[CRIU] [PATCH 3/3] net: open sysfs from a target mount name-space

Andrey Vagin avagin at openvz.org
Thu Aug 29 03:31:09 EDT 2013 

The current scheme is racy. It use open_detache_mount in a current
name-space. If a mount namespace is created by someone else between
mount and umount(detach) in open_detache_mount, the mount will be
propagated in the new mntns, then it is detached in a current ns and
rmdir fails, because it's still mounted in athother mntns.

With this patch a new sysfs mount isn't created, crtools enters into a
target mount name-space and opens sysfs there.

Signed-off-by: Andrey Vagin <avagin at openvz.org>
---
 net.c | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/net.c b/net.c
index a6419a6..bddfb30 100644
--- a/net.c
+++ b/net.c
@@ -7,10 +7,12 @@
 #include <sys/wait.h>
 #include <sched.h>
 #include <sys/mount.h>
+#include <fcntl.h>
 
 #include "syscall-types.h"
 #include "namespaces.h"
 #include "net.h"
+#include "mount.h"
 #include "libnetlink.h"
 #include "crtools.h"
 #include "sk-inet.h"
@@ -428,29 +430,26 @@ static inline int restore_route(int pid)
 	return restore_ip_dump(CR_FD_ROUTE, pid, "route");
 }
 
-static int mount_ns_sysfs(void)
+static int open_ns_sysfs(pid_t pid)
 {
-	char sys_mount[] = "crtools-sys.XXXXXX";
+	int rst;
 
 	BUG_ON(ns_sysfs_fd != -1);
 
-	if (mkdtemp(sys_mount) == NULL) {
-		pr_perror("mkdtemp failed %s", sys_mount);
+	if (switch_ns(pid, &mnt_ns_desc, &rst))
 		return -1;
-	}
 
-	/*
-	 * The setns() is called, so we're in proper context,
-	 * no need in pulling the mountpoint from parasite.
-	 */
-	pr_info("Mount ns' sysfs in %s\n", sys_mount);
-	if (mount("sysfs", sys_mount, "sysfs", MS_MGC_VAL, NULL)) {
-		pr_perror("mount failed");
-		rmdir(sys_mount);
+	ns_sysfs_fd = open("/sys", O_DIRECTORY | O_RDONLY);
+	if (ns_sysfs_fd == -1)
+		pr_perror("Can't open /sys");
+
+	/* FIXME does this sysfs belong to the target netns */
+
+	if (restore_ns(rst, &mnt_ns_desc)) {
+		close_safe(&ns_sysfs_fd);
 		return -1;
 	}
 
-	ns_sysfs_fd = open_detach_mount(sys_mount);
 	return ns_sysfs_fd >= 0 ? 0 : -1;
 }
 
@@ -460,7 +459,7 @@ int dump_net_ns(int pid, struct cr_fdset *fds)
 
 	ret = switch_ns(pid, &net_ns_desc, NULL);
 	if (!ret)
-		ret = mount_ns_sysfs();
+		ret = open_ns_sysfs(pid);
 	if (!ret)
 		ret = dump_links(fds);
 	if (!ret)
-- 
1.8.3.1

More information about the CRIU mailing list