[Devel] [PATCH 3/8] ve/sunrpc: prohibit mounting rpc_pipefs in CT without nfsd feature
Andrey Zhadchenko
andrey.zhadchenko at virtuozzo.com
Fri May 21 19:26:47 MSK 2021
From: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
We need rpc_pipefs for nfs server, but it breaks criu migration as
opened /var/lib/nfs/rpc_pipefs/nfs/clntX files are not supported yet.
Thus only allow mounting rpc_pipefs if CT has "--features nfsd:on".
Note: no additional check for ve_is_super() required because
VE0 has all features enabled:
struct ve_struct ve0 = {
...
.features = -1,
crash> p -x ve0.features
$2 = 0xffffffffffffffff
https://jira.sw.ru/browse/PSBM-87836
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
net/sunrpc/rpc_pipe.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index 775a79b..13ab0cd 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -31,6 +31,9 @@
#include <linux/nsproxy.h>
#include <linux/notifier.h>
+#include <uapi/linux/vzcalluser.h>
+#include <linux/ve.h>
+
#include "netns.h"
#include "sunrpc.h"
@@ -1420,6 +1423,10 @@ void rpc_put_sb_net(const struct net *net)
int flags, const char *dev_name, void *data)
{
struct net *net = current->nsproxy->net_ns;
+
+ if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+ return ERR_PTR(-ENODEV);
+
return mount_ns(fs_type, flags, data, net, net->user_ns, rpc_fill_super);
}
--
1.8.3.1
More information about the Devel
mailing list