[Devel] [PATCH vz9 5/9] ve/fs/nfsd: NFSd containerization
Nikita Yushchenko
nikita.yushchenko at virtuozzo.com
Fri Oct 1 09:32:51 MSK 2021
From: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
Does:
1) virtualize nfsd file system
2) allows to mount from CTs initial user ns
3) add VE_FEATURE_NFSD check during nfsd mount
Signed-off-by: Stanislav Kinsbursky <skinsbursky at parallels.com>
+++
ve/nfsd: allow nfsd mount inside container init userns
v2 changes by khorenko:
- dropped the current_user_ns_initial() check in nfsd_mount(),
same check is performed in sget_userns() now due to FS_VE_MOUNT flag
usage
https://jira.sw.ru/browse/PSBM-130825
mFixes: 92cc82cd5998 ("ve/fs/nfsd: NFSd containerization")
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Reviewed-by: Konstantin Khorenko <khorenko at virtuozzo.com>
(cherry-picked from vz8 commit 9b7950731ac5 ("ve/fs/nfsd: NFSd
containerization"))
Signed-off-by: Nikita Yushchenko <nikita.yushchenko at virtuozzo.com>
---
fs/nfsd/nfsctl.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c
index c2c3d9077dc5..51d36730208b 100644
--- a/fs/nfsd/nfsctl.c
+++ b/fs/nfsd/nfsctl.c
@@ -18,6 +18,8 @@
#include <linux/sunrpc/rpc_pipe_fs.h>
#include <linux/module.h>
#include <linux/fsnotify.h>
+#include <linux/ve.h>
+#include <uapi/linux/vzcalluser.h>
#include "idmap.h"
#include "nfsd.h"
@@ -1409,6 +1411,9 @@ static const struct fs_context_operations nfsd_fs_context_ops = {
static int nfsd_init_fs_context(struct fs_context *fc)
{
+ if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+ return -ENODEV;
+
put_user_ns(fc->user_ns);
fc->user_ns = get_user_ns(fc->net_ns->user_ns);
fc->ops = &nfsd_fs_context_ops;
@@ -1430,6 +1435,7 @@ static struct file_system_type nfsd_fs_type = {
.name = "nfsd",
.init_fs_context = nfsd_init_fs_context,
.kill_sb = nfsd_umount,
+ .fs_flags = FS_VIRTUALIZED | FS_VE_MOUNT,
};
MODULE_ALIAS_FS("nfsd");
--
2.30.2
More information about the Devel
mailing list