[Devel] [PATCH RHEL COMMIT] ve/sunrpc: Prohibit mounting rpc_pipefs in CT without nfsd feature

Konstantin Khorenko khorenko at virtuozzo.com
Fri Oct 1 18:40:16 MSK 2021


The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit b79bc9376371e24e048a282cea1a486f64044485
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date:   Fri Oct 1 18:40:16 2021 +0300

    ve/sunrpc: Prohibit mounting rpc_pipefs in CT without nfsd feature
    
    We need rpc_pipefs for nfs server, but it breaks criu migration as
    opened /var/lib/nfs/rpc_pipefs/nfs/clntX files are not supported yet.
    Thus only allow mounting rpc_pipefs if CT has "--features nfsd:on".
    
    Note: no additional check for ve_is_super() required because
    VE0 has all features enabled:
    
    struct ve_struct ve0 = {
    ...
            .features       = -1,
    
    crash> p -x ve0.features
    $2 = 0xffffffffffffffff
    
    https://jira.sw.ru/browse/PSBM-87836
    Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
    
    (cherry-picked from vz8 commit 05ed72031c5f ("ve/sunrpc: Prohibit
    mounting rpc_pipefs in CT without nfsd feature"))
    
    Signed-off-by: Nikita Yushchenko <nikita.yushchenko at virtuozzo.com>
---
 net/sunrpc/rpc_pipe.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index 37d08af10d30..c6f227b8fb8d 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -33,6 +33,9 @@
 #include <linux/nsproxy.h>
 #include <linux/notifier.h>
 
+#include <uapi/linux/vzcalluser.h>
+#include <linux/ve.h>
+
 #include "netns.h"
 #include "sunrpc.h"
 
@@ -1435,6 +1438,9 @@ static const struct fs_context_operations rpc_fs_context_ops = {
 
 static int rpc_init_fs_context(struct fs_context *fc)
 {
+	if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+		return -ENODEV;
+
 	put_user_ns(fc->user_ns);
 	fc->user_ns = get_user_ns(fc->net_ns->user_ns);
 	fc->ops = &rpc_fs_context_ops;


More information about the Devel mailing list