From: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> This is needed by criu to be able to restore those ops from vz-rst-action action script setup on setup-namespaces stage. This is effectively a port from vz7 kernel.
While on it let's also fix missprint in ve_features_write name. https://jira.sw.ru/browse/PSBM-120728 Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> khorenko: iptables_mask has been dropped, so the patch handles now only "features" write under pseudosuper Old commit summary: ve: allow writing to features and iptables_mask in pseudosuper state (cherry-picked from vz8 commit 56d582bfa8ba ("ve: allow writing to features in pseudosuper state")) Signed-off-by: Nikita Yushchenko <nikita.yushche...@virtuozzo.com> --- kernel/ve/ve.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c index 47fbd6fd4d80..f129f16b8c27 100644 --- a/kernel/ve/ve.c +++ b/kernel/ve/ve.c @@ -1003,11 +1003,12 @@ static u64 ve_reatures_read(struct cgroup_subsys_state *css, struct cftype *cft) return css_to_ve(css)->features; } -static int ve_reatures_write(struct cgroup_subsys_state *css, struct cftype *cft, u64 val) +static int ve_features_write(struct cgroup_subsys_state *css, struct cftype *cft, u64 val) { struct ve_struct *ve = css_to_ve(css); - if (!ve_is_super(get_exec_env())) + if (!ve_is_super(get_exec_env()) && + !ve->is_pseudosuper) return -EPERM; down_write(&ve->op_sem); @@ -1320,7 +1321,7 @@ static struct cftype ve_cftypes[] = { .name = "features", .flags = CFTYPE_NOT_ON_ROOT, .read_u64 = ve_reatures_read, - .write_u64 = ve_reatures_write, + .write_u64 = ve_features_write, }, { .name = "clock_monotonic", -- 2.30.2 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
