diff options
| author |   Benedikt Boehm <hollow@gentoo.org> | 2006-12-20 12:44:16 +0000 |
|---|---|---|
| committer | Benedikt Boehm <hollow@gentoo.org> | 2006-12-20 12:44:16 +0000 |
| commit | 3172b0a4e4c6a4f03bec93d25583197a678bd154 (patch) | |
| tree | 1768cf972175611ae0ddb0ccc7a853a9bcbdf50b /vserver-sources/old/2.1.1_rc27/4416_vs2.1.1-admin-feat02.patch | |
| parent | everything is in upstream now, no more patch tarballs, yay (diff) | |
| download | misc-3172b0a4e4c6a4f03bec93d25583197a678bd154.tar.gz misc-3172b0a4e4c6a4f03bec93d25583197a678bd154.tar.bz2 misc-3172b0a4e4c6a4f03bec93d25583197a678bd154.zip | |
create dir for old kernel patches
svn path=/; revision=534
Diffstat (limited to 'vserver-sources/old/2.1.1_rc27/4416_vs2.1.1-admin-feat02.patch')
| -rw-r--r-- | vserver-sources/old/2.1.1_rc27/4416_vs2.1.1-admin-feat02.patch | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/vserver-sources/old/2.1.1_rc27/4416_vs2.1.1-admin-feat02.patch b/vserver-sources/old/2.1.1_rc27/4416_vs2.1.1-admin-feat02.patch new file mode 100644 index 0000000..dbb1603 --- /dev/null +++ b/vserver-sources/old/2.1.1_rc27/4416_vs2.1.1-admin-feat02.patch @@ -0,0 +1,99 @@ +Index: linux-2.6.17/include/linux/vserver/context.h +=================================================================== +--- linux-2.6.17.orig/include/linux/vserver/context.h ++++ linux-2.6.17/include/linux/vserver/context.h +@@ -42,6 +42,7 @@ + + #define VXF_STATE_SETUP (1ULL<<32) + #define VXF_STATE_INIT (1ULL<<33) ++#define VXF_STATE_ADMIN (1ULL<<34) + + #define VXF_SC_HELPER (1ULL<<36) + #define VXF_REBOOT_KILL (1ULL<<37) +@@ -52,9 +53,9 @@ + + #define VXF_IGNEG_NICE (1ULL<<52) + +-#define VXF_ONE_TIME (0x0003ULL<<32) ++#define VXF_ONE_TIME (0x0007ULL<<32) + +-#define VXF_INIT_SET (VXF_STATE_SETUP|VXF_STATE_INIT) ++#define VXF_INIT_SET (VXF_STATE_SETUP|VXF_STATE_INIT|VXF_STATE_ADMIN) + + + /* context migration */ +Index: linux-2.6.17/include/linux/vserver/network.h +=================================================================== +--- linux-2.6.17.orig/include/linux/vserver/network.h ++++ linux-2.6.17/include/linux/vserver/network.h +@@ -16,13 +16,14 @@ + #define NXF_INFO_LOCK 0x00000001 + + #define NXF_STATE_SETUP (1ULL<<32) ++#define NXF_STATE_ADMIN (1ULL<<34) + + #define NXF_SC_HELPER (1ULL<<36) + #define NXF_PERSISTENT (1ULL<<38) + +-#define NXF_ONE_TIME (0x0001ULL<<32) ++#define NXF_ONE_TIME (0x0005ULL<<32) + +-#define NXF_INIT_SET (0) ++#define NXF_INIT_SET (NXF_STATE_ADMIN) + + + /* address types */ +Index: linux-2.6.17/kernel/vserver/signal.c +=================================================================== +--- linux-2.6.17.orig/kernel/vserver/signal.c ++++ linux-2.6.17/kernel/vserver/signal.c +@@ -77,6 +77,10 @@ int vc_ctx_kill(struct vx_info *vxi, voi + if (copy_from_user (&vc_data, data, sizeof(vc_data))) + return -EFAULT; + ++ /* special check to allow guest shutdown */ ++ if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) && (vc_data.pid != 1)) ++ return -EACCES; ++ + return vx_info_kill(vxi, vc_data.pid, vc_data.sig); + } + +Index: linux-2.6.17/kernel/vserver/switch.c +=================================================================== +--- linux-2.6.17.orig/kernel/vserver/switch.c ++++ linux-2.6.17/kernel/vserver/switch.c +@@ -413,17 +413,34 @@ long do_vserver(uint32_t cmd, uint32_t i + vxi = lookup_vx_info(id); + if (!vxi) + goto out; ++ ++ if ((flags & VCF_ADMIN) && ++ /* special case kill for shutdown */ ++ (cmd != VCMD_ctx_kill) && ++ /* can context be administrated? */ ++ !vx_info_flags(vxi, VXF_STATE_ADMIN, 0)) { ++ ret = -EACCES; ++ goto out_vxi; ++ } + } + state = 7; + if (args & VCA_NXI) { + nxi = lookup_nx_info(id); + if (!nxi) + goto out_vxi; ++ ++ if ((flags & VCF_ADMIN) && ++ /* can context be administrated? */ ++ !nx_info_flags(nxi, NXF_STATE_ADMIN, 0)) { ++ ret = -EACCES; ++ goto out_nxi; ++ } + } + + state = 8; + ret = do_vcmd(cmd, id, vxi, nxi, data, compat); + ++out_nxi: + if (args & VCA_NXI) + put_nx_info(nxi); + out_vxi: |