[Devel] [PATCH RHEL7 COMMIT] ve/mount: allow pseudosuper to temporary exceed the container limit

Fri Jul 13 15:35:32 MSK 2018

The commit is pushed to "branch-rh7-3.10.0-862.6.3.vz7.62.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-862.6.3.vz7.62.3
------>
commit cb5488bae3555a8696554010d151b9bfb7934cc1
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date:   Fri Jul 13 15:35:32 2018 +0300

    ve/mount: allow pseudosuper to temporary exceed the container limit
    
    Criu algorithm is (prepare_mnt_ns):
    1) Restore all mounts of the CT (from all mntns'es) in single temporary
    mount namespace.
    2) For each mount namespace of the container recreate it's mounts:
     a) Unshare temporary mntns (mounts are doubled)
     b) Remove with pivot_root all excess mounts
    
    So at some point we have many mntnses of the CT already created with
    their mounts and two temporary mount namespaces with mounts copies, that
    is ~3x mounts (and may be also some aditional temporary mounts).
    
    When we restore a CT with > 1/3*sysctl_ve_mount_nr mounts we hit the
    limit and fail, fix it ignoring the limit at restore stage.
    
    https://jira.sw.ru/browse/PSBM-86511
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
    Acked-by: Cyrill Gorcunov <gorcunov at openvz.org>
---
 fs/namespace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index cb57697f0c0a..377ba4f36639 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2503,7 +2503,7 @@ static inline int ve_mount_allowed(void)
 {
 	struct ve_struct *ve = get_exec_env();
 
-	return ve_is_super(ve) ||
+	return ve_is_super(ve) || ve->is_pseudosuper ||
 		atomic_read(&ve->mnt_nr) < (int)sysctl_ve_mount_nr;
 }
 
