[Devel] [PATCH RHEL7 COMMIT] mempolicy: Prohibit VE processes numa binding syscalls
Konstantin Khorenko
khorenko at virtuozzo.com
Wed Jul 15 18:22:50 MSK 2020
The commit is pushed to "branch-rh7-3.10.0-1127.10.1.vz7.162.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1127.10.1.vz7.162.9
------>
commit 01720c50bea3ccb84a6ca4a588a06b4fc6d6e1f5
Author: Kirill Tkhai <ktkhai at virtuozzo.com>
Date: Tue Mar 12 15:45:46 2019 +0300
mempolicy: Prohibit VE processes numa binding syscalls
NUMA mustn't not available in CT, so let's prohibit these
calls. For CT tasks this will look like kernel compiled
without NUMA support.
https://jira.sw.ru/browse/PSBM-92583
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
mm/mempolicy.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 8517079c559e4..0867e4273ef2e 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1407,6 +1407,9 @@ SYSCALL_DEFINE6(mbind, unsigned long, start, unsigned long, len,
int err;
unsigned short mode_flags;
+ if (!ve_is_super(get_exec_env()))
+ return -ENOSYS;
+
mode_flags = mode & MPOL_MODE_FLAGS;
mode &= ~MPOL_MODE_FLAGS;
if (mode >= MPOL_MAX)
@@ -1428,6 +1431,9 @@ SYSCALL_DEFINE3(set_mempolicy, int, mode, unsigned long __user *, nmask,
nodemask_t nodes;
unsigned short flags;
+ if (!ve_is_super(get_exec_env()))
+ return -ENOSYS;
+
flags = mode & MPOL_MODE_FLAGS;
mode &= ~MPOL_MODE_FLAGS;
if ((unsigned int)mode >= MPOL_MAX)
@@ -1453,6 +1459,9 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode,
nodemask_t *new;
NODEMASK_SCRATCH(scratch);
+ if (!ve_is_super(get_exec_env()))
+ return -ENOSYS;
+
if (!scratch)
return -ENOMEM;
@@ -1544,6 +1553,9 @@ SYSCALL_DEFINE5(get_mempolicy, int __user *, policy,
int uninitialized_var(pval);
nodemask_t nodes;
+ if (!ve_is_super(get_exec_env()))
+ return -ENOSYS;
+
if (nmask != NULL && maxnode < MAX_NUMNODES)
return -EINVAL;
More information about the Devel
mailing list