Allow mount nfsd only if the feature is enabled for VE. https://jira.sw.ru/browse/PSBM-33687
Signed-off-by: Kirill Tkhai <[email protected]> --- fs/nfsd/nfsctl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c index 1f06f7c..f0ed8a8 100644 --- a/fs/nfsd/nfsctl.c +++ b/fs/nfsd/nfsctl.c @@ -15,6 +15,7 @@ #include <linux/sunrpc/gss_krb5_enctypes.h> #include <linux/sunrpc/rpc_pipe_fs.h> #include <linux/module.h> +#include <uapi/linux/vzcalluser.h> #include "idmap.h" #include "nfsd.h" @@ -1126,6 +1127,8 @@ static int nfsd_fill_super(struct super_block * sb, void * data, int silent) static struct dentry *nfsd_mount(struct file_system_type *fs_type, int flags, const char *dev_name, void *data) { + if (!(get_exec_env()->features & VE_FEATURE_NFSD)) + return ERR_PTR(-ENODEV); if (!current_user_ns_initial()) return ERR_PTR(-EPERM); return mount_ns(fs_type, flags, current->nsproxy->net_ns, nfsd_fill_super); _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
