The commit is pushed to "branch-rh10-6.12.0-55.52.1.4.x.vz10-ovz" and will
appear at [email protected]:openvz/vzkernel.git
after rh10-6.12.0-55.52.1.4.12.vz10
------>
commit a5aa64b6343ff180a07505aaeeb59197d0617f3e
Author: Vasileios Almpanis <[email protected]>
Date: Tue Mar 31 14:37:49 2026 +0000
fs/binfmt_misc: set FS_VIRTUALIZED on binfmt_misc
binfmt_misc is already isolated per user/mount namespace, but mount and
policy paths need the explicit FS_VIRTUALIZED flag to recognize that
and pass the right checks when mounting binfmt_misc inside a Container.
https://virtuozzo.atlassian.net/browse/VSTOR-128135
Signed-off-by: Vasileios Almpanis <[email protected]>
Feature: fs: whiltelist what can be mounted in a CT
---
fs/binfmt_misc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
index 31660d8cc2c61..e385197c6402b 100644
--- a/fs/binfmt_misc.c
+++ b/fs/binfmt_misc.c
@@ -1062,7 +1062,7 @@ static struct file_system_type bm_fs_type = {
.owner = THIS_MODULE,
.name = "binfmt_misc",
.init_fs_context = bm_init_fs_context,
- .fs_flags = FS_USERNS_MOUNT,
+ .fs_flags = FS_VIRTUALIZED | FS_USERNS_MOUNT,
.kill_sb = kill_litter_super,
};
MODULE_ALIAS_FS("binfmt_misc");
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
