[Devel] [PATCH rh7 1/2] Revert "ve/net: Exclude foreign CT sockets from /proc/net/tcp{, 6}"

Konstantin Khorenko khorenko at virtuozzo.com
Fri Apr 24 20:10:27 MSK 2020


This reverts commit b6c0f8cf6332f9950c0ca4892bf7f65bd0934f7a.

Foreign sockets were seen due to occasional net_access_allowed()
definition got under wrong ifdef, that was fixed by another patch long
ago.

Anyway we are going to revert the patch which introduces
net_access_allowed() and the ability to view Containers' connections
from host, so don't need the current patch.

https://bugs.openvz.org/browse/OVZ-7202

Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
 net/ipv4/tcp_ipv4.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 2d687cee0221d..0417acc78e73b 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1980,7 +1980,7 @@ static void *listening_get_next(struct seq_file *seq, void *cur)
 	}
 get_sk:
 	sk_nulls_for_each_from(sk, node) {
-		if (!net_eq(sock_net(sk), net))
+		if (!net_access_allowed(sock_net(sk), net))
 			continue;
 		if (sk->sk_family == st->family) {
 			cur = sk;
@@ -2055,7 +2055,7 @@ static void *established_get_first(struct seq_file *seq)
 		spin_lock_bh(lock);
 		sk_nulls_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
 			if (sk->sk_family != st->family ||
-			    !net_eq(sock_net(sk), net)) {
+			    !net_access_allowed(sock_net(sk), net)) {
 				continue;
 			}
 			rc = sk;
@@ -2081,7 +2081,7 @@ static void *established_get_next(struct seq_file *seq, void *cur)
 
 	sk_nulls_for_each_from(sk, node) {
 		if (sk->sk_family == st->family &&
-		    net_eq(sock_net(sk), net))
+		    net_access_allowed(sock_net(sk), net))
 			return sk;
 	}
 
-- 
2.15.1



More information about the Devel mailing list