kernel September 2011

kernel@lists.fedoraproject.org

14 participants
7 discussions

fedora 14 kernel performance with ip forwarding workload
by Jesse Brandeburg 05 Jun '15

05 Jun '15

The other day I was running the stock fedora kernel on my ip forwarding setup, to see what the performance was, and the performance wasn't very good. system is S5520HC dual socket 2.93GHz Xeon 5570 (Nehalem) with 3 quad port 82580 adapters (12 ports). Traffic is bidirectional 64 byte packets being forwarded and received on each port, basically port to port routing. I am only using 12 flows currently. The driver is igb, and I am using an affinity script that lines up each pair of ports that are forwarding traffic into optimal configurations for cache locality. I am also disabling remote_node_defrag_ratio to stop cross node traffic. With the fedora default kernel from F14 it appears that CONFIG_NETFILTER=y means that I cannot unload all of netfilter even if I stop iptables service. perf showed netfilter being prominent, and removing it gives me much higher throughput. Is there a reason CONFIG_NETFILTER=y ? Isn't it a good thing to be able to disable netfilter if you want to? Jesse

5 9

[PATCHSET] utrace for 3.1 kernel
by Oleg Nesterov 08 Feb '12

08 Feb '12

Hello. utrace patches for 3.1 kernel. Untested, will try to do some tests tomorrow. I do not want to spam you all and the lists, please look at git://git.kernel.org/pub/scm/linux/kernel/git/oleg/misc.git utrace-3.1 Oleg Nesterov (29): utrace: add utrace_init_task/utrace_free_task calls tracehooks: add utrace hooks tracehooks: reintroduce tracehook_consider_fatal_signal() add utrace hooks into sig_ignored() and recalc_sigpending() restore the EXEC/EXIT/CLONE utrace hooks utrace: utrace_report_death() can use task_utrace_struct() restore the DEATH/REAP utrace hooks utrace: remove jobctl bits ptrace: take ->siglock around s/TRACED/RUNNING/ introduce wake_up_quiescent() introduce ptrace_signal_wake_up() wait_task_inactive: treat task->state and match_state as bitmasks introduce TASK_UTRACED state utrace: use TASK_UTRACED instead of TASK_TRACED reintroduce tracehook_finish_jctl() as utrace_end_stop() teach wake_up_quiescent() to do "selective" wake_up ptrace_stop: do not assume the task is running after wake_up_quiescent() get_signal_to_deliver: restore/restructure utrace/ptrace signal reporting utrace_get_signal: s/JOBCTL_STOP_PENDING/JOBCTL_PENDING_MASK/ introduce ptrace_set_syscall_trace() introduce PT_SYSCALL_TRACE flag utrace: don't clear TIF_SYSCALL_TRACE if it is needed by ptrace introduce task_utrace_lock/task_utrace_unlock teach ptrace_set_syscall_trace() to play well with utrace introduce PT_SINGLE_STEP and PT_SINGLE_BLOCK utrace: finish_resume_report: don't do user_xxx_step() if ptrace_wants_step() ptrace: shift user_*_step() from ptrace_resume() to ptrace_stop() ptrace_disable: no need to disable stepping ptrace_report_syscall: check TIF_SYSCALL_EMU Roland McGrath (1): utrace core Documentation/DocBook/Makefile | 2 +- Documentation/DocBook/utrace.tmpl | 589 +++++++++ arch/s390/kernel/traps.c | 4 +- arch/x86/kernel/ptrace.c | 1 - fs/exec.c | 5 +- fs/proc/array.c | 14 +- include/linux/ptrace.h | 7 + include/linux/sched.h | 25 +- include/linux/signal.h | 2 + include/linux/tracehook.h | 53 +- include/linux/utrace.h | 773 ++++++++++++ init/Kconfig | 9 + kernel/Makefile | 1 + kernel/exit.c | 5 + kernel/fork.c | 9 + kernel/ptrace.c | 57 +- kernel/sched.c | 2 +- kernel/signal.c | 97 ++- kernel/utrace.c | 2461 +++++++++++++++++++++++++++++++++++++ 19 files changed, 4062 insertions(+), 54 deletions(-) create mode 100644 Documentation/DocBook/utrace.tmpl create mode 100644 include/linux/utrace.h create mode 100644 kernel/utrace.c

