This feature has gone along as container code has been removed.
Signed-off-by: Denis V. Lunev <d...@openvz.org>
---
lib/ploop.c | 41 -----------------------------------------
1 file changed, 41 deletions(-)
diff --git a/lib/ploop.c b/lib/ploop.c
index 55692bd..5534a0e 100644
--- a/lib/ploop.c
+++ b/lib/ploop.c
@@ -1705,40 +1705,6 @@ int mknod_with_name(const char *name)
return get_free_minor(name, NULL, 0);
}
-static int blockdev_set_untrusted(const char *devname)
-{
- int fd;
- char pathbuf[128];
- char buf[2] = { '0', '\n' };
- struct stat st;
-
- ploop_log(3, "Set untrusted %s", devname);
- if (stat(devname, &st)) {
- ploop_err(errno, "CAn't stat %s", devname);
- return SYSEXIT_FSTAT;
- }
-
- snprintf(pathbuf, sizeof(pathbuf),
"/sys/dev/block/%d:%d/vz_trusted_exec",
- major(st.st_rdev), minor(st.st_rdev));
- fd = open(pathbuf, O_WRONLY);
- if (fd == -1) {
- ploop_err(errno, "Can't open %s for write",
- pathbuf);
- return -1;
- }
-
- if (write(fd, buf, sizeof(buf)) != 2) {
- ploop_err(errno, "Failed to write '%c' to %s",
- buf[0], pathbuf);
- close(fd);
- return -1;
- }
-
- close(fd);
-
- return 0;
-}
-
int add_delta(char **images, char *devname, int minor, int blocksize,
int raw, int ro, int size)
{
@@ -2721,13 +2687,6 @@ int ploop_mount(struct ploop_disk_images_data *di, char
**images,
partname, sizeof(partname));
if (ret)
goto err_stop;
- /*
- * Disallow accidental code execution from a newly created block device
- * from an image.
- */
- ret = blockdev_set_untrusted(partname);
- if (ret)
- goto err_stop;
if (target != NULL || param->automount) {
if (target == NULL) {
--
2.43.5
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
