[CRIU] Sync TODO-s for mount.c work
Tycho Andersen
tycho.andersen at canonical.com
Wed Apr 22 10:38:42 PDT 2015
On Wed, Apr 22, 2015 at 07:17:36PM +0200, Oleg Nesterov wrote:
> On 04/22, Tycho Andersen wrote:
> >
> > On Wed, Apr 22, 2015 at 06:48:17PM +0200, Oleg Nesterov wrote:
> > >
> > > Let me start from the very beginning.
> > >
> > > # unshare -m
> > > # perl -e 'close STDIN; close STDOUT; close STDERR; sleep'
> > >
> > > dump/restore from the root ns works.
> > >
> > > # unshare -m
> > > # mount --make-slave /
> > > # mount --make-shared /
> > > # perl -e 'close STDIN; close STDOUT; close STDERR; sleep'
> > >
> > > dump/restore still work
> >
> > I'm confused about why this works, it seems like you have external
> > masters in this case too. Can you post the mountinfo?
>
> # cat /proc/self/mountinfo
> 17 38 0:3 / /proc rw,nosuid,nodev,noexec,relatime shared:5 - proc proc rw
> 18 38 0:16 / /sys rw,nosuid,nodev,noexec,relatime shared:6 - sysfs sysfs rw,seclabel
> 19 38 0:5 / /dev rw,nosuid shared:2 - devtmpfs devtmpfs rw,seclabel,size=16374292k,nr_inodes=4093573,mode=755
> 21 19 0:17 / /dev/shm rw,nosuid,nodev shared:3 - tmpfs tmpfs rw,seclabel
> 22 19 0:11 / /dev/pts rw,nosuid,noexec,relatime shared:4 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=000
> 23 38 0:18 / /run rw,nosuid,nodev shared:22 - tmpfs tmpfs rw,seclabel,mode=755
> 24 18 0:19 / /sys/fs/cgroup rw,nosuid,nodev,noexec shared:8 - tmpfs tmpfs rw,seclabel,mode=755
> 25 24 0:20 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:9 - cgroup cgroup rw,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd
> 38 1 253:1 / / rw,relatime shared:1 - xfs /dev/mapper/rhel_ibm--x3650m4--02--vm--02-root rw,seclabel,attr2,inode64,noquota
> #
> # unshare -m
> # mount --make-slave /
> # mount --make-shared /
> #
> # cat /proc/self/mountinfo
> 26 20 253:1 / / rw,relatime shared:7 master:1 - xfs /dev/mapper/rhel_ibm--x3650m4--02--vm--02-root rw,seclabel,attr2,inode64,noquota
> 27 26 0:5 / /dev rw,nosuid shared:2 - devtmpfs devtmpfs rw,seclabel,size=16374292k,nr_inodes=4093573,mode=755
> 28 27 0:17 / /dev/shm rw,nosuid,nodev shared:3 - tmpfs tmpfs rw,seclabel
> 29 27 0:11 / /dev/pts rw,nosuid,noexec,relatime shared:4 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=000
> 30 26 0:3 / /proc rw,nosuid,nodev,noexec,relatime shared:5 - proc proc rw
> 31 26 0:16 / /sys rw,nosuid,nodev,noexec,relatime shared:6 - sysfs sysfs rw,seclabel
> 32 31 0:19 / /sys/fs/cgroup rw,nosuid,nodev,noexec shared:8 - tmpfs tmpfs rw,seclabel,mode=755
> 33 32 0:20 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:9 - cgroup cgroup rw,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd
> 34 26 0:18 / /run rw,nosuid,nodev shared:22 - tmpfs tmpfs rw,seclabel,mode=755
> #
> # perl -e 'close STDIN; close STDOUT; close STDERR; sleep'
>
> dump/restore works.
Ah:
https://github.com/xemul/criu/blob/master/mount.c#L871
the external sharing check only happens when the mount is not the
root. I'm not sure why the special case, though.
>
> > When I do it I
> > get:
> >
> > 152 151 253:1 / / rw,relatime shared:31 master:1 - ext4 /dev/disk/by-uuid/6c5a78e0-95fa-49a8-aa91-a8093d295e58 rw,data=ordered
> >
> > where the peer group 1 is the rootfs mount on root namespace.
>
> Yes, same here. master==1.
>
> > > # unshare -m
> > > # mount --make-slave /
> > > # mount --make-shared /
> > > # mkdir /tmp/A /tmp/B
> > > # mount --bind /tmp/A /tmp/B
> > > # perl -e 'close STDIN; close STDOUT; close STDERR; sleep'
> > >
> > > Now it fails with the same
> > >
> > > Mount 35 ./tmp/B (master_id: 1 shared_id: 7) has unreachable sharing.
> > >
> > > error message.
> > >
> > > Why "restore" can't dump it? "restore" could simply do MS_BIND?
> >
> > Sorry, I'm not sure what you mean by "restore" here?
>
> Argh. Sorry, I meant "why criu can't dump...".
>
> > Anyway, yes, it
> > could do MS_BIND with some sharing flags, I think we just haven't
> > implemented that yet (this isn't an external mount, since it's bound
> > within the namespace).
>
> _Yes_ thanks. So can't we teach "auto" to do this?
>
> OK, OK, perhaps we should not abuse --ext-mount-map option for that,
> but this is minor.
Yes, we can, except that the current autodetection doesn't work if the
mounts are the "same" mount as you described in the other thread. We
could have some other option that knows how to do this, though (or
figure out how to detect the "same" mounts somehow and remove this
restriction).
Tycho
> Oleg.
>
More information about the CRIU
mailing list