The commit is pushed to "branch-rh8-4.18.0-240.1.1.vz8.5.x-ovz" and will appear
at https://src.openvz.org/scm/ovz/vzkernel.git
after rh8-4.18.0-240.1.1.vz8.5.33
------>
commit 40533097f3032c1633076d87fcb722ab16f34e44
Author: Pavel Tikhomirov <[email protected]>
Date: Tue May 25 12:16:40 2021 +0300
ve/sunrpc: Prohibit mounting rpc_pipefs in CT without nfsd feature
We need rpc_pipefs for nfs server, but it breaks criu migration as
opened /var/lib/nfs/rpc_pipefs/nfs/clntX files are not supported yet.
Thus only allow mounting rpc_pipefs if CT has "--features nfsd:on".
Note: no additional check for ve_is_super() required because
VE0 has all features enabled:
struct ve_struct ve0 = {
...
.features = -1,
crash> p -x ve0.features
$2 = 0xffffffffffffffff
https://jira.sw.ru/browse/PSBM-87836
Signed-off-by: Pavel Tikhomirov <[email protected]>
Cherry-picked from vz7 commit 3eccadbaf062 ("ve/sunrpc: prohibit mounting
rpc_pipefs in CT without nfsd feature")
---
net/sunrpc/rpc_pipe.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index 9e22b3d28cbc..bf7c4d8cdd83 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -31,6 +31,9 @@
#include <linux/nsproxy.h>
#include <linux/notifier.h>
+#include <uapi/linux/vzcalluser.h>
+#include <linux/ve.h>
+
#include "netns.h"
#include "sunrpc.h"
@@ -1420,6 +1423,10 @@ rpc_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data)
{
struct net *net = current->nsproxy->net_ns;
+
+ if (!(get_exec_env()->features & VE_FEATURE_NFSD))
+ return ERR_PTR(-ENODEV);
+
return mount_ns(fs_type, flags, data, net, net->user_ns,
rpc_fill_super);
}
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
