[Devel] [PATCH RHEL COMMIT] ve/fs/nfsd: NFSd containerization

Konstantin Khorenko khorenko at virtuozzo.com
Fri Oct 1 18:40:15 MSK 2021 

The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit 2cd6fdf32b1c3ee5935e4383c88a30c18ed36ca9
Author: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
Date:   Fri Oct 1 18:40:15 2021 +0300

    ve/fs/nfsd: NFSd containerization
    
    Does:
    1) virtualize nfsd file system
    2) allows to mount from CTs initial user ns
    3) add VE_FEATURE_NFSD check during nfsd mount
    
    Signed-off-by: Stanislav Kinsbursky <skinsbursky at parallels.com>
    
    +++
    ve/nfsd: allow nfsd mount inside container init userns
    
    v2 changes by khorenko:
     - dropped the current_user_ns_initial() check in nfsd_mount(),
       same check is performed in sget_userns() now due to FS_VE_MOUNT flag
       usage
    
    https://jira.sw.ru/browse/PSBM-130825
    mFixes: 92cc82cd5998 ("ve/fs/nfsd: NFSd containerization")
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
    
    Reviewed-by: Konstantin Khorenko <khorenko at virtuozzo.com>
    
    (cherry-picked from vz8 commit 9b7950731ac5 ("ve/fs/nfsd: NFSd
    containerization"))
    
    Signed-off-by: Nikita Yushchenko <nikita.yushchenko at virtuozzo.com>
---
 fs/nfsd/nfsctl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c
index c2c3d9077dc5..51d36730208b 100644
--- a/fs/nfsd/nfsctl.c
+++ b/fs/nfsd/nfsctl.c
@@ -18,6 +18,8 @@
 #include <linux/sunrpc/rpc_pipe_fs.h>
 #include <linux/module.h>
 #include <linux/fsnotify.h>
+#include <linux/ve.h>
+#include <uapi/linux/vzcalluser.h>
 
 #include "idmap.h"
 #include "nfsd.h"
@@ -1409,6 +1411,9 @@ static const struct fs_context_operations nfsd_fs_context_ops = {
 
 static int nfsd_init_fs_context(struct fs_context *fc)
 {
+	if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+		return -ENODEV;
+
 	put_user_ns(fc->user_ns);
 	fc->user_ns = get_user_ns(fc->net_ns->user_ns);
 	fc->ops = &nfsd_fs_context_ops;
@@ -1430,6 +1435,7 @@ static struct file_system_type nfsd_fs_type = {
 	.name		= "nfsd",
 	.init_fs_context = nfsd_init_fs_context,
 	.kill_sb	= nfsd_umount,
+	.fs_flags	= FS_VIRTUALIZED | FS_VE_MOUNT,
 };
 MODULE_ALIAS_FS("nfsd");

More information about the Devel mailing list