[Devel] [PATCH RH9 1/7] ve/module: hide module refcounts from container

Tue Oct 5 15:55:47 MSK 2021

From: Andrey Ryabinin <aryabinin at virtuozzo.com>

Don't show module's refcount or size or taints in container.

https://jira.sw.ru/browse/PSBM-57497

Signed-off-by: Andrey Ryabinin <aryabinin at virtuozzo.com>
Signed-off-by: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>

(cherry picked from vz8 commit 68a73a90fc6cf3ec25d2cbcf7a82b9a5eb954913)
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
 kernel/module.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/kernel/module.c b/kernel/module.c
index 0ddee4b6c49e..95f55205c726 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -57,6 +57,7 @@
 #include <linux/bsearch.h>
 #include <linux/dynamic_debug.h>
 #include <linux/audit.h>
+#include <linux/ve.h>
 #include <uapi/linux/module.h>
 #include "module-internal.h"
 
@@ -991,8 +992,9 @@ static inline void print_unload_info(struct seq_file *m, struct module *mod)
 {
 	struct module_use *use;
 	int printed_something = 0;
+	bool in_container = !ve_is_super(get_exec_env());
 
-	seq_printf(m, " %i ", module_refcount(mod));
+	seq_printf(m, " %i ", in_container ? 1 : module_refcount(mod));
 
 	/*
 	 * Always include a trailing , so userspace can differentiate
@@ -4548,6 +4550,7 @@ static void m_stop(struct seq_file *m, void *p)
 static int m_show(struct seq_file *m, void *p)
 {
 	struct module *mod = list_entry(p, struct module, list);
+	bool in_container = !ve_is_super(get_exec_env());
 	char buf[MODULE_FLAGS_BUF_SIZE];
 	void *value;
 
@@ -4556,7 +4559,9 @@ static int m_show(struct seq_file *m, void *p)
 		return 0;
 
 	seq_printf(m, "%s %u",
-		   mod->name, mod->init_layout.size + mod->core_layout.size);
+		   mod->name,
+		   in_container ? 4242 : mod->init_layout.size +
+					 mod->core_layout.size);
 	print_unload_info(m, mod);
 
 	/* Informative for users. */
@@ -4569,7 +4574,7 @@ static int m_show(struct seq_file *m, void *p)
 	seq_printf(m, " 0x%px", value);
 
 	/* Taints info */
-	if (mod->taints)
+	if (mod->taints && !in_container)
 		seq_printf(m, " %s", module_flags(mod, buf));
 
 	seq_puts(m, "\n");
-- 
2.31.1

