[CRIU] Status of CLONE_NEWUSER dump and restore
Richard Larocque
rlarocque at google.com
Mon Sep 22 10:23:58 PDT 2014
On Mon, Sep 22, 2014 at 3:37 AM, Andrew Vagin <avagin at parallels.com> wrote:
> On Mon, Sep 22, 2014 at 12:14:01PM +0400, Pavel Emelyanov wrote:
>> On 09/20/2014 02:01 AM, Richard Larocque wrote:
>> >>
>> >>> Is there anything remaining form Sophie's work
>> >>> (http://lists.openvz.org/pipermail/criu/2014-August/015571.html) that
>> >>> needs to be rebased and re-submitted to the mailing lists?
>> >>
>> >> Not from what was _done_ by Sophie, but we all agreed that we wanted
>> >> her to have the zdtm test suite got patched to explicitly list tests
>> >> that can and that cannot be c/r-ed inside user namespace. And eventually
>> >> fix criu (and kernel) and include more tests in this lists.
>> >>
>> >
>> > That makes sense. There seems to be some work along these lines
>> > already pending:
>> > https://github.com/avagin/criu/commit/80afa684396db39a1e14f842e1d442acd871965a
>> >
>> > I'll probably take a closer look at this after the pending patches
>> > have started to land in the kernel and criu. For now, I'll try to
>> > concentrate on areas of the code that are less actively under
>> > construction. That will make it easier to avoid bumping in to others'
>> > work.
>>
>> Thanks for looking into this!
>>
>> Actually, you shouldn't switch to less priority tasks waiting for us to complete
>> the mentioned patches. If userns is in high prio for you, just talk to Andrey
>> (avagin@) about this. He has a lot of tasks to do, I think he wouldn't mind if
>> someone joins the "userns patches" one.
>
> Sure, you can continue this work. Here is my branch with userns patches:
> https://github.com/avagin/criu/tree/userns2
>
> I think the userspace part is mostly completed. Now the most priority is
> the issue about map_files. We can try to remove requirement of
> CAP_SYS_ADMIN for accessing these files. because I think ptrace_attach
> should be enough. Or Pavel sugests to try to use memfd for restoring
> shared memory.
>
Thanks for the pointers.
I think the main priority for us was to get basic namespace migration
working. I suspect we'll want most of the items on that list sooner
or later, but I don't know which ones or how soon.
So, I can't promise any results, but I'll take a look if I get a chance.
Richard.
More information about the CRIU
mailing list