[Devel] [PATCH rh7 7/8] ve/bridge: handle netlink messages AF_BRIDGE / RTM_[GSD]ETLINK sent from inside a Container

Fri Feb 21 19:07:30 MSK 2020

Weave network pluging for Kubernetes configures bridge via netlink,
so need to allow appropriate netlink messages if sent inside a
Container.

https://jira.sw.ru/browse/PSBM-92107

Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
 kernel/ve/ve.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index f3970e8ef0f6a..b423a96766794 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -221,6 +221,9 @@ int vz_security_family_check(struct net *net, int family, int type)
 				case RTM_NEWNEIGH:
 				case RTM_DELNEIGH:
 				case RTM_GETNEIGH:
+				case RTM_GETLINK:
+				case RTM_DELLINK:
+				case RTM_SETLINK:
 					return 0;
 			}
 	default:
-- 
2.15.1

