In vz7 mounting overlayfs in nested userns was prohibited and
we used FS_VIRTUALIZED | FS_VE_MOUNT fs_flags to allow mounting it
inside top Container userns.
In vz9 kernel mounting overlayfs in nested userns is enabled already:
ms commit 459c7c565ac3 ("ovl: unprivieged mounts")
So now we should not prohibit mounting ovl in nested user namespaces
inside a Container.
Fixes: 568f747791c7 ("fs: Mask appropriate filesystems FS_VIRTUALIZED")
Fixes: 90df7a5ce836 ("ve/fs/overlay: allow overlayfs to be used inside a
Container")
Signed-off-by: Konstantin Khorenko <khore...@virtuozzo.com>
---
fs/overlayfs/super.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index d85596325846..a2526825724c 100644
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -2197,10 +2197,9 @@ static struct dentry *ovl_mount(struct file_system_type
*fs_type, int flags,
static struct file_system_type ovl_fs_type = {
.owner = THIS_MODULE,
.name = "overlay",
- .fs_flags = FS_USERNS_MOUNT,
+ .fs_flags = FS_USERNS_MOUNT | FS_VIRTUALIZED,
.mount = ovl_mount,
.kill_sb = kill_anon_super,
- .fs_flags = FS_VIRTUALIZED | FS_VE_MOUNT,
};
MODULE_ALIAS_FS("overlay");
--
2.31.1
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
