[Devel] [PATCH RH9 03/10] ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()

Cyrill Gorcunov gorcunov at gmail.com
Sun Oct 10 21:17:58 MSK 2021 

From: Konstantin Khorenko <khorenko at virtuozzo.com>

Don't complain about searching for a non ns specific sysfs entry in ns specific parent dirent.

When we set sysfs permissions for a CT via ve.sysfs_permissions
we assume the target sysfs entry is non ns specific and call
sysfs_find_dirent() with NULL ns arg.

This makes sense because ns specific sysfs entries (with s_ns set) are not checked against
CT specific permissions at all (see sysfs_sd_permission()).

And in case for example we've moved a physical net device from host inside a Container
we've got ns specific entries (for example devices/pci0000:00/0000:00:1c.2/0000:02:00.0/net)
and looking for a non ns specific net device name entry inside which triggers a complain.
Drop the complain.

https://jira.sw.ru/browse/PSBM-82259

Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>

Reviewed-by: Kirill Tkhai <ktkhai at virtuozzo.com>

https://jira.sw.ru/browse/PSBM-83607
(cherry picked from commit 6e3687b8ce715ad0236623f5d68b0a7adc0a2ef3
("ve/sysfs: relax sanity check for ns_type in sysfs_find_dirent()"))

Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>

+++
ve/sysfs: fix warning on unused "has_ns" variable in kernfs_find_ns()

mFixes: 056c1f709311 "(ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()")

Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>

(cherry picked from vz7 commit 217a16fe9aca ("ve/sysfs: relax sanity check for
ns equality in kernfs_find_ns()"))

VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127798

Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn at virtuozzo.com>
---
 fs/kernfs/dir.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c
index 283ac6197a76..c3026f1b24dd 100644
--- a/fs/kernfs/dir.c
+++ b/fs/kernfs/dir.c
@@ -786,16 +786,17 @@ static struct kernfs_node *kernfs_find_ns(struct kernfs_node *parent,
 					  const void *ns)
 {
 	struct rb_node *node = parent->dir.children.rb_node;
-	bool has_ns = kernfs_ns_enabled(parent);
 	unsigned int hash;
 
 	lockdep_assert_held(&kernfs_mutex);
 
-	if (has_ns != (bool)ns) {
+#ifndef CONFIG_VE
+	if ((bool)kernfs_ns_enabled(parent) != (bool)ns) {
 		WARN(1, KERN_WARNING "kernfs: ns %s in '%s' for '%s'\n",
 		     has_ns ? "required" : "invalid", parent->name, name);
 		return NULL;
 	}
+#endif
 
 	hash = kernfs_name_hash(name, ns);
 	while (node) {
-- 
2.31.1

More information about the Devel mailing list