[Devel] [PATCH RH9 4/7] ve/module: export sysfs dentries in containers

Tue Oct 5 15:55:50 MSK 2021

From: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>

This patch add exposing of "/sys/module/<NAME>" and
"/sys/module/<NAME>/holders" dentries in containers.

Notes:
1) These dentries are visible only if "/sys/module" is exported.

2) Buffer for path is made static in assumption, that modules load and unload
my happen from time to time and there is not need to allocate this buffer each
time we need to expose or hide module sysfs dentries (allocating on stack
gives "the frame size of 4104 bytes is larger than 2048 bytes" warning)

https://jira.sw.ru/browse/PSBM-63892

Signed-off-by: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>

(cherry picked from vz9 commit 4565e996a76730f218222a00e2d14878d6ebcc1c)
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
 kernel/module.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

diff --git a/kernel/module.c b/kernel/module.c
index 95f55205c726..27e4326915c2 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -58,6 +58,7 @@
 #include <linux/dynamic_debug.h>
 #include <linux/audit.h>
 #include <linux/ve.h>
+#include <linux/sysfs-ve.h>
 #include <uapi/linux/module.h>
 #include "module-internal.h"
 
@@ -1846,6 +1847,49 @@ static int mod_sysfs_init(struct module *mod)
 	return err;
 }
 
+#ifdef CONFIG_VE
+
+static ssize_t module_sysfs_perm_set_ve(struct module *mod, char *subdir, int mask)
+{
+	static char path[PATH_MAX];
+
+	if (snprintf(path, sizeof(path) - 1, "module/%s/%s",
+		     mod->name, (subdir) ? subdir : "") >= sizeof(path) - 1)
+		return -E2BIG;
+
+	return sysfs_set_def_perms(path, mask);
+}
+
+static ssize_t module_sysfs_hide_dir_ve(struct module *mod, char *subdir)
+{
+	return module_sysfs_perm_set_ve(mod, subdir, -1);
+}
+
+static ssize_t module_sysfs_expose_dir_ve(struct module *mod, char *subdir)
+{
+	return module_sysfs_perm_set_ve(mod, subdir, MAY_READ | MAY_EXEC);
+}
+
+static int module_sysfs_ve_init(struct module *mod)
+{
+	int err;
+
+	err = module_sysfs_expose_dir_ve(mod, NULL);
+	if (!err)
+		err = module_sysfs_expose_dir_ve(mod, "holders");
+	return err;
+}
+
+static void module_sysfs_ve_fini(struct module *mod)
+{
+	(void) module_sysfs_hide_dir_ve(mod, "holders");
+	(void) module_sysfs_hide_dir_ve(mod, NULL);
+}
+#else
+static __always_inline int module_sysfs_ve_init(struct module *mod) { }
+static __always_inline void module_sysfs_ve_fini(struct module *mod) { }
+#endif
+
 static int mod_sysfs_setup(struct module *mod,
 			   const struct load_info *info,
 			   struct kernel_param *kparam,
@@ -1878,6 +1922,7 @@ static int mod_sysfs_setup(struct module *mod,
 	add_sect_attrs(mod, info);
 	add_notes_attrs(mod, info);
 
+	(void) module_sysfs_ve_init(mod);
 	return 0;
 
 out_unreg_modinfo_attrs:
@@ -1894,6 +1939,7 @@ static int mod_sysfs_setup(struct module *mod,
 
 static void mod_sysfs_fini(struct module *mod)
 {
+	module_sysfs_ve_fini(mod);
 	remove_notes_attrs(mod);
 	remove_sect_attrs(mod);
 	mod_kobject_put(mod);
-- 
2.31.1

