[Devel] [PATCH RH7] ve/net/packet: show tx-ring warning only for host
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Thu Mar 23 04:47:05 PDT 2017
Calling setsockopt(SOL_PACKET, PACKET_TX_RING) on TPACKET_V3 version
will fail with EINVAL and also generates these warning. That can allow
host log flood from CT, so do not show these warning from inside CT.
https://jira.sw.ru/browse/PSBM-56711
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
net/packet/af_packet.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index c15e57a..f574488 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -3818,7 +3818,9 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
lock_sock(sk);
/* Opening a Tx-ring is NOT supported in TPACKET_V3 */
if (!closing && tx_ring && (po->tp_version > TPACKET_V2)) {
- WARN(1, "Tx-ring is not supported.\n");
+ /* Hide warning initiated from CT */
+ if (ve_init_user_ns() == &init_user_ns)
+ WARN(1, "Tx-ring is not supported.\n");
goto out;
}
--
2.9.3
More information about the Devel
mailing list