[CRIU] [PATCH 07/14] userns: save uid-s from a target userns (v2)

Andrey Vagin avagin at openvz.org
Mon Oct 20 02:29:27 PDT 2014 

We are going to support user namespaces and uid-s will be converted
accoding with userns mappings.

v2: conver id-s for sockets too
Signed-off-by: Andrey Vagin <avagin at openvz.org>
---
 cr-dump.c            |  8 +++++++-
 files-reg.c          |  4 ++--
 include/namespaces.h |  3 +++
 namespaces.c         | 15 +++++++++++++++
 sk-unix.c            |  4 ++--
 5 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/cr-dump.c b/cr-dump.c
index 65c6f9c..ed7de5f 100644
--- a/cr-dump.c
+++ b/cr-dump.c
@@ -1470,7 +1470,7 @@ static int dump_one_task(struct pstree_item *item)
 	pid_t pid = item->pid.real;
 	struct vm_area_list vmas;
 	struct parasite_ctl *parasite_ctl;
-	int ret = -1;
+	int i, ret = -1;
 	struct parasite_dump_misc misc;
 	struct cr_imgset *cr_imgset = NULL;
 	struct parasite_drain_fd *dfds = NULL;
@@ -1505,6 +1505,12 @@ static int dump_one_task(struct pstree_item *item)
 		goto err;
 	}
 
+	for (i = 0; i < 4; i++)
+		cr.uids[i] = userns_uid(cr.uids[i]);
+
+	for (i = 0; i < 4; i++)
+		cr.gids[i] = userns_gid(cr.gids[i]);
+
 	ret = collect_mappings(pid, &vmas);
 	if (ret) {
 		pr_err("Collect mappings (pid: %d) failed with %d\n", pid, ret);
diff --git a/files-reg.c b/files-reg.c
index 98c71e9..7bd702f 100644
--- a/files-reg.c
+++ b/files-reg.c
@@ -323,8 +323,8 @@ static int dump_ghost_file(int _fd, u32 id, const struct stat *st, dev_t phys_de
 	if (img < 0)
 		return -1;
 
-	gfe.uid = st->st_uid;
-	gfe.gid = st->st_gid;
+	gfe.uid = userns_uid(st->st_uid);
+	gfe.gid = userns_gid(st->st_gid);
 	gfe.mode = st->st_mode;
 
 	gfe.has_dev = gfe.has_ino = true;
diff --git a/include/namespaces.h b/include/namespaces.h
index 7edc37c..d2f3e76 100644
--- a/include/namespaces.h
+++ b/include/namespaces.h
@@ -62,4 +62,7 @@ extern struct ns_id *rst_new_ns_id(unsigned int id, pid_t pid, struct ns_desc *n
 extern int rst_add_ns_id(unsigned int id, pid_t pid, struct ns_desc *nd);
 extern struct ns_id *lookup_ns_by_id(unsigned int id, struct ns_desc *nd);
 
+extern int userns_uid(int uid);
+extern int userns_gid(int gid);
+
 #endif /* __CR_NS_H__ */
diff --git a/namespaces.c b/namespaces.c
index 1651848..918729b 100644
--- a/namespaces.c
+++ b/namespaces.c
@@ -438,6 +438,21 @@ int dump_task_ns_ids(struct pstree_item *item)
 	return 0;
 }
 
+static int userns_id(int id)
+{
+	return id;
+}
+
+int userns_uid(int uid)
+{
+	return userns_id(uid);
+}
+
+int userns_gid(int gid)
+{
+	return userns_id(gid);
+}
+
 static int dump_user_ns(pid_t pid, int ns_id)
 {
 	pr_err("User namesapces are not supported yet\n");
diff --git a/sk-unix.c b/sk-unix.c
index f31e43b..205df7c 100644
--- a/sk-unix.c
+++ b/sk-unix.c
@@ -209,8 +209,8 @@ static int dump_one_unix_fd(int lfd, u32 id, const struct fd_parms *p)
 		ue->file_perms = perms;
 
 		perms->mode	= sk->mode;
-		perms->uid	= sk->uid;
-		perms->gid	= sk->gid;
+		perms->uid	= userns_uid(sk->uid);
+		perms->gid	= userns_gid(sk->gid);
 	}
 
 	sk_encode_shutdown(ue, sk->shutdown);
-- 
1.9.3

More information about the CRIU mailing list