[Devel] [PATCH RHEL COMMIT] ve/sunrpc: Prohibit mounting rpc_pipefs in CT without nfsd feature
Konstantin Khorenko
khorenko at virtuozzo.com
Fri Oct 1 18:40:16 MSK 2021
The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit b79bc9376371e24e048a282cea1a486f64044485
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date: Fri Oct 1 18:40:16 2021 +0300
ve/sunrpc: Prohibit mounting rpc_pipefs in CT without nfsd feature
We need rpc_pipefs for nfs server, but it breaks criu migration as
opened /var/lib/nfs/rpc_pipefs/nfs/clntX files are not supported yet.
Thus only allow mounting rpc_pipefs if CT has "--features nfsd:on".
Note: no additional check for ve_is_super() required because
VE0 has all features enabled:
struct ve_struct ve0 = {
...
.features = -1,
crash> p -x ve0.features
$2 = 0xffffffffffffffff
https://jira.sw.ru/browse/PSBM-87836
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
(cherry-picked from vz8 commit 05ed72031c5f ("ve/sunrpc: Prohibit
mounting rpc_pipefs in CT without nfsd feature"))
Signed-off-by: Nikita Yushchenko <nikita.yushchenko at virtuozzo.com>
---
net/sunrpc/rpc_pipe.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index 37d08af10d30..c6f227b8fb8d 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -33,6 +33,9 @@
#include <linux/nsproxy.h>
#include <linux/notifier.h>
+#include <uapi/linux/vzcalluser.h>
+#include <linux/ve.h>
+
#include "netns.h"
#include "sunrpc.h"
@@ -1435,6 +1438,9 @@ static const struct fs_context_operations rpc_fs_context_ops = {
static int rpc_init_fs_context(struct fs_context *fc)
{
+ if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+ return -ENODEV;
+
put_user_ns(fc->user_ns);
fc->user_ns = get_user_ns(fc->net_ns->user_ns);
fc->ops = &rpc_fs_context_ops;
More information about the Devel
mailing list