[CRIU] [PATCH 2/2] mount: fix a race between restoring namespaces and file mappings
Pavel Emelyanov
xemul at parallels.com
Fri Dec 4 04:26:37 PST 2015
On 12/04/2015 12:13 AM, Andrey Vagin wrote:
> From: Andrew Vagin <avagin at virtuozzo.com>
>
> Currently we wait when a namespace will be restored to get its root.
> We need to open a namespace root to open a file to restore a memory mapping.
>
> A process restores mappings and only then forks children. So we can have
> a situation, when we need to open a file from a namespace, which will be
> "restored" by one of our children.
>
> The root task restores all mount namespaces and opens a file descriptor
> for each of them. In this patch we open root for each mntns in the root
> task.
>
> If we neeed to get root of a namespace which isn't populated, we can get
> it from the root task. After the CR_STATE_FORKING stage, the root task
> closes all namespace descriptors ane we know that all namespaces are
> populated at this moment.
>
> Signed-off-by: Andrew Vagin <avagin at virtuozzo.com>
> ---
> include/namespaces.h | 1 +
> mount.c | 37 +++++++++++++++++++++++++++++++------
> 2 files changed, 32 insertions(+), 6 deletions(-)
>
> diff --git a/include/namespaces.h b/include/namespaces.h
> index c655890..953b874 100644
> --- a/include/namespaces.h
> +++ b/include/namespaces.h
> @@ -38,6 +38,7 @@ struct ns_id {
> struct mount_info *mntinfo_list;
> struct mount_info *mntinfo_tree;
> int ns_fd;
> + int root_fd;
> } mnt;
>
> struct {
> diff --git a/mount.c b/mount.c
> index 38c9922..2321416 100644
> --- a/mount.c
> +++ b/mount.c
> @@ -2673,6 +2673,7 @@ void fini_restore_mntns(void)
> if (nsid->nd != &mnt_ns_desc)
> continue;
> close(nsid->mnt.ns_fd);
> + close(nsid->mnt.root_fd);
Will this be called on root ns? For which you omit opening the
"/" with the hunk below.
> }
> }
>
> @@ -2885,6 +2886,7 @@ int prepare_mnt_ns(void)
> nsid->mnt.ns_fd = open_proc(PROC_SELF, "ns/mnt");
> if (nsid->mnt.ns_fd < 0)
> goto err;
> + futex_set(&nsid->ns_populated, 1);
Here should go a comment why we don't open root_fd for root ns.
> continue;
> }
>
More information about the CRIU
mailing list