[Devel] [PATCH RHEL7 COMMIT] ve/nfsd: Add VE_FEATURE_NFS check during nfsd mount
Konstantin Khorenko
khorenko at virtuozzo.com
Thu Oct 8 03:30:18 PDT 2015
The commit is pushed to "branch-rh7-3.10.0-229.7.2.vz7.8.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-229.7.2.vz7.8.4
------>
commit 4e21e92ccabb60b704bbee157b849e8732bf2efe
Author: Kirill Tkhai <ktkhai at odin.com>
Date: Thu Oct 8 14:30:18 2015 +0400
ve/nfsd: Add VE_FEATURE_NFS check during nfsd mount
Allow mount nfsd only if the feature is enabled for VE.
https://jira.sw.ru/browse/PSBM-33687
Signed-off-by: Kirill Tkhai <ktkhai at odin.com>
---
fs/nfsd/nfsctl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c
index 1f06f7c..f0ed8a87 100644
--- a/fs/nfsd/nfsctl.c
+++ b/fs/nfsd/nfsctl.c
@@ -15,6 +15,7 @@
#include <linux/sunrpc/gss_krb5_enctypes.h>
#include <linux/sunrpc/rpc_pipe_fs.h>
#include <linux/module.h>
+#include <uapi/linux/vzcalluser.h>
#include "idmap.h"
#include "nfsd.h"
@@ -1126,6 +1127,8 @@ static int nfsd_fill_super(struct super_block * sb, void * data, int silent)
static struct dentry *nfsd_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data)
{
+ if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+ return ERR_PTR(-ENODEV);
if (!current_user_ns_initial())
return ERR_PTR(-EPERM);
return mount_ns(fs_type, flags, current->nsproxy->net_ns, nfsd_fill_super);
More information about the Devel
mailing list