The commit is pushed to "branch-rh10-6.12.0-55.13.1.3.x.vz10-ovz" and will
appear at [email protected]:openvz/vzkernel.git
after rh10-6.12.0-55.13.1.2.24.vz10
------>
commit 7ad91781e59943014497c26dd29cb80b40d08ddf
Author: Pavel Tikhomirov <[email protected]>
Date: Wed Dec 10 18:34:24 2025 +0800
ve/cgroup-v2: Allow writing to some files in the root of cgroup namespace
We start ve by writing "START" to ve.state when we are already in
container cgroup namespace and files in root directories of cgroup
namespace are inaccessible by default.
Writing ve.os_release is only allowed when ve is lined to its UTS
namespace, so it happens after "START"
So both for ve.state and ve.os_release we have to allow writing in
cgroup namespace.
After pseudosuper is dropped those files will become non-writable again.
https://virtuozzo.atlassian.net/browse/VSTOR-119804
Signed-off-by: Pavel Tikhomirov <[email protected]>
Feature: ve: ve generic structures
---
kernel/ve/ve.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index 84e23b7e61ee9..5d28d78a74da4 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -1808,7 +1808,7 @@ static struct cftype ve_cftypes[] = {
{
.name = "state",
- .flags = CFTYPE_NOT_ON_ROOT,
+ .flags = CFTYPE_NOT_ON_ROOT |
CFTYPE_NS_DELEGATABLE,
.seq_show = ve_state_show,
.write = ve_state_write,
},
@@ -1871,7 +1871,7 @@ static struct cftype ve_cftypes[] = {
{
.name = "os_release",
.max_write_len = __NEW_UTS_LEN + 1,
- .flags = CFTYPE_NOT_ON_ROOT,
+ .flags = CFTYPE_NOT_ON_ROOT |
CFTYPE_NS_DELEGATABLE,
.seq_show = ve_os_release_read,
.write = ve_os_release_write,
},
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
