ve_devmnt_process will iterate over all device-mounts of the current ve namespace and will bounce the mount in case opts is a non NULL pointer. Change the behavior to allow it.
Our goal is: - device cgroup ebpf filters will filter which devices are allowed to be mounted, and which not. - ve.mount_opts will be used as a filter of which mount options are allowed. It shouldn't deny mounting when no options are passed but it should deny in case some option is passed that is not explicitly allowed. https://virtuozzo.atlassian.net/browse/VSTOR-132330 Signed-off-by: Vasileios Almpanis <[email protected]> Feature: ve: ve generic structures --- fs/namespace.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/namespace.c b/fs/namespace.c index acd4507e1247..1b5460445616 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -3196,6 +3196,8 @@ int ve_devmnt_process(struct ve_struct *ve, dev_t dev, void **data_pp, int remou */ if (ve->is_pseudosuper) { err = 0; + } else if (((char *)*data_pp)[0] == '\0') { + err = 0; } else { ve_pr_warn_ratelimited(VE_LOG_BOTH, "VE%s: no allowed " "mount options found for device %u:%u\n", -- 2.43.0 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
