[Devel] [PATCH RH7] ve: Add option allowing ioctl(FITRIM) from inside CT

[Kirill Tkhai]

https://jira.sw.ru/browse/PSBM-127082

Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 fs/ext4/ioctl.c    |    4 +++-
 include/linux/ve.h |    1 +
 kernel/ve/ve.c     |    5 +++++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c
index 09779742ff6a..ccd0dcc3aae2 100644
--- a/fs/ext4/ioctl.c
+++ b/fs/ext4/ioctl.c
@@ -18,6 +18,7 @@
 #include <asm/uaccess.h>
 #include "ext4_jbd2.h"
 #include "ext4.h"
+#include <linux/ve.h>
 
 #define MAX_32_NUM ((((unsigned long long) 1) << 32) - 1)
 
@@ -723,7 +724,8 @@ long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
 		struct fstrim_range range;
 		int ret = 0;
 
-		if (!capable(CAP_SYS_ADMIN))
+		if (!capable(CAP_SYS_ADMIN) &&
+		    (!ve_allow_ioctl_fitrim || !ve_capable(CAP_SYS_ADMIN)))
 			return -EPERM;
 
 		if (!blk_queue_discard(q))
diff --git a/include/linux/ve.h b/include/linux/ve.h
index 2dcd7bb8b377..1fc1f8051671 100644
--- a/include/linux/ve.h
+++ b/include/linux/ve.h
@@ -173,6 +173,7 @@ extern struct proc_dir_entry *proc_vz_dir;
 extern struct cgroup_subsys ve_subsys;
 
 extern unsigned int sysctl_ve_mount_nr;
+extern bool ve_allow_ioctl_fitrim;
 
 #ifdef CONFIG_VE
 #define ve_uevent_seqnum       (get_exec_env()->_uevent_seqnum)
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index 068b7b5a1b14..ca63b98a6726 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -70,6 +70,11 @@ struct module no_module = { .state = MODULE_STATE_GOING };
 EXPORT_SYMBOL(no_module);
 #endif
 
+bool ve_allow_ioctl_fitrim = 0;
+module_param_named(allow_ioctl_fitrim, ve_allow_ioctl_fitrim, bool, 0644);
+MODULE_PARM_DESC(ve_allow_ioctl_fitrim,
+		 "Allow ioctl(FITRIM) from inside VE. Only ext4 is supported now");
+
 static DEFINE_PER_CPU(struct kstat_lat_pcpu_snap_struct, ve0_lat_stats);
 
 struct ve_struct ve0 = {