[Devel] [PATCH RHEL COMMIT] ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()

Konstantin Khorenko khorenko at virtuozzo.com
Tue Oct 12 16:18:22 MSK 2021 

The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit f6bc3129d4f65d6dcdeb9f68cb0975fb3b2aeacc
Author: Konstantin Khorenko <khorenko at virtuozzo.com>
Date:   Tue Oct 12 16:18:22 2021 +0300

    ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()
    
    Don't complain about searching for a non ns specific sysfs entry in ns specific parent dirent.
    
    When we set sysfs permissions for a CT via ve.sysfs_permissions
    we assume the target sysfs entry is non ns specific and call
    sysfs_find_dirent() with NULL ns arg.
    
    This makes sense because ns specific sysfs entries (with s_ns set) are not checked against
    CT specific permissions at all (see sysfs_sd_permission()).
    
    And in case for example we've moved a physical net device from host inside a Container
    we've got ns specific entries (for example devices/pci0000:00/0000:00:1c.2/0000:02:00.0/net)
    and looking for a non ns specific net device name entry inside which triggers a complain.
    Drop the complain.
    
    https://jira.sw.ru/browse/PSBM-82259
    
    Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
    
    Reviewed-by: Kirill Tkhai <ktkhai at virtuozzo.com>
    
    https://jira.sw.ru/browse/PSBM-83607
    (cherry picked from commit 6e3687b8ce715ad0236623f5d68b0a7adc0a2ef3
    ("ve/sysfs: relax sanity check for ns_type in sysfs_find_dirent()"))
    
    Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
    
    +++
    ve/sysfs: fix warning on unused "has_ns" variable in kernfs_find_ns()
    
    mFixes: 056c1f709311 "(ve/sysfs: relax sanity check for ns equality in kernfs_find_ns()")
    
    Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
    
    (cherry picked from vz7 commit 217a16fe9aca ("ve/sysfs: relax sanity check for
    ns equality in kernfs_find_ns()"))
    
    VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127798
    
    Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn at virtuozzo.com>
---
 fs/kernfs/dir.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c
index 283ac6197a76..c3026f1b24dd 100644
--- a/fs/kernfs/dir.c
+++ b/fs/kernfs/dir.c
@@ -786,16 +786,17 @@ static struct kernfs_node *kernfs_find_ns(struct kernfs_node *parent,
 					  const void *ns)
 {
 	struct rb_node *node = parent->dir.children.rb_node;
-	bool has_ns = kernfs_ns_enabled(parent);
 	unsigned int hash;
 
 	lockdep_assert_held(&kernfs_mutex);
 
-	if (has_ns != (bool)ns) {
+#ifndef CONFIG_VE
+	if ((bool)kernfs_ns_enabled(parent) != (bool)ns) {
 		WARN(1, KERN_WARNING "kernfs: ns %s in '%s' for '%s'\n",
 		     has_ns ? "required" : "invalid", parent->name, name);
 		return NULL;
 	}
+#endif
 
 	hash = kernfs_name_hash(name, ns);
 	while (node) {

More information about the Devel mailing list