[RFC] mempolicy: Prohibit VE processes numa binding syscalls

Submitted by Kirill Tkhai on March 12, 2019, 12:45 p.m.

Details

Message ID 155239451902.8000.8467906560088895524.stgit@localhost.localdomain
State New
Series "mempolicy: Prohibit VE processes numa binding syscalls"
Headers show

Commit Message

Kirill Tkhai March 12, 2019, 12:45 p.m.
NUMA mustn't not available in CT, so let's prohibit these
calls. For CT tasks this will look like kernel compiled
without NUMA support.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 mm/mempolicy.c |   12 ++++++++++++
 1 file changed, 12 insertions(+)

Patch hide | download patch | download mbox

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 14f23207203e..a49f325e2a58 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1393,6 +1393,9 @@  SYSCALL_DEFINE6(mbind, unsigned long, start, unsigned long, len,
 	int err;
 	unsigned short mode_flags;
 
+	if (!ve_is_super(get_exec_env()))
+		return -ENOSYS;
+
 	mode_flags = mode & MPOL_MODE_FLAGS;
 	mode &= ~MPOL_MODE_FLAGS;
 	if (mode >= MPOL_MAX)
@@ -1414,6 +1417,9 @@  SYSCALL_DEFINE3(set_mempolicy, int, mode, unsigned long __user *, nmask,
 	nodemask_t nodes;
 	unsigned short flags;
 
+	if (!ve_is_super(get_exec_env()))
+		return -ENOSYS;
+
 	flags = mode & MPOL_MODE_FLAGS;
 	mode &= ~MPOL_MODE_FLAGS;
 	if ((unsigned int)mode >= MPOL_MAX)
@@ -1439,6 +1445,9 @@  SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode,
 	nodemask_t *new;
 	NODEMASK_SCRATCH(scratch);
 
+	if (!ve_is_super(get_exec_env()))
+		return -ENOSYS;
+
 	if (!scratch)
 		return -ENOMEM;
 
@@ -1530,6 +1539,9 @@  SYSCALL_DEFINE5(get_mempolicy, int __user *, policy,
 	int uninitialized_var(pval);
 	nodemask_t nodes;
 
+	if (!ve_is_super(get_exec_env()))
+		return -ENOSYS;
+
 	if (nmask != NULL && maxnode < MAX_NUMNODES)
 		return -EINVAL;