[Devel] [PATCH RHEL7 COMMIT] ve: drop xattr policy toggle
Konstantin Khorenko
khorenko at virtuozzo.com
Fri Jun 3 05:44:09 PDT 2016
The commit is pushed to "branch-rh7-3.10.0-327.18.2.vz7.14.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-327.18.2.vz7.14.11
------>
commit 942da1259b13f49cf10078a20442e98f7aaa1558
Author: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
Date: Fri Jun 3 16:44:09 2016 +0400
ve: drop xattr policy toggle
This toggle was introduced to solve this bug (rhel5-based kernels):
https://bugs.openvz.org/browse/OVZ-6409
The root of the bug briefly: customer could add immutable attribute to a file in
a container, thus preventing container removal, becuase this attribute was
bypassed (via simfs) to the actual file system.
The toggle introduced 3-fold policy:
1) "Allow": set of extended attrributes is granted (default in RHEL7 !!!)
2) "Ignore": set of extended attributes is skipped (do nothing and return 0).
3) "Forbid": set of extended attributes is not allowed.
Maybe this approach was applicable to rhel5 kernel, but it's absolutely
useless and harmful in rhel7 because:
1) Current ve xattr policy is "Allow", thus it doesn't prevent to set
immutable attribute.
2) Immutable attribute is set via ioctl, and doesn't pass vfs_setxattr callback.
3) Set of immutable attribute is protected by CAP_LINUX_IMMUTABLE, which is
dropped in containers.
Signed-off-by: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
khorenko@:
* "fs.ve-xattr-policy" sysctl does not prohibit user from setting immutable
atribute on files
* immutable attribute on file does not prevent Container destroy for
ploop-based Containers
* we don't see any reasons now to prohibit managing extended file attributes
(pfcache specific attributes cannot be managed from inside CT anyway)
=> let's clean the code
---
fs/xattr.c | 9 ---------
include/uapi/linux/xattr.h | 7 -------
kernel/ve/veowner.c | 8 --------
3 files changed, 24 deletions(-)
diff --git a/fs/xattr.c b/fs/xattr.c
index df05b6a..3377dff 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -125,15 +125,6 @@ vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
struct inode *inode = dentry->d_inode;
int error;
-#if defined(CONFIG_VE) && defined(CONFIG_SYSCTL)
- if (!ve_is_super(get_exec_env())) {
- if (ve_xattr_policy == VE_XATTR_POLICY_IGNORE)
- return 0;
- else if (ve_xattr_policy == VE_XATTR_POLICY_REJECT)
- return -EPERM;
- }
-#endif
-
error = xattr_permission(inode, name, MAY_WRITE);
if (error)
return error;
diff --git a/include/uapi/linux/xattr.h b/include/uapi/linux/xattr.h
index bb0c657..40bbc04 100644
--- a/include/uapi/linux/xattr.h
+++ b/include/uapi/linux/xattr.h
@@ -10,13 +10,6 @@
#ifndef _UAPI_LINUX_XATTR_H
#define _UAPI_LINUX_XATTR_H
-#ifdef CONFIG_VE
-extern int ve_xattr_policy;
-#define VE_XATTR_POLICY_ACCEPT 0
-#define VE_XATTR_POLICY_IGNORE 1
-#define VE_XATTR_POLICY_REJECT 2
-#endif
-
#define XATTR_CREATE 0x1 /* set value, fail if attr already exists */
#define XATTR_REPLACE 0x2 /* set value, fail if attr does not exist */
diff --git a/kernel/ve/veowner.c b/kernel/ve/veowner.c
index 1a7e735..005cdaf 100644
--- a/kernel/ve/veowner.c
+++ b/kernel/ve/veowner.c
@@ -52,7 +52,6 @@ static void prepare_proc(void)
* OpenVZ sysctl
* ------------------------------------------------------------------------
*/
-int ve_xattr_policy = VE_XATTR_POLICY_ACCEPT;
static int ve_area_access_check;
/*
@@ -72,13 +71,6 @@ static struct ctl_table vz_fs_table[] = {
.proc_handler = proc_dointvec,
},
{
- .procname = "ve-xattr-policy",
- .data = &ve_xattr_policy,
- .maxlen = sizeof(int),
- .mode = 0644,
- .proc_handler = &proc_dointvec,
- },
- {
.procname = "fsync-enable",
.data = &ve0.fsync_enable,
.maxlen = sizeof(int),
More information about the Devel
mailing list