diff -NurpP --minimal linux-2.6.11.10-vs2.0-p1/include/linux/vs_network.h linux-2.6.11.10-vs2.0-p2/include/linux/vs_network.h --- linux-2.6.11.10-vs2.0-p1/include/linux/vs_network.h 2005-05-22 14:58:04 +0200 +++ linux-2.6.11.10-vs2.0-p2/include/linux/vs_network.h 2005-05-22 15:11:14 +0200 @@ -110,22 +110,33 @@ static __inline__ struct nx_info *__task #define nx_weak_check(c,m) ((m) ? nx_check(c,m) : 1) -#define __nx_flags(v,m,f) (((v) & (m)) ^ (f)) +#define __nx_state(v) ((v) ? ((v)->nx_state) : 0) -#define __nx_task_flags(t,m,f) \ - (((t) && ((t)->nx_info)) ? \ - __nx_flags((t)->nx_info->nx_flags,(m),(f)) : 0) +#define nx_info_state(v,m) (__nx_state(v) & (m)) -#define nx_current_flags() \ - ((current->nx_info) ? current->nx_info->nx_flags : 0) -#define nx_flags(m,f) __nx_flags(nx_current_flags(),(m),(f)) +#define __nx_flags(v) ((v) ? (v)->nx_flags : 0) +#define nx_current_flags() __nx_flags(current->nx_info) -#define nx_current_ncaps() \ - ((current->nx_info) ? current->nx_info->nx_ncaps : 0) +#define nx_info_flags(v,m,f) \ + vx_check_flags(__nx_flags(v),(m),(f)) -#define nx_ncaps(c) (nx_current_ncaps() & (c)) +#define task_nx_flags(t,m,f) \ + ((t) && nx_info_flags((t)->nx_info, (m), (f))) + +#define nx_flags(m,f) nx_info_flags(current->nx_info,(m),(f)) + + +/* context caps */ + +#define __nx_ncaps(v) ((v) ? (v)->nx_ncaps : 0) + +#define nx_current_ncaps() __nx_ncaps(current->nx_info) + +#define nx_info_ncaps(v,c) (__nx_ncaps(v) & (c)) + +#define nx_ncaps(c) nx_info_ncaps(current->nx_info,(c)) static inline int addr_in_nx_info(struct nx_info *nxi, uint32_t addr) diff -NurpP --minimal linux-2.6.11.10-vs2.0-p1/include/linux/vserver/network.h linux-2.6.11.10-vs2.0-p2/include/linux/vserver/network.h --- linux-2.6.11.10-vs2.0-p1/include/linux/vserver/network.h 2005-05-22 14:58:04 +0200 +++ linux-2.6.11.10-vs2.0-p2/include/linux/vserver/network.h 2005-05-22 15:11:14 +0200 @@ -11,6 +11,11 @@ #define NB_IPV4ROOT 16 +/* context flags */ + +#define NXF_STATE_SETUP (1ULL<<32) + + #ifdef __KERNEL__ #include @@ -25,6 +30,7 @@ struct nx_info { nid_t nx_id; /* vnet id */ atomic_t nx_usecnt; /* usage count */ atomic_t nx_refcnt; /* reference count */ + int nx_state; /* context state */ uint64_t nx_flags; /* network flag word */ uint64_t nx_ncaps; /* network capabilities */ @@ -43,9 +49,11 @@ struct nx_info { }; -struct rcu_head; +/* status flags */ -extern void unhash_nx_info(struct nx_info *); +#define NXS_HASHED 0x0001 +#define NXS_SHUTDOWN 0x0100 +#define NXS_RELEASED 0x8000 extern struct nx_info *locate_nx_info(int); extern struct nx_info *locate_or_create_nx_info(int); diff -NurpP --minimal linux-2.6.11.10-vs2.0-p1/kernel/vserver/Kconfig linux-2.6.11.10-vs2.0-p2/kernel/vserver/Kconfig --- linux-2.6.11.10-vs2.0-p1/kernel/vserver/Kconfig 2005-05-21 04:29:23 +0200 +++ linux-2.6.11.10-vs2.0-p2/kernel/vserver/Kconfig 2005-05-22 