[Devel] [PATCH RHEL7 COMMIT] ve/exec: reverse the meaning of trusted_exec variable

Konstantin Khorenko khorenko at virtuozzo.com
Mon Nov 11 17:59:29 MSK 2019 

The commit is pushed to "branch-rh7-3.10.0-1062.4.1.vz7.115.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1062.4.1.vz7.115.12
------>
commit 9e9532120165c0c1caab81f418505b26448aa584
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date:   Mon Nov 11 17:59:27 2019 +0300

    ve/exec: reverse the meaning of trusted_exec variable
    
    Now trusted_exec == 1 means that we trust the host, and if someone
    executes container binaries from host he knows what he's doing
    (the defense is "off").
    By default trusted_exec == 0 and the defense is "on".
    
    Sysfs option to disable defence on boot is now called "trusted_exec".
    
    These way it is more consistent with ve_exec_trusted function name and
    the semantics of ptune/trusted sysfs entry.
    
    https://jira.sw.ru/browse/PSBM-98702
    
    Fixes: 761c2dfe68e7 ("ve/exec: allow trusted exec change both on boot
    and on running system")
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
    Acked-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
 fs/exec.c       | 2 +-
 kernel/sysctl.c | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index 7efa415649da..492560ed0fef 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -128,7 +128,7 @@ bool ve_exec_trusted(struct file *file, struct filename *name)
 	static DEFINE_RATELIMIT_STATE(sigsegv_rs, SIGSEGV_RATELIMIT_INTERVAL,
 						  SIGSEGV_RATELIMIT_BURST);
 
-	if (!trusted_exec)
+	if (trusted_exec)
 		return true;
 
 	if (exec_from_ct || (!file_on_ploop && !file_on_ct_mount))
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index d8d7aaee744a..aa50bff7c027 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -117,13 +117,13 @@ extern int sysctl_nr_trim_pages;
 
 int ve_allow_module_load = 1;
 EXPORT_SYMBOL(ve_allow_module_load);
-int trusted_exec = 1;
-static int __init set_no_trusted_exec(char *str)
+int trusted_exec = 0;
+static int __init set_trusted_exec(char *str)
 {
-        trusted_exec = 0;
+        trusted_exec = 1;
         return 1;
 }
-__setup("no_trusted_exec", set_no_trusted_exec);
+__setup("trusted_exec", set_trusted_exec);
 
 /* Constants used for minimum and  maximum */
 #ifdef CONFIG_LOCKUP_DETECTOR

More information about the Devel mailing list