[Devel] [PATCH RHEL8 COMMIT] devcgroup: Allow mounting device with no write perm for new mount api
Konstantin Khorenko
khorenko at virtuozzo.com
Fri Aug 27 20:32:28 MSK 2021
The commit is pushed to "branch-rh8-4.18.0-305.3.1.vz8.7.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh8-4.18.0-305.3.1.vz8.7.10
------>
commit 57a85c23be1a606ee01f723aa741fe9fcdb9fe7f
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date: Fri Aug 27 20:32:28 2021 +0300
devcgroup: Allow mounting device with no write perm for new mount api
After rebase to RH8.4 we now have alternative code path to mount bdev
for filesystems which switched to new mount api (e.g. checked it on
xfs). Without this fix if block device with xfs is available in
container and has "b major:minor rM" device cgroup allow rule for this
container, the user inside would still not be able to mount this disk,
which means "M" would not work.
Note: we use "M" instead of "w" when we want to only allow mounting of
the given disk but not writes to it.
Fixes: 6d716d983506 ("device_cgroup: add device visibility virtualization in CT")
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
fs/super.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/super.c b/fs/super.c
index a68ab7d3e1b7..2edab581b876 100644
--- a/fs/super.c
+++ b/fs/super.c
@@ -1328,7 +1328,7 @@ int get_tree_bdev(struct fs_context *fc,
if (!fc->source)
return invalf(fc, "No source specified");
- bdev = blkdev_get_by_path(fc->source, mode, fc->fs_type);
+ bdev = blkdev_get_by_path(fc->source, mode | FMODE_MOUNT, fc->fs_type);
if (IS_ERR(bdev)) {
errorf(fc, "%s: Can't open blockdev", fc->source);
return PTR_ERR(bdev);
More information about the Devel
mailing list