[Devel] [PATCH RHEL8 COMMIT] ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()
Konstantin Khorenko
khorenko at virtuozzo.com
Wed Jun 2 13:26:00 MSK 2021
The commit is pushed to "branch-rh8-4.18.0-240.1.1.vz8.5.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh8-4.18.0-240.1.1.vz8.5.34
------>
commit 58c7e6ce6a0d9f3aba654639c51a909934aa48a9
Author: Konstantin Khorenko <khorenko at virtuozzo.com>
Date: Wed Jun 2 13:25:59 2021 +0300
ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()
Don't complain about searching for a non ns specific sysfs entry in ns specific parent dirent.
When we set sysfs permissions for a CT via ve.sysfs_permissions
we assume the target sysfs entry is non ns specific and call
sysfs_find_dirent() with NULL ns arg.
This makes sense because ns specific sysfs entries (with s_ns set) are not checked against
CT specific permissions at all (see sysfs_sd_permission()).
And in case for example we've moved a physical net device from host inside a Container
we've got ns specific entries (for example devices/pci0000:00/0000:00:1c.2/0000:02:00.0/net)
and looking for a non ns specific net device name entry inside which triggers a complain.
Drop the complain.
https://jira.sw.ru/browse/PSBM-82259
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
Reviewed-by: Kirill Tkhai <ktkhai at virtuozzo.com>
https://jira.sw.ru/browse/PSBM-83607
(cherry picked from commit 6e3687b8ce715ad0236623f5d68b0a7adc0a2ef3
("ve/sysfs: relax sanity check for ns_type in sysfs_find_dirent()"))
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
+++
ve/sysfs: fix warning on unused "has_ns" variable in kernfs_find_ns()
mFixes: 056c1f709311 "(ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()")
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
(cherry picked from vz7 commit 217a16fe9aca ("ve/sysfs: relax sanity check for
ns equality in kernfs_find_ns()"))
VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127798
Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn at virtuozzo.com>
---
fs/kernfs/dir.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c
index 0b0d61006b61..aeafd3c1a47b 100644
--- a/fs/kernfs/dir.c
+++ b/fs/kernfs/dir.c
@@ -840,16 +840,17 @@ static struct kernfs_node *kernfs_find_ns(struct kernfs_node *parent,
const void *ns)
{
struct rb_node *node = parent->dir.children.rb_node;
- bool has_ns = kernfs_ns_enabled(parent);
unsigned int hash;
lockdep_assert_held(&kernfs_mutex);
- if (has_ns != (bool)ns) {
+#ifndef CONFIG_VE
+ if ((bool)kernfs_ns_enabled(parent) != (bool)ns) {
WARN(1, KERN_WARNING "kernfs: ns %s in '%s' for '%s'\n",
has_ns ? "required" : "invalid", parent->name, name);
return NULL;
}
+#endif
hash = kernfs_name_hash(name, ns);
while (node) {
More information about the Devel
mailing list