From: Vasily Averin <v...@virtuozzo.com> The proc file is virtualized, so it contains stats for only those block devices which are allowed by device cgroup related to the Container.
https://jira.sw.ru/browse/PSBM-90491 https://jira.sw.ru/browse/PSBM-92107 Signed-off-by: Konstantin Khorenko <khore...@virtuozzo.com> (cherry picked from vz7 commit ded5965d1d58 ("ve/proc/block: show /proc/diskstats inside a Container")) Signed-off-by: Vasily Averin <v...@virtuozzo.com> gorcunov@: cherry-picked from commit d29e2f9fbf277, the vz9 code is changed so had to apply the patch manually). Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com> --- block/genhd.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/block/genhd.c b/block/genhd.c index 504dfb222abd..1470243dbd9d 100644 --- a/block/genhd.c +++ b/block/genhd.c @@ -1171,6 +1171,7 @@ const struct device_type disk_type = { */ static int diskstats_show(struct seq_file *seqf, void *v) { + struct ve_struct *ve = get_exec_env(); struct gendisk *gp = v; struct block_device *hd; char buf[BDEVNAME_SIZE]; @@ -1190,6 +1191,11 @@ static int diskstats_show(struct seq_file *seqf, void *v) xa_for_each(&gp->part_tbl, idx, hd) { if (bdev_is_partition(hd) && !bdev_nr_sectors(hd)) continue; + if (!ve_is_super(ve) && + devcgroup_device_permission(S_IFBLK, hd->bd_dev, + MAY_READ)) { + continue; + } part_stat_read_all(hd, &stat); if (queue_is_mq(gp->queue)) inflight = blk_mq_in_flight(gp->queue, hd); @@ -1246,7 +1252,7 @@ static const struct seq_operations diskstats_op = { static int __init proc_genhd_init(void) { - proc_create_seq("diskstats", 0, NULL, &diskstats_op); + proc_create_seq("diskstats", S_ISVTX, NULL, &diskstats_op); proc_create_seq("partitions", S_ISVTX, NULL, &partitions_op); return 0; } -- 2.31.1 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
