From: Stanislav Kinsburskiy <skinsbur...@virtuozzo.com> Does: 1) virtualize nfsd file system 2) allows to mount from CTs initial user ns 3) add VE_FEATURE_NFSD check during nfsd mount
Signed-off-by: Stanislav Kinsbursky <skinsbur...@parallels.com> +++ ve/nfsd: allow nfsd mount inside container init userns v2 changes by khorenko: - dropped the current_user_ns_initial() check in nfsd_mount(), same check is performed in sget_userns() now due to FS_VE_MOUNT flag usage https://jira.sw.ru/browse/PSBM-130825 mFixes: 92cc82cd5998 ("ve/fs/nfsd: NFSd containerization") Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> Reviewed-by: Konstantin Khorenko <khore...@virtuozzo.com> (cherry-picked from vz8 commit 9b7950731ac5 ("ve/fs/nfsd: NFSd containerization")) Signed-off-by: Nikita Yushchenko <nikita.yushche...@virtuozzo.com> --- fs/nfsd/nfsctl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c index c2c3d9077dc5..51d36730208b 100644 --- a/fs/nfsd/nfsctl.c +++ b/fs/nfsd/nfsctl.c @@ -18,6 +18,8 @@ #include <linux/sunrpc/rpc_pipe_fs.h> #include <linux/module.h> #include <linux/fsnotify.h> +#include <linux/ve.h> +#include <uapi/linux/vzcalluser.h> #include "idmap.h" #include "nfsd.h" @@ -1409,6 +1411,9 @@ static const struct fs_context_operations nfsd_fs_context_ops = { static int nfsd_init_fs_context(struct fs_context *fc) { + if (!(get_exec_env()->features & VE_FEATURE_NFSD)) + return -ENODEV; + put_user_ns(fc->user_ns); fc->user_ns = get_user_ns(fc->net_ns->user_ns); fc->ops = &nfsd_fs_context_ops; @@ -1430,6 +1435,7 @@ static struct file_system_type nfsd_fs_type = { .name = "nfsd", .init_fs_context = nfsd_init_fs_context, .kill_sb = nfsd_umount, + .fs_flags = FS_VIRTUALIZED | FS_VE_MOUNT, }; MODULE_ALIAS_FS("nfsd"); -- 2.30.2 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
