Please ignore this patch, the subject contains errors. A corrected
version will follow
On 5/28/26 4:05 PM, Vasileios Almpanis wrote:
ve_devmnt_process will iterate over all device-mounts of the current
ve namespace and will bounce the mount in case opts is a non NULL
pointer. Change the behavior to allow it.
Our goal is:
- device cgroup ebpf filters will filter which devices are allowed to be
mounted, and which not.
- ve.mount_opts will be used as a filter of which mount options are
allowed. It shouldn't deny mounting when no options are passed but it
should deny in case some option is passed that is not explicitly
allowed.
https://virtuozzo.atlassian.net/browse/VSTOR-132330
Signed-off-by: Vasileios Almpanis <[email protected]>
---
fs/namespace.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/namespace.c b/fs/namespace.c
index acd4507e1247..1b5460445616 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -3196,6 +3196,8 @@ int ve_devmnt_process(struct ve_struct *ve, dev_t dev,
void **data_pp, int remou
*/
if (ve->is_pseudosuper) {
err = 0;
+ } else if (((char *)*data_pp)[0] == '\0') {
+ err = 0;
} else {
ve_pr_warn_ratelimited(VE_LOG_BOTH, "VE%s: no
allowed "
"mount options found for device
%u:%u\n",
--
Best regards, Vasileios Almpanis
Software Developer, Virtuozzo.
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