4 39

monthly irc meeting.
by Dave Jones 28 Oct '11

28 Oct '11

We've been having monthly team meetings for a few months, and have decided that some of the material we end up discussing should really be shared with a wider audience. Here are the minutes from this months meeting for example, that Chuck captured: http://fpaste.org/3LYS/ So as noted at https://fedoraproject.org/wiki/Meeting_channel, we're going to try a monthly one hour meeting at 1800UTC the 2nd Friday of every month in #fedora-meeting. No fixed agenda to begin with, let's see where it goes. Dave

2 3

[PATCH f14 Backport 76435548] Ecryptfs: Add mount option to check uid of device being mounted = expect uid
by Josh Boyer 16 Sep '11

16 Sep '11

Here's a backport of upstream commit 76435548 for F14. Please review. I've tested this in a KVM guest and ecryptfs seems to still work without issue, but my testing is certainly not exhausting. The ecryptfs-utils does have the proper commits to utilize this in F14 as well. If I don't hear anything soon, I'll assume silence is acceptance ;). josh From: John Johansen <john.johansen(a)canonical.com> Close a TOCTOU race for mounts done via ecryptfs-mount-private. The mount source (device) can be raced when the ownership test is done in userspace. Provide Ecryptfs a means to force the uid check at mount time. Signed-off-by: John Johansen <john.johansen(a)canonical.com> Cc: <stable(a)kernel.org> Signed-off-by: Tyler Hicks <tyhicks(a)linux.vnet.ibm.com> Backported to 2.6.35.14 by Josh Boyer <jwboyer(a)redhat.com> --- fs/ecryptfs/main.c | 27 ++++++++++++++++++++++----- 1 files changed, 22 insertions(+), 5 deletions(-) diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index cbd4e18..c249d14 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c @@ -208,7 +208,7 @@ enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig, ecryptfs_opt_passthrough, ecryptfs_opt_xattr_metadata, ecryptfs_opt_encrypted_view, ecryptfs_opt_fnek_sig, ecryptfs_opt_fn_cipher, ecryptfs_opt_fn_cipher_key_bytes, - ecryptfs_opt_unlink_sigs, ecryptfs_opt_err }; + ecryptfs_opt_unlink_sigs, ecryptfs_opt_check_dev_ruid, ecryptfs_opt_err }; static const match_table_t tokens = { {ecryptfs_opt_sig, "sig=%s"}, @@ -223,6 +223,7 @@ static const match_table_t tokens = { {ecryptfs_opt_fn_cipher, "ecryptfs_fn_cipher=%s"}, {ecryptfs_opt_fn_cipher_key_bytes, "ecryptfs_fn_key_bytes=%u"}, {ecryptfs_opt_unlink_sigs, "ecryptfs_unlink_sigs"}, + {ecryptfs_opt_check_dev_ruid, "ecryptfs_check_dev_ruid"}, {ecryptfs_opt_err, NULL} }; @@ -266,6 +267,7 @@ static void ecryptfs_init_mount_crypt_stat( * ecryptfs_parse_options * @sb: The ecryptfs super block * @options: The options pased to the kernel + * @check_ruid: set to 1 if device uid should be checked against the ruid * * Parse mount options: * debug=N - ecryptfs_verbosity level for debug output @@ -281,7 +283,7 @@ static void ecryptfs_init_mount_crypt_stat( * * Returns zero on success; non-zero on error */ -static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options) +static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options, uid_t *check_ruid) { char *p; int rc = 0; @@ -306,6 +308,8 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options) char *cipher_key_bytes_src; char *fn_cipher_key_bytes_src; + *check_ruid = 0; + if (!options) { rc = -EINVAL; goto out; @@ -406,6 +410,9 @@ static int ecryptfs_parse_options(struct ecryptfs_sb_info *sbi, char *options) case ecryptfs_opt_unlink_sigs: mount_crypt_stat->flags |= ECRYPTFS_UNLINK_SIGS; break; + case ecryptfs_opt_check_dev_ruid: + *check_ruid = 1; + break; case ecryptfs_opt_err: default: printk(KERN_WARNING @@ -494,7 +501,7 @@ static struct file_system_type ecryptfs_fs_type; * ecryptfs_interpose to create our initial inode and super block * struct. */ -static int ecryptfs_read_super(struct super_block *sb, const char *dev_name) +static int ecryptfs_read_super(struct super_block *sb, const char *dev_name, uid_t check_ruid) { struct path path; int rc; @@ -511,6 +518,15 @@ static int ecryptfs_read_super(struct super_block *sb, const char *dev_name) "known incompatibilities\n"); goto out_free; } + + if (check_ruid && path.dentry->d_inode->i_uid != current_uid()) { + rc = -EPERM; + printk(KERN_ERR "Mount of device (uid: %d) not owned by " + "requested user (uid: %d)\n", + path.dentry->d_inode->i_uid, current_uid()); + goto out_free; + } + ecryptfs_set_superblock_lower(sb, path.dentry->d_sb); sb->s_maxbytes = path.dentry->d_sb->s_maxbytes; sb->s_blocksize = path.dentry->d_sb->s_blocksize; @@ -549,6 +565,7 @@ static int ecryptfs_get_sb(struct file_system_type *fs_type, int flags, struct ecryptfs_dentry_info *root_info; const char *err = "Getting sb failed"; int rc; + uid_t check_ruid; sbi = kmem_cache_zalloc(ecryptfs_sb_info_cache, GFP_KERNEL); if (!sbi) { @@ -556,7 +573,7 @@ static int ecryptfs_get_sb(struct file_system_type *fs_type, int flags, goto out; } - rc = ecryptfs_parse_options(sbi, raw_data); + rc = ecryptfs_parse_options(sbi, raw_data, &check_ruid); if (rc) { err = "Error parsing options"; goto out; @@ -601,7 +618,7 @@ static int ecryptfs_get_sb(struct file_system_type *fs_type, int flags, /* ->kill_sb() will take care of root_info */ ecryptfs_set_dentry_private(s->s_root, root_info); s->s_flags |= MS_ACTIVE; - rc = ecryptfs_read_super(s, dev_name); + rc = ecryptfs_read_super(s, dev_name, check_ruid); if (rc) { deactivate_locked_super(s); err = "Reading sb failed"; -- 1.7.6

1 0

MacBookAir4,1 support patches
by Bastien Nocera 14 Sep '11

14 Sep '11

3 patches: - one to enable multitouch on the trackpad - one to allow using the Fn keys on the keyboard - and one to make the Bluetooth adapter work The first 2 have equivalents for the MacBookAir4,2 (13") already in Linus' tree. The trackpad patch was added by Dmitry to his tree (though bizarrely no word on the keyboard patch). Not sure what's happening with the Bluetooth patch, no response as of yet. Cheers

