[Devel] [PATCH rh7] net: Don't nillify ve::ve_netns of ve0 on net exit, v2

[Cyrill Gorcunov]

When net-exit routine executes we zap ve::ve_netns member
but we should not nillify ve0::init_net, it's permanent one.

https://jira.sw.ru/browse/PSBM-33480

p.s.: When net unsharing happens on ve0 we do set net->owner_ve
to ve0, thus on exit we occasionally rip it off causing any
futher attempts to call unshare on ve0 to fail.

v2:
 - same applies when net namespace is created inside container
   itself: don't zap it until the net we're cleaning is the owner

Signed-off-by: Cyrill Gorcunov <gorcunov at odin.com>
CC: Andrew Vagin <avagin at odin.com>
---
 net/core/net_namespace.c |   12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

Index: linux-pcs7.git/net/core/net_namespace.c
===================================================================
--- linux-pcs7.git.orig/net/core/net_namespace.c
+++ linux-pcs7.git/net/core/net_namespace.c
@@ -314,8 +314,16 @@ static void cleanup_net(struct work_stru
 		ops_free_list(ops, &net_exit_list);
 
 	list_for_each_entry(net, &net_kill_list, cleanup_list) {
-		net->owner_ve->ve_netns = NULL;
-		put_ve(net->owner_ve);
+		struct ve_struct *ve = net->owner_ve;
+		/*
+		 * Cleaning up nested net-namespaces is tricky:
+		 * don't nillify ve_netns if created on ve0, or
+		 * nested net inside container.
+		 */
+		if (ve->ve_netns != get_ve0()->ve_netns &&
+		    ve->ve_netns == net)
+			ve->ve_netns = NULL;
+		put_ve(ve);
 	}
 
 	mutex_unlock(&net_mutex);