[Devel] [PATCH RHEL8 COMMIT] ve/sunrpc: Enable rpc_pipefs mounts inside non-init user namespaces
Konstantin Khorenko
khorenko at virtuozzo.com
Mon May 24 12:14:24 MSK 2021
The commit is pushed to "branch-rh8-4.18.0-240.1.1.vz8.5.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh8-4.18.0-240.1.1.vz8.5.31
------>
commit c0b4c8926471d35fd03ca267ba9e6e411640a595
Author: Vasily Averin <vvs at virtuozzo.com>
Date: Mon May 24 12:14:23 2021 +0300
ve/sunrpc: Enable rpc_pipefs mounts inside non-init user namespaces
This patch enables rpc_pipefs mounts inside Containers,
required for nfsd in SLES11-based Containers.
https://jira.sw.ru/browse/PSBM-86395
Signed-off-by: Vasily Averin <vvs at virtuozzo.com>
eshatokhin@:
Used FS_VE_MOUNT as suggested by Pavel Tikhomirov (ptikhomirov@) instead
of FS_USERNS_MOUNT: it is better to allow mounts only from the init
userns of a container rather than from just any userns.
Done in the scope of https://jira.sw.ru/browse/PSBM-127830.
Cherry-picked from vz7 commit 38505601d0b7 ("ve/sunrpc: enable
rpc_pipefs mounts inside non-init user namespaces")
Signed-off-by: Evgenii Shatokhin <eshatokhin at virtuozzo.com>
---
net/sunrpc/rpc_pipe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index 775a79b9df17..9e22b3d28cbc 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -1450,7 +1450,7 @@ static struct file_system_type rpc_pipe_fs_type = {
.name = "rpc_pipefs",
.mount = rpc_mount,
.kill_sb = rpc_kill_sb,
- .fs_flags = FS_VIRTUALIZED,
+ .fs_flags = FS_VIRTUALIZED | FS_VE_MOUNT,
};
MODULE_ALIAS_FS("rpc_pipefs");
MODULE_ALIAS("rpc_pipefs");
More information about the Devel
mailing list