The commit is pushed to "branch-rh8-4.18.0-305.3.1.vz8.7.x-ovz" and will appear
at https://src.openvz.org/scm/ovz/vzkernel.git
after rh8-4.18.0-305.3.1.vz8.7.10
------>
commit f04a8be364fc9e27060b6dccb1a0011e138f0041
Author: Pavel Tikhomirov <[email protected]>
Date: Fri Aug 27 20:45:17 2021 +0300
ve/devmnt: fix ignore device permissions for pseudosuper
Imagine we have
1) ve->is_pseudosuper == true
2) err returned from ve_devmnt_check == -EPERM
3) remount == true
In this case ((ve->is_pseudosuper || !err) && !remount) == false, and
thus "err = ve_devmnt_insert" is not called, meaning that err remains
-EPERM, and ve_devmnt_process fails with -EPERM. Would be more logical
to just ignore error from ve_devmnt_check setting err to 0 as if
ve_devmnt_check passed with no error.
Fixes: b405a6b90577 ("ve/fs: namespace -- Ignore device permissions
during restore")
Signed-off-by: Pavel Tikhomirov <[email protected]>
---
fs/namespace.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/namespace.c b/fs/namespace.c
index 2009130cd51e..6eece186c568 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2672,13 +2672,15 @@ int ve_devmnt_process(struct ve_struct *ve, dev_t dev,
void **data_pp, int remou
list_for_each_entry(devmnt, &ve->devmnt_list, link) {
if (devmnt->dev == dev) {
err = ve_devmnt_check(data, devmnt->allowed_options);
-
/*
* In case of @is_pseudouser set, ie restore procedure,
* we don't check for allowed options filtering, since
* restore mode is special.
*/
- if ((ve->is_pseudosuper || !err) && !remount)
+ if (ve->is_pseudosuper)
+ err = 0;
+
+ if (!err && !remount)
err = ve_devmnt_insert(data,
devmnt->hidden_options);
break;
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
