[Devel] [PATCH RHEL7 COMMIT] ve/sunrpc: prohibit mounting rpc_pipefs in CT without nfsd feature
Konstantin Khorenko
khorenko at virtuozzo.com
Fri Sep 7 16:13:13 MSK 2018
The commit is pushed to "branch-rh7-3.10.0-862.11.6.vz7.71.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-862.11.6.vz7.71.10
------>
commit 0afb8647ff5034324c403cc0ddccaa68a594a2c2
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date: Fri Sep 7 16:13:12 2018 +0300
ve/sunrpc: prohibit mounting rpc_pipefs in CT without nfsd feature
We need rpc_pipefs for nfs server, but it breaks criu migration as
opened /var/lib/nfs/rpc_pipefs/nfs/clntX files are not supported yet.
Thus only allow mounting rpc_pipefs if CT has "--features nfsd:on".
Note: no additional check for ve_is_super() required because
VE0 has all features enabled:
struct ve_struct ve0 = {
...
.features = -1,
crash> p -x ve0.features
$2 = 0xffffffffffffffff
https://jira.sw.ru/browse/PSBM-87836
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
net/sunrpc/rpc_pipe.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index 62d442aad553..868d657e5cb2 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -31,6 +31,9 @@
#include <linux/nsproxy.h>
#include <linux/notifier.h>
+#include <uapi/linux/vzcalluser.h>
+#include <linux/ve.h>
+
#include "netns.h"
#include "sunrpc.h"
@@ -1458,6 +1461,10 @@ rpc_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data)
{
struct net *net = current->nsproxy->net_ns;
+
+ if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+ return ERR_PTR(-ENODEV);
+
return mount_ns(fs_type, flags, data, net, net->user_ns, rpc_fill_super);
}
More information about the Devel
mailing list