[Devel] [PATCH RH9 08/10] ve/bridge: handle netlink messages AF_BRIDGE / RTM_[GSD]ETLINK sent from inside a Container
Cyrill Gorcunov
gorcunov at gmail.com
Sun Oct 10 21:18:03 MSK 2021
From: Vasily Averin <vvs at virtuozzo.com>
Weave network pluging for Kubernetes configures bridge via netlink,
so need to allow appropriate netlink messages if sent inside a
Container.
https://jira.sw.ru/browse/PSBM-92107
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
(cherry picked from vz7 commit e7c862d58164 ("ve/bridge: handle netlink messages
AF_BRIDGE / RTM_[GSD]ETLINK sent from inside a Container"))
Signed-off-by: Vasily Averin <vvs at virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcunov at virtuozzo.com>
---
kernel/ve/ve.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index 38ede55d65b7..76de50886d5d 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -174,6 +174,9 @@ int vz_security_family_check(struct net *net, int family, int type)
case RTM_NEWNEIGH:
case RTM_DELNEIGH:
case RTM_GETNEIGH:
+ case RTM_GETLINK:
+ case RTM_DELLINK:
+ case RTM_SETLINK:
return 0;
}
fallthrough;
--
2.31.1
More information about the Devel
mailing list