The commit is pushed to "branch-rh7-3.10.0-229.7.2.vz7.9.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh7-3.10.0-229.7.2.vz7.9.13 ------> commit 7664490711e981da2a903ebb0c4f164c06e5e944 Author: Stanislav Kinsburskiy <skinsbur...@virtuozzo.com> Date: Wed Nov 25 14:17:04 2015 +0400
ve/net_ns: move net_access_allowed definition under CONFIG_NET_NS It was under NETNS_REFCNT_DEBUG by mistake. khorenko@: The original logic of the code was to allow Containers to see (netstat) only own connections, while the Host should be able to see connections of all Containers. https://jira.sw.ru/browse/PSBM-41530 https://bugs.openvz.org/browse/OVZ-6600 https://bugs.openvz.org/browse/OVZ-5192 Signed-off-by: Stanislav Kinsburskiy <skinsbur...@virtuozzo.com> --- include/net/net_namespace.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index 6559905..ea17176 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -208,6 +208,11 @@ int net_eq(const struct net *net1, const struct net *net2) extern void net_drop_ns(void *); +/* Returns whether curr can mess with net's objects */ +static inline int net_access_allowed(const struct net *net, const struct net *curr) +{ + return net_eq(curr, &init_net) || net_eq(curr, net); +} #else static inline struct net *get_net(struct net *net) @@ -231,6 +236,11 @@ int net_eq(const struct net *net1, const struct net *net2) } #define net_drop_ns NULL + +static inline int net_access_allowed(const struct net *net, const struct net *curr) +{ + return 1; +} #endif @@ -248,11 +258,6 @@ static inline void release_net(struct net *net) atomic_dec(&net->use_count); } -/* Returns whether curr can mess with net's objects */ -static inline int net_access_allowed(const struct net *net, const struct net *curr) -{ - return net_eq(curr, &init_net) || net_eq(curr, net); -} #else static inline struct net *hold_net(struct net *net) { @@ -262,11 +267,6 @@ static inline struct net *hold_net(struct net *net) static inline void release_net(struct net *net) { } - -static inline int net_access_allowed(const struct net *net, const struct net *curr) -{ - return 1; -} #endif #ifdef CONFIG_NET_NS _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel