[CRIU] [PATCH 2/2] restore: remount /proc after clone(CLONE_NEWPID)

Andrew Vagin avagin at parallels.com
Wed Aug 6 13:27:11 PDT 2014


On Wed, Aug 06, 2014 at 03:12:25PM -0500, Tycho Andersen wrote:
> Hi Andrew,
> 
> On Wed, Aug 06, 2014 at 11:54:06PM +0400, Andrew Vagin wrote:
> > On Wed, Aug 06, 2014 at 01:52:17PM -0500, Tycho Andersen wrote:
> > > Hi Andrew,
> > > 
> > > On Wed, Aug 06, 2014 at 10:44:12PM +0400, Andrew Vagin wrote:
> > > > On Wed, Aug 06, 2014 at 01:34:07PM -0500, Tycho Andersen wrote:
> > > > > Hi Andrew,
> > > > > 
> > > > > On Wed, Aug 06, 2014 at 10:25:10PM +0400, Andrew Vagin wrote:
> > > > > > On Wed, Aug 06, 2014 at 01:06:29PM -0500, Tycho Andersen wrote:
> > > > > > > We need to remount /proc after the clone because things like getpid() return
> > > > > > > the pid in the new namespace, but /proc still has the old namespace's info in
> > > > > > > it. This causes problems when e.g. there are some things in criu's private
> > > > > > > mount namespace but not in (the original) init's namespace.
> > > > > > 
> > > > > > Could you show an example of problems?
> > > > > 
> > > > > Yes, if you:
> > > > > 
> > > > > 1. unshare(CLONE_NEWNS)
> > > > > 2. mount() some directory to pass as --root
> > > > > 3. exec(criu)
> > > > 
> > > > Could you show how criu fails in this case?
> > > 
> > > Yes,
> > > 
> > > > > 
> > > > > criu fails with "(mount.c:1958): New root and old root are the same".
> > 
> > And this patch fixes this error? I don't understand how it can be.
> 
> Yes. When /proc is remounted, the process' "private" (i.e. whatever
> happened after unshare()) mount namespace is visible in
> /proc/1/mountinfo. Since it is visible, criu parses it and resolves it
> correctly and all is happy.

Eh. I have understood the problem. It's my bug. I think we should use
/proc/self/mountinfo to collect mountpoints or we can collect it before
forking the root task. I will look on the code tomorrow. Thanks you for
pointing out the problem.

> 
> > Tycho, could you look at https://github.com/avagin/criu/commit/6d1cc9acb7e3f442cafbb4b6ff2596ad32b7ac34
> > This patch reworks code, which reports the error "(mount.c:1958): New
> > root and old root are the same".
> 
> This would fix my issue as well (I think). Won't it leak the mount if
> criu doesn't create a new mount namespace, though? (I do think this
> nicer than forcing the user to mount their own --root.)

This code is executed only if a new mntns is created.

> 
> > > 
> > > what other information would be useful?
> > 
> > How do you mount the directory to pass as --root?
> 
> mount(rootfs->path, rootfs->mount, NULL, MS_BIND, NULL)
> 
> where rootfs here is some internal lxc structure. It is also the
> reason I ask the above question: rootfs->mount happens to be the same
> for (most) lxcs, it is just mounted in a different mount namespace for
> each of them.
> 
> Tycho


More information about the CRIU mailing list