds to vxi arg
+ *
+ */
+
+#include <linux/sched.h>
+
+#include <asm/errno.h>
+#include <asm/uaccess.h>
+
+#include <linux/vs_context.h>
+#include <linux/vserver/signal_cmd.h>
+
+
+int vx_info_kill(struct vx_info *vxi, int pid, int sig)
+{
+	int retval, count=0;
+	struct task_struct *p;
+	unsigned long priv = 0;
+
+	retval = -ESRCH;
+	vxdprintk(VXD_CBIT(misc, 4),
+		"vx_info_kill(%p[#%d],%d,%d)*",
+		vxi, vxi->vx_id, pid, sig);
+	read_lock(&tasklist_lock);
+	switch (pid) {
+	case  0:
+		priv = 1;
+	case -1:
+		for_each_process(p) {
+			int err = 0;
+
+			if (vx_task_xid(p) != vxi->vx_id || p->pid <= 1 ||
+				(pid && vxi->vx_initpid == p->pid))
+				continue;
+
+			err = group_send_sig_info(sig, (void*)priv, p);
+			++count;
+			if (err != -EPERM)
+				retval = err;
+		}
+		break;
+
+	case 1:
+		if (vxi->vx_initpid) {
+			pid = vxi->vx_initpid;
+			/* for now, only SIGINT to private init ... */
+			if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
+				/* ... as long as there are tasks left */
+				(atomic_read(&vxi->vx_tasks) > 1))
+				sig = SIGINT;
+			priv = 1;
+		}
+		/* fallthrough */
+	default:
+		p = find_task_by_real_pid(pid);
+		if (p) {
+			if (vx_task_xid(p) == vxi->vx_id)
+				retval = group_send_sig_info(sig,
+					(void*)priv, p);
+		}
+		break;
+	}
+	read_unlock(&tasklist_lock);
+	vxdprintk(VXD_CBIT(misc, 4),
+		"vx_info_kill(%p[#%d],%d,%d) = %d",
+		vxi, vxi->vx_id, pid, sig, retval);
+	return retval;
+}
+
+int vc_ctx_kill(struct vx_info *vxi, void __user *data)
+{
+	struct vcmd_ctx_kill_v0 vc_data;
+
+	if (copy_from_user (&vc_data, data, sizeof(vc_data)))
+		return -EFAULT;
+
+	/* special check to allow guest shutdown */
+	if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
+		/* forbid killall pid=0 when init is present */
+		(((vc_data.pid < 1) && vxi->vx_initpid) ||
+		(vc_data.pid > 1)))
+		return -EACCES;
+
+	return vx_info_kill(vxi, vc_data.pid, vc_data.sig);
+}
+
+
+static int __wait_exit(struct vx_info *vxi)
+{
+	DECLARE_WAITQUEUE(wait, current);
+	int ret = 0;
+
+	add_wait_queue(&vxi->vx_wait, &wait);
+	set_current_state(TASK_INTERRUPTIBLE);
+
+wait:
+	if (vx_info_state(vxi,
+		VXS_SHUTDOWN|VXS_HASHED|VXS_HELPER) == VXS_SHUTDOWN)
+		goto out;
+	if (signal_pending(current)) {
+		ret = -ERESTARTSYS;
+		goto out;
+	}
+	schedule();
+	goto wait;
+
+out:
+	set_current_state(TASK_RUNNING);
+	remove_wait_queue(&vxi->vx_wait, &wait);
+	return ret;
+}
+
+
+
+int vc_wait_exit(struct vx_info *vxi, void __user *data)
+{
+	struct vcmd_wait_exit_v0 vc_data;
+	int ret;
+
+	ret = __wait_exit(vxi);
+	vc_data.reboot_cmd = vxi->reboot_cmd;
+	vc_data.exit_code = vxi->exit_code;
+
+	if (copy_to_user (data, &vc_data, sizeof(vc_data)))
+		ret = -EFAULT;
+	return ret;
+}
+