From: Vasily Averin <v...@virtuozzo.com> Weave network pluging for Kubernetes configures bridge via netlink, so need to allow appropriate netlink messages if sent inside a Container.
https://jira.sw.ru/browse/PSBM-92107 Signed-off-by: Konstantin Khorenko <khore...@virtuozzo.com> (cherry picked from vz7 commit e7c862d58164 ("ve/bridge: handle netlink messages AF_BRIDGE / RTM_[GSD]ETLINK sent from inside a Container")) Signed-off-by: Vasily Averin <v...@virtuozzo.com> Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com> --- kernel/ve/ve.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c index 38ede55d65b7..76de50886d5d 100644 --- a/kernel/ve/ve.c +++ b/kernel/ve/ve.c @@ -174,6 +174,9 @@ int vz_security_family_check(struct net *net, int family, int type) case RTM_NEWNEIGH: case RTM_DELNEIGH: case RTM_GETNEIGH: + case RTM_GETLINK: + case RTM_DELLINK: + case RTM_SETLINK: return 0; } fallthrough; -- 2.31.1 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
