[CRIU] Status of CLONE_NEWUSER dump and restore
Andrew Vagin
avagin at parallels.com
Mon Sep 22 03:37:26 PDT 2014
On Mon, Sep 22, 2014 at 12:14:01PM +0400, Pavel Emelyanov wrote:
> On 09/20/2014 02:01 AM, Richard Larocque wrote:
> >>
> >>> Is there anything remaining form Sophie's work
> >>> (http://lists.openvz.org/pipermail/criu/2014-August/015571.html) that
> >>> needs to be rebased and re-submitted to the mailing lists?
> >>
> >> Not from what was _done_ by Sophie, but we all agreed that we wanted
> >> her to have the zdtm test suite got patched to explicitly list tests
> >> that can and that cannot be c/r-ed inside user namespace. And eventually
> >> fix criu (and kernel) and include more tests in this lists.
> >>
> >
> > That makes sense. There seems to be some work along these lines
> > already pending:
> > https://github.com/avagin/criu/commit/80afa684396db39a1e14f842e1d442acd871965a
> >
> > I'll probably take a closer look at this after the pending patches
> > have started to land in the kernel and criu. For now, I'll try to
> > concentrate on areas of the code that are less actively under
> > construction. That will make it easier to avoid bumping in to others'
> > work.
>
> Thanks for looking into this!
>
> Actually, you shouldn't switch to less priority tasks waiting for us to complete
> the mentioned patches. If userns is in high prio for you, just talk to Andrey
> (avagin@) about this. He has a lot of tasks to do, I think he wouldn't mind if
> someone joins the "userns patches" one.
Sure, you can continue this work. Here is my branch with userns patches:
https://github.com/avagin/criu/tree/userns2
I think the userspace part is mostly completed. Now the most priority is
the issue about map_files. We can try to remove requirement of
CAP_SYS_ADMIN for accessing these files. because I think ptrace_attach
should be enough. Or Pavel sugests to try to use memfd for restoring
shared memory.
>
> Thanks,
> Pavel
>
More information about the CRIU
mailing list