[Devel] [PATCH vz9 25/27] ve: allow writing to features in pseudosuper state
Nikita Yushchenko
nikita.yushchenko at virtuozzo.com
Wed Oct 6 11:57:37 MSK 2021
From: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
This is needed by criu to be able to restore those ops from
vz-rst-action action script setup on setup-namespaces stage.
This is effectively a port from vz7 kernel.
While on it let's also fix missprint in ve_features_write name.
https://jira.sw.ru/browse/PSBM-120728
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
khorenko: iptables_mask has been dropped,
so the patch handles now only "features" write under pseudosuper
Old commit summary:
ve: allow writing to features and iptables_mask in pseudosuper state
(cherry-picked from vz8 commit 56d582bfa8ba ("ve: allow writing to
features in pseudosuper state"))
Signed-off-by: Nikita Yushchenko <nikita.yushchenko at virtuozzo.com>
---
kernel/ve/ve.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index 47fbd6fd4d80..f129f16b8c27 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -1003,11 +1003,12 @@ static u64 ve_reatures_read(struct cgroup_subsys_state *css, struct cftype *cft)
return css_to_ve(css)->features;
}
-static int ve_reatures_write(struct cgroup_subsys_state *css, struct cftype *cft, u64 val)
+static int ve_features_write(struct cgroup_subsys_state *css, struct cftype *cft, u64 val)
{
struct ve_struct *ve = css_to_ve(css);
- if (!ve_is_super(get_exec_env()))
+ if (!ve_is_super(get_exec_env()) &&
+ !ve->is_pseudosuper)
return -EPERM;
down_write(&ve->op_sem);
@@ -1320,7 +1321,7 @@ static struct cftype ve_cftypes[] = {
.name = "features",
.flags = CFTYPE_NOT_ON_ROOT,
.read_u64 = ve_reatures_read,
- .write_u64 = ve_reatures_write,
+ .write_u64 = ve_features_write,
},
{
.name = "clock_monotonic",
--
2.30.2
More information about the Devel
mailing list