[Devel] [PATCH RH8 v2] nfsd: disable UMH client tracking in nested net namespaces
Andrey Zhadchenko
andrey.zhadchenko at virtuozzo.com
Tue Jun 1 23:20:14 MSK 2021
From: Vasily Averin <vvs at virtuozzo.com>
UMH client tracking uses usermodehelper to execute some userspace binary.
In mainline it works for init_net only, but in vz7 skinsbursky@ enabled
it in Containers by using per-Container UHM call. Unfortunately it does
not work in nested network namespaces, neither on host nor inside Containers.
This patch disables UMH client tracking in nested network namespaces,
and adjusts warning message generated on such attempts.
https://jira.sw.ru/browse/PSBM-90024
Signed-off-by: Vasliy Averin <vvs at virtuozzo.com>
Reviewed-by: Konstantin Khorenko <khorenko at virtuozzo.com>
Rebased to vz8:
- use ve->ve_ns->net_ns since ve->ve_netns is gone
- add #ifdef CONFIG_VE
(cherry-picked from e4af0cdd639de846dc8381e7978b4670a1897e17)
Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko at virtuozzo.com>
---
fs/nfsd/nfs4recover.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index cb947b7..cd73239 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -1870,6 +1870,19 @@ struct cld_upcall {
int ret;
struct nfsd_net *nn = net_generic(net, nfsd_net_id);
char *grace_start = nfsd4_cltrack_grace_start(nn->boot_time);
+ struct net *ve_net;
+
+ rcu_read_lock();
+ ve_net = rcu_dereference(get_exec_env()->ve_ns)->net_ns;
+
+ if (!net_eq(net, ve_net)) {
+ rcu_read_unlock();
+ pr_warn("NFSD: attempt to initialize umh client tracking in Container %s netns %u ignored.\n",
+ get_exec_env()->ve_name, net->ns.inum);
+ kfree(grace_start);
+ return -EINVAL;
+ }
+ rcu_read_unlock();
ret = nfsd4_umh_cltrack_upcall("init", NULL, grace_start, NULL);
kfree(grace_start);
--
1.8.3.1
More information about the Devel
mailing list