vserver-sources/2.1.1-r1/4412_vs2.1.1-private-fix01.patch

Index: linux-2.6.18/include/linux/vserver/network.h
===================================================================
--- linux-2.6.18.orig/include/linux/vserver/network.h
+++ linux-2.6.18/include/linux/vserver/network.h
@@ -14,6 +14,7 @@
 /* network flags */
 
 #define NXF_INFO_LOCK          0x00000001
+#define NXF_INFO_PRIVATE       0x00000008
 
 #define NXF_STATE_SETUP                (1ULL<<32)
 #define NXF_STATE_ADMIN                (1ULL<<34)
Index: linux-2.6.18/kernel/vserver/context.c
===================================================================
--- linux-2.6.18.orig/kernel/vserver/context.c
+++ linux-2.6.18/kernel/vserver/context.c
@@ -585,7 +585,7 @@ int vx_migrate_user(struct task_struct *
        if (!p || !vxi)
                BUG();
 
-       if (vx_info_flags(vxi, VXF_INFO_LOCK, 0))
+       if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
                return -EACCES;
 
        new_user = alloc_uid(vxi->vx_id, p->uid);
@@ -650,13 +650,17 @@ int vx_migrate_task(struct task_struct *
                "vx_migrate_task(%p,%p[#%d.%d])", p, vxi,
                vxi->vx_id, atomic_read(&vxi->vx_usecnt));
 
-       if (vx_info_flags(vxi, VXF_INFO_LOCK, 0))
+       if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
                return -EACCES;
 
        old_vxi = task_get_vx_info(p);
        if (old_vxi == vxi)
                goto out;
 
+       ret =-EACCES;
+       if (vx_info_flags(old_vxi, VXF_INFO_LOCK, 0))
+               goto out;
+
        if (!(ret = vx_migrate_user(p, vxi))) {
                int openfd;
 
Index: linux-2.6.18/kernel/vserver/namespace.c
===================================================================
--- linux-2.6.18.orig/kernel/vserver/namespace.c
+++ linux-2.6.18/kernel/vserver/namespace.c
@@ -33,7 +33,7 @@ int vx_enter_namespace(struct vx_info *v
        struct fs_struct *old_fs, *fs;
        struct namespace *old_ns;
 
-       if (vx_info_flags(vxi, VXF_INFO_LOCK, 0))
+       if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
                return -EACCES;
        if (!vxi->vx_namespace)
                return -EINVAL;
Index: linux-2.6.18/kernel/vserver/network.c
===================================================================
--- linux-2.6.18.orig/kernel/vserver/network.c
+++ linux-2.6.18/kernel/vserver/network.c
@@ -387,7 +387,7 @@ int nx_migrate_task(struct task_struct *
                atomic_read(&nxi->nx_usecnt),
                atomic_read(&nxi->nx_tasks));
 
-       if (nx_info_flags(nxi, NXF_INFO_LOCK, 0))
+       if (nx_info_flags(nxi, NXF_INFO_PRIVATE, 0))
                return -EACCES;
 
        /* maybe disallow this completely? */
@@ -395,6 +395,10 @@ int nx_migrate_task(struct task_struct *
        if (old_nxi == nxi)
                goto out;
 
+       ret =-EACCES;
+       if (nx_info_flags(old_nxi, NXF_INFO_LOCK, 0))
+               goto out;
+
        task_lock(p);
        if (old_nxi)
                clr_nx_info(&p->nx_info);
1	Index: linux-2.6.18/include/linux/vserver/network.h
2	===================================================================
3	--- linux-2.6.18.orig/include/linux/vserver/network.h
4	+++ linux-2.6.18/include/linux/vserver/network.h
5	@@ -14,6 +14,7 @@
6	/* network flags */
7
8	#define NXF_INFO_LOCK 0x00000001
9	+#define NXF_INFO_PRIVATE 0x00000008
10
11	#define NXF_STATE_SETUP (1ULL<<32)
12	#define NXF_STATE_ADMIN (1ULL<<34)
13	Index: linux-2.6.18/kernel/vserver/context.c
14	===================================================================
15	--- linux-2.6.18.orig/kernel/vserver/context.c
16	+++ linux-2.6.18/kernel/vserver/context.c
17	@@ -585,7 +585,7 @@ int vx_migrate_user(struct task_struct *
18	if (!p \|\| !vxi)
19	BUG();
20
21	- if (vx_info_flags(vxi, VXF_INFO_LOCK, 0))
22	+ if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
23	return -EACCES;
24
25	new_user = alloc_uid(vxi->vx_id, p->uid);
26	@@ -650,13 +650,17 @@ int vx_migrate_task(struct task_struct *
27	"vx_migrate_task(%p,%p[#%d.%d])", p, vxi,
28	vxi->vx_id, atomic_read(&vxi->vx_usecnt));
29
30	- if (vx_info_flags(vxi, VXF_INFO_LOCK, 0))
31	+ if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
32	return -EACCES;
33
34	old_vxi = task_get_vx_info(p);
35	if (old_vxi == vxi)
36	goto out;
37
38	+ ret =-EACCES;
39	+ if (vx_info_flags(old_vxi, VXF_INFO_LOCK, 0))
40	+ goto out;
41	+
42	if (!(ret = vx_migrate_user(p, vxi))) {
43	int openfd;
44
45	Index: linux-2.6.18/kernel/vserver/namespace.c
46	===================================================================
47	--- linux-2.6.18.orig/kernel/vserver/namespace.c
48	+++ linux-2.6.18/kernel/vserver/namespace.c
49	@@ -33,7 +33,7 @@ int vx_enter_namespace(struct vx_info *v
50	struct fs_struct old_fs, fs;
51	struct namespace *old_ns;
52
53	- if (vx_info_flags(vxi, VXF_INFO_LOCK, 0))
54	+ if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
55	return -EACCES;
56	if (!vxi->vx_namespace)
57	return -EINVAL;
58	Index: linux-2.6.18/kernel/vserver/network.c
59	===================================================================
60	--- linux-2.6.18.orig/kernel/vserver/network.c
61	+++ linux-2.6.18/kernel/vserver/network.c
62	@@ -387,7 +387,7 @@ int nx_migrate_task(struct task_struct *
63	atomic_read(&nxi->nx_usecnt),
64	atomic_read(&nxi->nx_tasks));
65
66	- if (nx_info_flags(nxi, NXF_INFO_LOCK, 0))
67	+ if (nx_info_flags(nxi, NXF_INFO_PRIVATE, 0))
68	return -EACCES;
69
70	/* maybe disallow this completely? */
71	@@ -395,6 +395,10 @@ int nx_migrate_task(struct task_struct *
72	if (old_nxi == nxi)
73	goto out;
74
75	+ ret =-EACCES;
76	+ if (nx_info_flags(old_nxi, NXF_INFO_LOCK, 0))
77	+ goto out;
78	+
79	task_lock(p);
80	if (old_nxi)
81	clr_nx_info(&p->nx_info);