2 5

Distro kernel update
by Josh Boyer 12 Sep '11

12 Sep '11

It's been a while since we gave an overview of the kernel plans for Fedora, so I thought I'd send a brief update on what we're doing, where we're headed, and why. Rawhide: Rawhide is basically trucking along as it normally does, tracking the latest upstream Linus tree. This will continue for the forseeable future, so there really are no surprises here. At the moment, it is at 3.1-rc4 and overall seems fairly stable. There is an ext4 lockdep trace that quite a few people have hit, but a fix has been posted upstream and should be included in the next build. F16: The F16 Alpha released with the first stable release of the 3.0 kernel, but it has since transitioned to the 3.1 pre-release kernels. The plan for the final release is to ship 3.1 final (or the latest stable release of it), but there wasn't time to get that into the Alpha. Currently, we're at 3.1-rc4, which means we're synced with rawhide. This will continue until 3.1 final is released. The F16 kernels also still have the debug options enabled. We've found that testing of the rawhide kernel is somewhat limited, and we don't get many reports aginst that. Most of the lockdep issues or other bugs found in the 3.1 kernel so far have come from people running F16, so this is paying off in terms of getting the kernel debugged and fixed before the final release. It does have the side-effect of introducing a performance penalty in some cases, but we'd rather get the bugs fixed first. The debug options will be disabled and we'll move to a release kernel once 3.1 final is released and built. F15: F15 has now moved to the 2.6.40 kernel. If you haven't been paying attention lately, you'll probably be saying "wait... there is no 2.6.40 upstream" and you would be right. So Fedora's 2.6.40 is really the 3.0 upstream kernel, "rebranded" to follow the 2.6.x numbering scheme. This was done to avoid userspace incompatibilities with the 3.x numbering scheme for packages that were either tightly coupled to kernel version and/or, uh, doing things a bit wrongly. Most of those packages have been fixed in f16 at this point. We're at the equivalent of the 3.0.4 stable release in updates-testing and that should be moving to updates relatively soon. F14: Sigh. F14 is still on the 2.6.35.x longterm kernel, currently at 2.6.35.14. This is both good and bad. Good in that it's the oldest supported release, and we've got somewhat of a known quantity with this kernel at this point. Bad because the upstream stable branch is updated fairly infrequently and seems to be somewhat in zombie state. We've spent the last week or so trying to plow through the F14 bugzilla backlog. This has sort of paid off by clearing out a bunch of stale bugs, duplicates, and things that were fixed and never closed. At the moment, we're under 300 bugs which isn't great but is much improved overall. Going forward, we're at sort of an impasse. The two most likely options are staying on 2.6.35.x, or moving to 2.6.40 as F15 did. We know that there are areas where 2.6.35.x is just broken or insufficient (USB 3 support, various suspend/resume issues) that might be improved in 2.6.40 but that comes with the risk of hitting userspace interaction bugs. We're keeping an eye on this and trying to come up with the best all around decision, but it is not an easy choice. In the meantime, if you are having lots of issues with F14, we strongly you to upgrade to F15. (Yes, we are aware of the fact that some people want to stick with F14 to avoid Gnome3. That's outside of the scope of the kernel and we really don't want to discuss it here.) So there's a brief overview of the kernel happenings going on in Fedora. If you have questions, feel free to shoot an email to the fedora kernel list! josh

11 20

[PATCH F-16] bz735118: utrace: s390: fix the compile problem with traps.c
by Oleg Nesterov 01 Sep '11

01 Sep '11

https://bugzilla.redhat.com/show_bug.cgi?id=735118 d99e60e5 "tracehooks: reintroduce tracehook_consider_fatal_signal()" breaks the compilation of arch/s390/kernel/traps.c. Restore the necessary include removed by upstream 73b7d40f commit. Signed-off-by: Oleg Nesterov <oleg(a)redhat.com> --- arch/s390/kernel/traps.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/arch/s390/kernel/traps.c b/arch/s390/kernel/traps.c index 1018ab6..50e975d 100644 --- a/arch/s390/kernel/traps.c +++ b/arch/s390/kernel/traps.c @@ -18,7 +18,7 @@ #include <linux/kernel.h> #include <linux/string.h> #include <linux/errno.h> -#include <linux/ptrace.h> +#include <linux/tracehook.h> #include <linux/timer.h> #include <linux/mm.h> #include <linux/smp.h> -- 1.5.5.1

2 1

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

kernel September 2011