[Devel] [PATCH RH8 08/10] nfsd: disable UMH client tracking in nested net namespaces
Andrey Zhadchenko
andrey.zhadchenko at virtuozzo.com
Wed May 26 17:56:16 MSK 2021
From: Vasily Averin <vvs at virtuozzo.com>
UMH client tracking uses usermodehelper to execute some userspace binary.
In mainline it works for init_net only, but in vz7 skinsbursky@ enabled
it in Containers by using per-Container UHM call. Unfortunately it does
not work in nested network namespaces, neither on host nor inside Containers.
This patch disables UMH client tracking in nested network namespaces,
and adjusts warning message generated on such attempts.
https://jira.sw.ru/browse/PSBM-90024
Signed-off-by: Vasliy Averin <vvs at virtuozzo.com>
Reviewed-by: Konstantin Khorenko <khorenko at virtuozzo.com>
(cherry-picked from e4af0cdd639de846dc8381e7978b4670a1897e17)
Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko at virtuozzo.com>
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index cb947b7..023bf24 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -1871,6 +1871,14 @@ struct cld_upcall {
struct nfsd_net *nn = net_generic(net, nfsd_net_id);
char *grace_start = nfsd4_cltrack_grace_start(nn->boot_time);
+ if (!net_eq(net, get_exec_env()->ve_netns)) {
+ pr_warn("NFSD: attempt to initialize umh client tracking "
+ "in Container %s netns %u ignored.\n",
+ get_exec_env()->ve_name, net->proc_inum);
+ kfree(grace_start);
+ return -EINVAL;
+ }
+
ret = nfsd4_umh_cltrack_upcall("init", NULL, grace_start, NULL);
kfree(grace_start);
if (!ret)
--
1.8.3.1
More information about the Devel
mailing list