[Devel] [PATCH rh7 1/1] ve/sysfs: relax sanity check for ns_type in sysfs_find_dirent()
Kirill Tkhai
ktkhai at virtuozzo.com
Thu Mar 15 14:01:22 MSK 2018
On 15.03.2018 13:06, Konstantin Khorenko wrote:
> Don't complain about searching for a non ns specific sysfs entry in ns specific parent dirent.
>
> When we set sysfs permissions for a CT via ve.sysfs_permissions
> we assume the target sysfs entry is non ns specific and call
> sysfs_find_dirent() with NULL ns arg.
>
> This makes sense because ns specific sysfs entries (with s_ns set) are not checked against
> CT specific permissions at all (see sysfs_sd_permission()).
>
> And in case for example we've moved a physical net device from host inside a Container
> we've got ns specific entries (for example devices/pci0000:00/0000:00:1c.2/0000:02:00.0/net)
> and looking for a non ns specific net device name entry inside which triggers a complain.
> Drop the complain.
>
> https://jira.sw.ru/browse/PSBM-82259
>
> Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
Reviewed-by: Kirill Tkhai <ktkhai at virtuozzo.com>
> ---
> fs/sysfs/dir.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
> index dd34b5932ce6..f9294c00b571 100644
> --- a/fs/sysfs/dir.c
> +++ b/fs/sysfs/dir.c
> @@ -643,14 +643,14 @@ struct sysfs_dirent *sysfs_find_dirent(struct sysfs_dirent *parent_sd,
> {
> struct rb_node *node = parent_sd->s_dir.children.rb_node;
> unsigned int hash;
> -
> +#ifndef CONFIG_VE
> if (!!sysfs_ns_type(parent_sd) != !!ns) {
> WARN(1, KERN_WARNING "sysfs: ns %s in '%s' for '%s'\n",
> sysfs_ns_type(parent_sd)? "required": "invalid",
> parent_sd->s_name, name);
> return NULL;
> }
> -
> +#endif
> hash = sysfs_name_hash(ns, name);
> while (node) {
> struct sysfs_dirent *sd;
>
More information about the Devel
mailing list