[Devel] [PATCH rh7] ve: zap ve_allow_kthreads

[Vladimir Davydov]

It seems to have been added in order to disable nfs inside ve, which, in
turn, was needed because cpt did not support migration of containers
with nfs. Not relevant nowadays.

Signed-off-by: Vladimir Davydov <vdavydov at parallels.com>
---
 include/linux/ve.h | 2 --
 kernel/fork.c      | 9 ---------
 kernel/sysctl.c    | 7 -------
 kernel/ve/ve.c     | 2 --
 4 files changed, 20 deletions(-)

diff --git a/include/linux/ve.h b/include/linux/ve.h
index 6adeffa9c268..5489cabbb589 100644
--- a/include/linux/ve.h
+++ b/include/linux/ve.h
@@ -167,8 +167,6 @@ extern const void *ve_namespace(struct device *dev);
 
 extern struct kmapset_set ve_sysfs_perms;
 
-extern int ve_allow_kthreads;
-
 extern int vz_security_family_check(struct net *net, int family);
 extern int vz_security_protocol_check(struct net *net, int protocol);
 
diff --git a/kernel/fork.c b/kernel/fork.c
index 5e03c7d6e9e3..77b9ce6727ae 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1711,15 +1711,6 @@ long do_fork(unsigned long clone_flags,
  */
 pid_t kernel_thread(int (*fn)(void *), void *arg, unsigned long flags)
 {
-#ifdef CONFIG_VE
-	/* Don't allow kernel_thread() inside VE */
-	if (!ve_allow_kthreads && !ve_is_super(get_exec_env())) {
-		printk("kernel_thread call inside container\n");
-		dump_stack();
-		return -EPERM;
-	}
-#endif
-
 	return do_fork(flags|CLONE_VM|CLONE_UNTRACED, (unsigned long)fn,
 		(unsigned long)arg, NULL, NULL);
 }
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index db6c4e6b237c..90a6443b4254 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -826,13 +826,6 @@ static struct ctl_table kern_table[] = {
 	},
 #endif
 #ifdef CONFIG_VE
-	{
-		.procname	= "ve_allow_kthreads",
-		.data		= &ve_allow_kthreads,
-		.maxlen		= sizeof(int),
-		.mode		= 0644,
-		.proc_handler	= &proc_dointvec,
-	},
         {
 		.procname       = "ve_allow_module_load",
 		.data           = &ve_allow_module_load,
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index 07c06527b659..191369cf759f 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -56,8 +56,6 @@ struct module no_module = { .state = MODULE_STATE_GOING };
 EXPORT_SYMBOL(no_module);
 #endif
 
-int ve_allow_kthreads = 1;
-
 struct kmapset_set ve_sysfs_perms;
 
 static DEFINE_PER_CPU(struct kstat_lat_pcpu_snap_struct, ve0_lat_stats);
-- 
2.1.4