From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Mon 27 Jan 2003 - 16:52:13 GMT
On Mon, Jan 27, 2003 at 05:20:57PM +0100, klavs klavsen wrote:
> Hi guys,
>
> While hoping to test vserver on 2.5 (which includes USAGI - but
> unfortunately not vserver yet) at some point :) I'm trying to patch my
> 2.4.20 kernel with Usage (www.linux-ipv6.org) and cryptoapi.
first, as far as I know the crypto api was created
to separate the crypto issues from the kernel and
establish a single interface point (which is the
patched loop device) ... so I would suggest to patch
the crypto stuff last, because it should "adapt"
> I've got my kernel patched with usage, and cryptoapi - but vserver
> fails:
> <snippet of output>
> patching file net/ipv4/tcp_ipv4.c
> Hunk #1 succeeded at 189 (offset 14 lines).
> Hunk #2 FAILED at 251.
> Hunk #3 succeeded at 616 (offset 160 lines).
> Hunk #4 FAILED at 664.
> Hunk #5 succeeded at 557 with fuzz 2 (offset 22 lines).
> Hunk #6 succeeded at 2450 (offset 187 lines).
> Hunk #7 succeeded at 2341 (offset 22 lines).
> Hunk #8 succeeded at 2521 (offset 187 lines).
> 2 out of 8 hunks FAILED -- saving rejects to file
> net/ipv4/tcp_ipv4.c.rej
> patching file net/ipv4/tcp_minisocks.c
> Hunk #1 succeeded at 388 with fuzz 1 (offset 7 lines).
> patching file net/ipv4/udp.c
> Hunk #1 succeeded at 121 (offset 14 lines).
> Hunk #2 FAILED at 178.
> Hunk #3 succeeded at 332 (offset 125 lines).
> Hunk #4 succeeded at 237 with fuzz 2.
> Hunk #5 succeeded at 431 (offset 148 lines).
> Hunk #6 succeeded at 295 with fuzz 2.
> Hunk #7 succeeded at 691 (offset 151 lines).
> 1 out of 8 hunks FAILED -- saving rejects to file net/ipv4/udp.c.rej
> </snippet of output>
>
> when looking in tcp_ipv4.c I find that the patch #hunk 2:
>
> *** 201,207 ****
> !sk2->reuse ||
> sk2->state == TCP_LISTEN) {
> ! if (!sk2->rcv_saddr ||
> ! !sk->rcv_saddr ||
> ! (sk2->rcv_saddr == sk->rcv_saddr))
> break;
> }
> --- 251,255 ----
> !sk2->reuse ||
> sk2->state == TCP_LISTEN) {
> ! if (tcp_ipv4_addr_conflict(sk,sk2))
> break;
> }
> ***************
>
> the line sk2->state == TCP_LISTEN is nowhere to be found in tcp_ipv4
> (since the USAGI patch was applied) so I'm at a loss, to figure out a
> way to get USAGI and vserver working together on 2.4.20.
had a look at usagi-linux24-s20030120-2.4.20.diff.bz2
(don't know which version you used) but a look at the
diff should show you the following lines ...
@@ -177,23 +191,157 @@
...
- sk2->state == TCP_LISTEN) {
- if (!sk2->rcv_saddr ||
- !sk->rcv_saddr ||
- (sk2->rcv_saddr == sk->rcv_saddr))
- break;
+#if defined(CONFIG_NET_RESTRICTED_REUSE) || defined(CONFIG_IPV6_RESTRICTED_DOUBLE_BIND)
+ uid_t sk2_uid;
+ int uid_ok;
+#endif
+ int both_specified = 0;
...
I guess this "was" the code addressed in the vserver
patch ... (hope this helps)
> I was hoping perhaps any of you had suggestions? Perhaps any you would
> like a kernel that supports IPV6 (including IPSEC - which the current
> 2.4 ipv6 doesn't - which is also probably why USAGI went in to the 2.5
> kernel) and vserver :)
IPv6, as far as I know, is still on Jacques TODO list,
so the IPv6 with or without IPSEC will lack the vserver
features until this is done (right Jacques?)
> Thank you for just reading this far ;)
you are welcome
best,
Herbert
>
> --
> Regards,
> Klavs Klavsen
>
> --------------| This mail has been sent to you by: |------------
> Klavs Klavsen - Open Source Consultant
> klavs_at_EnableIT.dk - http://www.EnableIT.dk
>
> Get PGP key from www.keyserver.net - Key ID: 0x586D5BCA
> Fingerprint = 2873 188C 968E 600D D8F8 B8DA 3D3A 0B79 7E06 3C62
> ----------------------------------------------------------------
> Open Source Software - Sometimes you get more than you paid for.
> -- unknown