[Devel] [PATCH RH8 08/10] nfsd: disable UMH client tracking in nested net namespaces

[Konstantin Khorenko]

On 05/26/2021 05:56 PM, Andrey Zhadchenko wrote:
> From: Vasily Averin <vvs at virtuozzo.com>
>
> UMH client tracking uses usermodehelper to execute some userspace binary.
> In mainline it works for init_net only, but in vz7 skinsbursky@ enabled
> it in Containers by using per-Container UHM call. Unfortunately it does
> not work in nested network namespaces, neither on host nor inside Containers.
>
> This patch disables UMH client tracking in nested network namespaces,
> and adjusts warning message generated on such attempts.
>
> https://jira.sw.ru/browse/PSBM-90024
>
> Signed-off-by: Vasliy Averin <vvs at virtuozzo.com>
> Reviewed-by: Konstantin Khorenko <khorenko at virtuozzo.com>
>
> (cherry-picked from e4af0cdd639de846dc8381e7978b4670a1897e17)
> Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko at virtuozzo.com>
>
> diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
> index cb947b7..023bf24 100644
> --- a/fs/nfsd/nfs4recover.c
> +++ b/fs/nfsd/nfs4recover.c
> @@ -1871,6 +1871,14 @@ struct cld_upcall {
>  	struct nfsd_net *nn = net_generic(net, nfsd_net_id);
>  	char *grace_start = nfsd4_cltrack_grace_start(nn->boot_time);
>
> +	if (!net_eq(net, get_exec_env()->ve_netns)) {

ve_struct.ve_netns is obsoleted, the patch is to be reworked

> +		pr_warn("NFSD: attempt to initialize umh client tracking "
> +			"in Container %s netns %u ignored.\n",
> +			get_exec_env()->ve_name, net->proc_inum);
> +		kfree(grace_start);
> +		return -EINVAL;
> +	}
> +
>  	ret = nfsd4_umh_cltrack_upcall("init", NULL, grace_start, NULL);
>  	kfree(grace_start);
>  	if (!ret)
>