[Devel] [PATCH rh7 1/2] Revert "ve/net: Exclude foreign CT sockets from /proc/net/tcp{, 6}"
Kirill Tkhai
ktkhai at virtuozzo.com
Mon Apr 27 11:22:52 MSK 2020
On 24.04.2020 20:10, Konstantin Khorenko wrote:
> This reverts commit b6c0f8cf6332f9950c0ca4892bf7f65bd0934f7a.
>
> Foreign sockets were seen due to occasional net_access_allowed()
> definition got under wrong ifdef, that was fixed by another patch long
> ago.
>
> Anyway we are going to revert the patch which introduces
> net_access_allowed() and the ability to view Containers' connections
> from host, so don't need the current patch.
>
> https://bugs.openvz.org/browse/OVZ-7202
>
> Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
Reviewed-by: Kirill Tkhai <ktkhai at virtuozzo.com>
> ---
> net/ipv4/tcp_ipv4.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> index 2d687cee0221d..0417acc78e73b 100644
> --- a/net/ipv4/tcp_ipv4.c
> +++ b/net/ipv4/tcp_ipv4.c
> @@ -1980,7 +1980,7 @@ static void *listening_get_next(struct seq_file *seq, void *cur)
> }
> get_sk:
> sk_nulls_for_each_from(sk, node) {
> - if (!net_eq(sock_net(sk), net))
> + if (!net_access_allowed(sock_net(sk), net))
> continue;
> if (sk->sk_family == st->family) {
> cur = sk;
> @@ -2055,7 +2055,7 @@ static void *established_get_first(struct seq_file *seq)
> spin_lock_bh(lock);
> sk_nulls_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
> if (sk->sk_family != st->family ||
> - !net_eq(sock_net(sk), net)) {
> + !net_access_allowed(sock_net(sk), net)) {
> continue;
> }
> rc = sk;
> @@ -2081,7 +2081,7 @@ static void *established_get_next(struct seq_file *seq, void *cur)
>
> sk_nulls_for_each_from(sk, node) {
> if (sk->sk_family == st->family &&
> - net_eq(sock_net(sk), net))
> + net_access_allowed(sock_net(sk), net))
> return sk;
> }
>
>
More information about the Devel
mailing list