initial import (Boeing r1752, NRL r878)

2013-08-29 14:21:13 +00:00 · 2013-08-29 14:21:13 +00:00 · f8f46d28be
commit f8f46d28be
394 changed files with 99738 additions and 0 deletions
--- a/kernel/core-kernel-2.6.38/Makefile
+++ b/kernel/core-kernel-2.6.38/Makefile
@ -0,0 +1,62 @@
+VERSION		:= 2.6.38
+TARBALL		:= /usr/src/linux-source-$(VERSION).tar.bz2
+
+SUBVERSION	:= -core
+REVISION	:= 1.0
+
+PATCHDIR	:= patches
+PATCHES		:= $(sort $(wildcard $(PATCHDIR)/*.patch))
+
+CONFIG		:= config.core
+
+DEPDEBS		:= linux-source kernel-package po-debconf gettext
+
+CONCURRENCY_LEVEL	:= 2
+
+MAINTAINER	?= Tom Goff
+EMAIL		?= thomas.goff@boeing.com
+
+MAKEKPKGFLAGS	:= --initrd --rootcmd fakeroot --us --uc	\
+    --append-to-version $(SUBVERSION) --revision $(REVISION)
+
+.PHONY: build
+build: debcheck defaultconfig patch
+	export CONCURRENCY_LEVEL="$(CONCURRENCY_LEVEL)"			\
+	    KPKG_MAINTAINER="$(MAINTAINER)" KPKG_EMAIL="$(EMAIL)";	\
+	cd linux-source-$(VERSION) &&					\
+	    if [ -f ../$(CONFIG) ]; then				\
+	        cat ../$(CONFIG) >> .config;				\
+	    fi &&							\
+	    fakeroot make-kpkg $(MAKEKPKGFLAGS) binary-arch
+
+.PHONY: debcheck
+debcheck:
+	for d in $(DEPDEBS); do						\
+	    if ! dpkg-query -s $$d > /dev/null 2>&1; then		\
+		echo ERROR: build dependency not installed: $$d >&2;	\
+		exit 1;							\
+	    fi;								\
+	done
+
+.PHONY: defaultconfig
+defaultconfig: linux-source-$(VERSION)
+	export KPKG_MAINTAINER="$(MAINTAINER)" KPKG_EMAIL="$(EMAIL)";	   \
+	cd linux-source-$(VERSION) && make-kpkg $(MAKEKPKGFLAGS) configure
+
+.PHONY: patch
+patch: linux-source-$(VERSION) patch-stamp
+patch-stamp: $(PATCHES)
+	for p in $^; do							\
+	    if ! patch -d linux-source-$(VERSION) -p1 < $$p; then	\
+		echo ERROR: applying patch failed: $$p >&2;		\
+		exit 1;							\
+	    fi;								\
+	done
+	touch patch-stamp
+
+linux-source-$(VERSION): $(TARBALL)
+	tar -xjf $^
+
+.PHONY: clean
+clean:
+	rm -rf linux-source-$(VERSION) patch-stamp
--- a/kernel/core-kernel-2.6.38/README.txt
+++ b/kernel/core-kernel-2.6.38/README.txt
@ -0,0 +1,9 @@
+Author: Tom Goff <thomas.goff@boeing.com>
+
+The Makefile is basically a wrapper around the make-kpkg command that
+simplifies building kernel packages.  Running make will do some basic
+dependency checks then build architecture appropriate kernel packages that
+include changes from the patches directory.  The nfnetlink patch is what
+virtualizes the netfilter queue mechanism; the flow-cache patch allows using
+IPsec between network namespaces; the ifindex patch virtualizes network
+interface index numbers.
--- a/kernel/core-kernel-2.6.38/config.core
+++ b/kernel/core-kernel-2.6.38/config.core
@ -0,0 +1 @@
+CONFIG_XFRM_STATISTICS=y
--- a/kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.flow-cache.patch
+++ b/kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.flow-cache.patch
@ -0,0 +1,31 @@
+Only use the flow cache for the initial network namespace.
+
+The flow cache is not per netns and its entries do not include what
+namespace they are valid for.  This causes problems when transformed
+traffic is sent between namespaces.
+---
+ net/core/flow.c |    4 ++++
+ 1 files changed, 4 insertions(+), 0 deletions(-)
+
+diff --git a/net/core/flow.c b/net/core/flow.c
+index 127c8a7..890510f 100644
+--- a/net/core/flow.c
+++ b/net/core/flow.c
+@@ -24,6 +24,7 @@
+ #include <net/flow.h>
+ #include <asm/atomic.h>
+ #include <linux/security.h>
+#include <net/net_namespace.h>
+ 
+ struct flow_cache_entry {
+ 	union {
+@@ -227,6 +228,9 @@ flow_cache_lookup(struct net *net, struct flowi *key, u16 family, u8 dir,
+ 	if (!fcp->hash_table)
+ 		goto nocache;
+ 
+	if (!net_eq(net, &init_net))
+		goto nocache;
+
+ 	if (fcp->hash_rnd_recalc)
+ 		flow_new_hash_rnd(fc, fcp);
+ 
--- a/kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.ifindex.patch
+++ b/kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.ifindex.patch
@ -0,0 +1,52 @@
+Make network device ifindex sequential per network namespace.
+
+---
+ include/net/net_namespace.h |    2 ++
+ net/core/dev.c              |   13 ++++++-------
+ 2 files changed, 8 insertions(+), 7 deletions(-)
+
+diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
+index 1bf812b..6ee0db4 100644
+--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
+@@ -57,6 +57,8 @@ struct net {
+ 	struct sock 		*rtnl;			/* rtnetlink socket */
+ 	struct sock		*genl_sock;
+ 
+	int ifindex;
+
+ 	struct list_head 	dev_base_head;
+ 	struct hlist_head 	*dev_name_head;
+ 	struct hlist_head	*dev_index_head;
+diff --git a/net/core/dev.c b/net/core/dev.c
+index 6561021..764a190 100644
+--- a/net/core/dev.c
+++ b/net/core/dev.c
+@@ -4975,12 +4975,11 @@ int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg)
+  */
+ static int dev_new_index(struct net *net)
+ {
+-	static int ifindex;
+ 	for (;;) {
+-		if (++ifindex <= 0)
+-			ifindex = 1;
+-		if (!__dev_get_by_index(net, ifindex))
+-			return ifindex;
+		if (++net->ifindex <= 0)
+			net->ifindex = 1;
+		if (!__dev_get_by_index(net, net->ifindex))
+			return net->ifindex;
+ 	}
+ }
+ 
+@@ -5918,8 +5917,8 @@ int dev_change_net_namespace(struct net_device *dev, struct net *net, const char
+ 	/* Actually switch the network namespace */
+ 	dev_net_set(dev, net);
+ 
+-	/* If there is an ifindex conflict assign a new one */
+-	if (__dev_get_by_index(net, dev->ifindex)) {
+	/* Assign a new ifindex */
+	{
+ 		int iflink = (dev->iflink == dev->ifindex);
+ 		dev->ifindex = dev_new_index(net);
+ 		if (iflink)
--- a/kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.nfnetlink.patch
+++ b/kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.nfnetlink.patch