15:11:14 +0200 @@ -12,6 +12,11 @@ config VSERVER_SECURITY default y select SECURITY_CAPABILITIES +config VSERVER_LEGACYNET + bool + depends on !VSERVER_NGNET + default y + menu "Linux VServer" config VSERVER_LEGACY @@ -21,15 +26,13 @@ config VSERVER_LEGACY This enables the legacy API used in vs1.xx, which allows to use older tools (for migration purposes). -config VSERVER_LEGACYNET - bool "Enable Legacy Networking Kernel API" - default y +config VSERVER_NGNET + bool "Disable Legacy Networking Kernel API" + depends on EXPERIMENTAL + default n help - This enables the legacy networking API, which allows + This disables the legacy networking API, which allows to configure per vserver IPs as we know it. - For now, even recent tools use this interface of the - legacy API, so unless you know what you are doing, - leave that option enabled. config VSERVER_PROC_SECURE bool "Enable Proc Security" diff -NurpP --minimal linux-2.6.11.10-vs2.0-p1/kernel/vserver/network.c linux-2.6.11.10-vs2.0-p2/kernel/vserver/network.c --- linux-2.6.11.10-vs2.0-p1/kernel/vserver/network.c 2005-05-22 14:58:04 +0200 +++ linux-2.6.11.10-vs2.0-p2/kernel/vserver/network.c 2005-05-22 15:11:14 +0200 @@ -44,6 +44,7 @@ static struct nx_info *__alloc_nx_info(n INIT_HLIST_NODE(&new->nx_hlist); atomic_set(&new->nx_refcnt, 0); atomic_set(&new->nx_usecnt, 0); + new->nx_state = 0; /* rest of init goes here */ @@ -67,6 +68,7 @@ static void __dealloc_nx_info(struct nx_ BUG_ON(atomic_read(&nxi->nx_usecnt)); BUG_ON(atomic_read(&nxi->nx_refcnt)); + nxi->nx_state |= NXS_RELEASED; kfree(nxi); } @@ -156,17 +158,21 @@ static inline struct nx_info *__lookup_n { struct hlist_head *head = &nx_info_hash[__hashval(nid)]; struct hlist_node *pos; + struct nx_info *nxi; vxd_assert_lock(&nx_info_hash_lock); hlist_for_each(pos, head) { - struct nx_info *nxi = - hlist_entry(pos, struct nx_info, nx_hlist); + nxi = hlist_entry(pos, struct nx_info, nx_hlist); - if (nxi->nx_id == nid) { - return nxi; - } + if (nxi->nx_id == nid) + goto found; } - return NULL; + nxi = NULL; +found: + vxdprintk(VXD_CBIT(nid, 0), + "__lookup_nx_info(#%u): %p[#%u]", + nid, nxi, nxi?nxi->nx_id:0); + return nxi; } @@ -271,11 +277,11 @@ void unhash_nx_info(struct nx_info *nxi) struct nx_info *locate_nx_info(int id) { - struct nx_info *nxi; + struct nx_info *nxi = NULL; if (id < 0) { nxi = get_nx_info(current->nx_info); - } else { + } else if (id > 1) { spin_lock(&nx_info_hash_lock); nxi = get_nx_info(__lookup_nx_info(id)); spin_unlock(&nx_info_hash_lock); @@ -382,10 +388,12 @@ int nx_migrate_task(struct task_struct * clr_nx_info(&p->nx_info); set_nx_info(&p->nx_info, nxi); p->nid = nxi->nx_id; - task_unlock(p); - /* obsoleted by clr/set */ - // put_nx_info(old_nxi); + vxdprintk(VXD_CBIT(nid, 5), + "moved task %p into nxi:%p[#%d]", + p, nxi, nxi->nx_id); + + task_unlock(p); out: put_nx_info(old_nxi); return ret;