[Devel] [PATCH RHEL7 COMMIT] ve/fs: namespace -- Ignore device permissions during restore

Konstantin Khorenko khorenko at virtuozzo.com
Wed Jun 22 03:45:43 PDT 2016


The commit is pushed to "branch-rh7-3.10.0-327.18.2.vz7.14.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-327.18.2.vz7.14.17
------>
commit 7eeb5b4afa8db5a2f2e1e47ab6b84e55fc8c5661
Author: Cyrill Gorcunov <gorcunov at virtuozzo.com>
Date:   Wed Jun 22 14:45:43 2016 +0400

    ve/fs: namespace -- Ignore device permissions during restore
    
    To support several storage backends (ploops) inside container
    we've hacks in libvzctl which setup "old" permissions when
    restore procedure initiated. But the former idea was simply
    allow CRIU to do all the works and restore ploops mounts
    by its own (since CRIU fetches all mount options and such).
    
    For this sake we turn off mount options filtering provisionally
    if @is_pseudosuper is set, and CRIU restore mounts as regular
    ones.
    
    https://jira.sw.ru/browse/PSBM-48188
    
    Signed-off-by: Cyrill Gorcunov <gorcunov at virtuozzo.com>
    
    CC: Igor Sukhih <igor at virtuozzo.com>
    CC: Vladimir Davydov <vdavydov at virtuozzo.com>
    CC: Konstantin Khorenko <khorenko at virtuozzo.com>
---
 fs/namespace.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index 4fb935a..3df0ac5 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1933,7 +1933,12 @@ again:
 		if (devmnt->dev == dev) {
 			err = ve_devmnt_check(data, devmnt->allowed_options);
 
-			if (!err && !remount)
+			/*
+			 * In case of @is_pseudouser set, ie restore procedure,
+			 * we don't check for allowed options filtering, since
+			 * restore mode is special.
+			 */
+			if ((ve->is_pseudosuper || !err) && !remount)
 				err = ve_devmnt_insert(data, devmnt->hidden_options);
 
 			break;


More information about the Devel mailing list