[Devel,RHEL7,COMMIT] ve/sysctl/net: allow "net.unix.max_dgram_qlen" sysctl in CT init userns

Submitted by Konstantin Khorenko on March 24, 2017, 12:24 p.m.


Message ID 201703241224.v2OCOOk6026459@finist_cl7.x64_64.work.ct
State New
Series "Series without cover letter"
Headers show

Commit Message

Konstantin Khorenko March 24, 2017, 12:24 p.m.
The commit is pushed to "branch-rh7-3.10.0-514.10.2.vz7.29.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-514.10.2.vz7.29.6
commit 95d91cc59dbdffb0e4d98326820672bd055a3ee1
Author: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Date:   Fri Mar 24 16:24:23 2017 +0400

    ve/sysctl/net: allow "net.unix.max_dgram_qlen" sysctl in CT init userns
    The sysctl is virtualized and we had it available in VZ6 CT, also skbs
    in unix socket's queue are accounted in memcg as GFP_KERNEL_ACCOUNT.
    With default sysctl value (10), messages from systemd journald could miss
    syslog log.
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
 net/unix/sysctl_net_unix.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/net/unix/sysctl_net_unix.c b/net/unix/sysctl_net_unix.c
index b3d5150..464217f 100644
--- a/net/unix/sysctl_net_unix.c
+++ b/net/unix/sysctl_net_unix.c
@@ -35,7 +35,7 @@  int __net_init unix_sysctl_register(struct net *net)
 		goto err_alloc;
 	/* Don't export sysctls to unprivileged users */
-	if (net->user_ns != &init_user_ns)
+	if (ve_net_hide_sysctl(net))
 		table[0].procname = NULL;
 	table[0].data = &net->unx.sysctl_max_dgram_qlen;