[Devel] [PATCH RH9 10/22] ve/fs: namespace -- Don't fail on permissions if @ve->devmnt_list is empty

Thu, 07 Oct 2021 07:59:20 -0700 

From: Cyrill Gorcunov <gorcu...@virtuozzo.com>

In commit 7eeb5b4afa8db5a2f2e1e47ab6b84e55fc8c5661 I addressed
first half of a problem, but I happen to work with dirty copy
of libvzctl where mount_opts cgroup has been c/r'ed manually,
so I missed the case where @devmnt_list is empty on restore
(just like it is in vanilla libvzctl). So fix the second half.

https://jira.sw.ru/browse/PSBM-48188

Reported-by: Igor Sukhih <i...@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>

Reviewed-by: Vladimir Davydov <vdavy...@virtuozzo.com>

CC: Konstantin Khorenko <khore...@virtuozzo.com>

+++
fs/mount/ve: ratelimit 'no allowed mount options found for device' message

Container could trigger unlimited spam in the host dmesg:
        VE100: no allowed mount options found for device 182:250449

Let's ratelimit it.

https://jira.sw.ru/browse/PSBM-58329

Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>

+++

VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127782
vz7 commit: 7c96d96 ("ve/fs: namespace -- Don't fail on permissions if
@ve->devmnt_list is empty")

Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalit...@virtuozzo.com>

(cherry picked from vz8 commit 9427d2083fc2a0b23b55f854746a4073920df3c0)
Signed-off-by: Andrey Zhadchenko <andrey.zhadche...@virtuozzo.com>
---
 fs/namespace.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index cead63d..ca0ad6a 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2754,10 +2754,20 @@ int ve_devmnt_process(struct ve_struct *ve, dev_t dev, 
void **data_pp, int remou
                goto again;
        case 1:
                if (*data_pp) {
-                       ve_printk(VE_LOG_BOTH, KERN_WARNING "VE%s: no allowed "
-                                 "mount options found for device %u:%u\n",
-                                 ve->ve_name, MAJOR(dev), MINOR(dev));
-                       err = -EPERM;
+                       /*
+                        * Same as in chunk above but for case where
+                        * ve->devmnt_list is empty. Depending on
+                        * the way userspace tool restore container
+                        * it might be nonempty as well.
+                        */
+                       if (ve->is_pseudosuper) {
+                               err = 0;
+                       } else {
+                               ve_pr_warn_ratelimited(VE_LOG_BOTH, "VE%s: no 
allowed "
+                                         "mount options found for device 
%u:%u\n",
+                                         ve->ve_name, MAJOR(dev), MINOR(dev));
+                               err = -EPERM;
+                       }
                } else
                        err = 0;
                break;
-- 
1.8.3.1

_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Reply via email to