Commits
Pavel Tikhomirov authored and Konstantin Khorenko committed 7efd5dd465b
sysfs/ploop: add new device option trusted After the patch "ve/fs/exec: don't allow a privileged user to execute untrusted files" we need a way to execute files on trusted ploop. A new file is added on sysfs (default 0 - exec security check enabled): /sys/devices/virtual/block/ploopXXXXX/ptune/trusted Writing 1 to the file will allow execution. On PLOOP_IOC_STOP ioctl (ve stop) the value is dropped back to default. Note: execution on non-ploop mounts in VEX is still left prohibited. https://jira.sw.ru/browse/PSBM-98234 Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>