A fix is needed when: 1. get_exec_env() is dereferenced without check 2. No prior !ve_is_super(get_exec_env()) check (false when !CONFIG_VE) 3. Not guarded by CONFIG_VE
cgroup.c has no such bug, but it uses spaces instead of tabs. Fix this awful mistake while there. https://virtuozzo.atlassian.net/browse/VSTOR-130116 Feature: !CONFIG_VE build Signed-off-by: Vladimir Riabchun <[email protected]> --- fs/file.c | 1 + fs/nfs/fs_context.c | 2 +- fs/nfsd/nfs4recover.c | 4 ++++ fs/nfsd/nfsctl.c | 2 +- fs/super.c | 4 ++++ kernel/cgroup/cgroup.c | 6 +++--- net/sunrpc/rpc_pipe.c | 2 +- 7 files changed, 15 insertions(+), 6 deletions(-) diff --git a/fs/file.c b/fs/file.c index 9da71ab9977a..3b2a2daa02b0 100644 --- a/fs/file.c +++ b/fs/file.c @@ -674,6 +674,7 @@ struct file *file_close_fd_locked(struct files_struct *files, unsigned fd) if (unlikely(fd * 2 >= fdt->max_fds && fd > (1024 / sizeof(struct file *))) && get_exec_env() != get_ve0() && + get_exec_env() != NULL && get_exec_env()->is_pseudosuper) expand_files(files, fd, true); diff --git a/fs/nfs/fs_context.c b/fs/nfs/fs_context.c index 25c3162565d8..23ee2be3dc6c 100644 --- a/fs/nfs/fs_context.c +++ b/fs/nfs/fs_context.c @@ -1592,7 +1592,7 @@ static int nfs_init_fs_context(struct fs_context *fc) { struct nfs_fs_context *ctx; - if (!(get_exec_env()->features & VE_FEATURE_NFS)) + if (!(get_exec_env() && get_exec_env()->features & VE_FEATURE_NFS)) return -ENODEV; ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL); diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c index 563bac6305d7..cea49c678665 100644 --- a/fs/nfsd/nfs4recover.c +++ b/fs/nfsd/nfs4recover.c @@ -1887,7 +1887,11 @@ nfsd4_umh_cltrack_init(struct net *net) struct net *ve_net; rcu_read_lock(); +#ifdef CONFIG_VE ve_net = rcu_dereference(get_exec_env()->ve_nsproxy)->net_ns; +#else + ve_net = &init_net; +#endif if (!net_eq(net, ve_net)) { rcu_read_unlock(); diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c index c48d76402a72..e6ec3341b40e 100644 --- a/fs/nfsd/nfsctl.c +++ b/fs/nfsd/nfsctl.c @@ -1417,7 +1417,7 @@ static const struct fs_context_operations nfsd_fs_context_ops = { static int nfsd_init_fs_context(struct fs_context *fc) { - if (!(get_exec_env()->features & VE_FEATURE_NFSD)) + if (!(get_exec_env() && get_exec_env()->features & VE_FEATURE_NFSD)) return -ENODEV; put_user_ns(fc->user_ns); diff --git a/fs/super.c b/fs/super.c index 2c266c869312..1adebbf35803 100644 --- a/fs/super.c +++ b/fs/super.c @@ -770,7 +770,11 @@ struct super_block *sget_fc(struct fs_context *fc, struct super_block *s = NULL; struct super_block *old; struct user_namespace *user_ns = fc->global ? &init_user_ns : fc->user_ns; +#ifdef CONFIG_VE struct cred *cred = get_exec_env()->init_cred; +#else + struct cred *cred = &init_cred; +#endif int err; /* diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 932414b882dd..e32589e2f305 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -4793,9 +4793,9 @@ static ssize_t cgroup_file_write(struct kernfs_open_file *of, char *buf, if (!ve_is_super(get_exec_env()) && test_bit(CGRP_VE_ROOT, &cgrp->flags) - && !get_exec_env()->is_pseudosuper - && !(cft->flags & CFTYPE_VE_WRITABLE)) - return -EPERM; + && !get_exec_env()->is_pseudosuper + && !(cft->flags & CFTYPE_VE_WRITABLE)) + return -EPERM; if (cft->write) return cft->write(of, buf, nbytes, off); diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c index 2fcf10fc4bcd..208de401ea9b 100644 --- a/net/sunrpc/rpc_pipe.c +++ b/net/sunrpc/rpc_pipe.c @@ -1437,7 +1437,7 @@ static const struct fs_context_operations rpc_fs_context_ops = { static int rpc_init_fs_context(struct fs_context *fc) { - if (!(get_exec_env()->features & VE_FEATURE_NFSD)) + if (!(get_exec_env() && get_exec_env()->features & VE_FEATURE_NFSD)) return -ENODEV; put_user_ns(fc->user_ns); -- 2.43.0 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
