[Devel] [PATCH RHEL9 COMMIT] cgroup/ve: fix ve_hide_cgroups calling in cgroup_get_tree

[Konstantin Khorenko]

The commit is pushed to "branch-rh9-5.14.0-162.6.1.vz9.18.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh9-5.14.0-162.6.1.vz9.18.2
------>
commit 9b39aed1bb8305007e25e7b1fa598b49796b285c
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date:   Sat Mar 5 12:40:19 2022 +0300

    cgroup/ve: fix ve_hide_cgroups calling in cgroup_get_tree
    
    Variable ret was used uninitialized in case of !ve_hide_cgroups() and
    also reference on cgrp_dfl_root.cgrp was leaked in the oposite case.
    
    https://jira.sw.ru/browse/PSBM-139099
    
    Fixes: 360077892030 ("ve/cgroup: hide non-virtualized cgroups in container")
    Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
 kernel/cgroup/cgroup.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 69407f5eba19..db9bf8fd3cd6 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -2536,15 +2536,14 @@ static int cgroup_get_tree(struct fs_context *fc)
 	struct cgroup_fs_context *ctx = cgroup_fc2context(fc);
 	int ret;
 
+	if (ve_hide_cgroups(ctx->root))
+		return -EPERM;
+
 	cgrp_dfl_visible = true;
 	cgroup_get_live(&cgrp_dfl_root.cgrp);
 	ctx->root = &cgrp_dfl_root;
 
-	if (ve_hide_cgroups(ctx->root))
-		ret = -EPERM;
-
-	if (!ret)
-		ret = cgroup_do_get_tree(fc);
+	ret = cgroup_do_get_tree(fc);
 	if (!ret)
 		apply_cgroup_root_flags(ctx->flags);
 	return ret;