From: Vasily Averin <[email protected]> UMH client tracking uses usermodehelper to execute some userspace binary. In mainline it works for init_net only, but in vz7 skinsbursky@ enabled it in Containers by using per-Container UHM call. Unfortunately it does not work in nested network namespaces, neither on host nor inside Containers.
This patch disables UMH client tracking in nested network namespaces, and adjusts warning message generated on such attempts. https://jira.sw.ru/browse/PSBM-90024 Signed-off-by: Vasliy Averin <[email protected]> Reviewed-by: Konstantin Khorenko <[email protected]> Rebased to vz8: - use ve->ve_ns->net_ns since ve->ve_netns is gone - add #ifdef CONFIG_VE (cherry-picked from e4af0cdd639de846dc8381e7978b4670a1897e17) Signed-off-by: Andrey Zhadchenko <[email protected]> --- fs/nfsd/nfs4recover.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c index cb947b7..cd73239 100644 --- a/fs/nfsd/nfs4recover.c +++ b/fs/nfsd/nfs4recover.c @@ -1870,6 +1870,19 @@ struct cld_upcall { int ret; struct nfsd_net *nn = net_generic(net, nfsd_net_id); char *grace_start = nfsd4_cltrack_grace_start(nn->boot_time); + struct net *ve_net; + + rcu_read_lock(); + ve_net = rcu_dereference(get_exec_env()->ve_ns)->net_ns; + + if (!net_eq(net, ve_net)) { + rcu_read_unlock(); + pr_warn("NFSD: attempt to initialize umh client tracking in Container %s netns %u ignored.\n", + get_exec_env()->ve_name, net->ns.inum); + kfree(grace_start); + return -EINVAL; + } + rcu_read_unlock(); ret = nfsd4_umh_cltrack_upcall("init", NULL, grace_start, NULL); kfree(grace_start); -- 1.8.3.1 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
