[Devel] [PATCH RHEL7 COMMIT] ve/kmod/ebtable: allow to autoload ebtable_* modules from inside a CT
Konstantin Khorenko
khorenko at virtuozzo.com
Thu May 18 04:30:26 PDT 2017
The commit is pushed to "branch-rh7-3.10.0-514.16.1.vz7.32.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-514.16.1.vz7.32.4
------>
commit d94441365dbf2999a53def4634c14aa39adbf9b8
Author: Konstantin Khorenko <khorenko at virtuozzo.com>
Date: Thu May 18 13:53:45 2017 +0400
ve/kmod/ebtable: allow to autoload ebtable_* modules from inside a CT
Currently we allow to autoload ebt_* modules upon request from inside a Container but there are several ebtables_* modules to be allowed as well, thus allow all ebt* modules for that.
(Default CentOS7.3 firewalld service inside a CT complains on that)
https://jira.sw.ru/browse/PSBM-66435
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
Acked-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
kernel/kmod.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/kmod.c b/kernel/kmod.c
index 16b64ca..bb7671b 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -365,8 +365,8 @@ static inline int module_payload_iptable_allowed(const char *module)
if (!strncmp("arpt_", module, 5))
return 1;
- /* The rest of ebt_* modules */
- if (!strncmp("ebt_", module, 4))
+ /* The rest of ebt* modules */
+ if (!strncmp("ebt", module, 3))
return 1;
/* The rest of nft- modules */
More information about the Devel
mailing list