[Devel] [PATCH RH9 08/16] ve/sysctl/net: allow "net.unix.max_dgram_qlen" sysctl in CT init userns
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Tue Sep 28 15:40:58 MSK 2021
The sysctl is virtualized and we had it available in VZ6 CT, also skbs
in unix socket's queue are accounted in memcg as GFP_KERNEL_ACCOUNT.
With default sysctl value (10), messages from systemd journald could miss
syslog log.
https://jira.sw.ru/browse/PSBM-54530
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov at openvz.org>
(cherry picked from commit e365fd5bb2312d17d0e9dd6db9804e5fbaf2044f)
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
(cherry picked from vz8 commit fc29b8b2da0918e28be2e4b3a53ff44d6a6e4b3c)
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
net/unix/sysctl_net_unix.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/unix/sysctl_net_unix.c b/net/unix/sysctl_net_unix.c
index c09bea89151b..614f8140fa31 100644
--- a/net/unix/sysctl_net_unix.c
+++ b/net/unix/sysctl_net_unix.c
@@ -8,6 +8,7 @@
#include <linux/mm.h>
#include <linux/slab.h>
#include <linux/sysctl.h>
+#include <linux/ve.h>
#include <net/af_unix.h>
@@ -31,7 +32,7 @@ int __net_init unix_sysctl_register(struct net *net)
goto err_alloc;
/* Don't export sysctls to unprivileged users */
- if (net->user_ns != &init_user_ns)
+ if (ve_net_hide_sysctl(net))
table[0].procname = NULL;
table[0].data = &net->unx.sysctl_max_dgram_qlen;
--
2.31.1
More information about the Devel
mailing list