[CRIU] [PATCH 2/2] net: Add ip rule save/restore
Pavel Emelyanov
xemul at parallels.com
Fri Oct 23 09:13:05 PDT 2015
> @@ -588,6 +588,24 @@ static inline int dump_route(struct cr_imgset *fds)
> return 0;
> }
>
> +static inline int dump_rule(struct cr_imgset *fds)
> +{
> + struct cr_img *img = img_from_set(fds, CR_FD_RULE);
> + char *path = strdup(img->path);
Variables initialization with anything but constants is not welcome.
> + if (!path)
> + return -1;
> +
> + if (run_ip_tool("rule", "save", NULL, -1, img_raw_fd(img))) {
> + pr_err("Check if \"ip rule save\" is supported!\n");
> + unlinkat(get_service_fd(IMG_FD_OFF), path, 0);
> + }
> +
> + free(path);
> +
> + return 0;
> +}
> +
> static inline int dump_iptables(struct cr_imgset *fds)
> {
> struct cr_img *img = img_from_set(fds, CR_FD_IPTABLES);
> @@ -657,6 +675,24 @@ static inline int restore_route(int pid)
> return 0;
> }
>
> +static inline int restore_rule(int pid)
> +{
> + if (test_image(CR_FD_RULE, pid)) {
There's no need in test_image(), just call open_image() and
check for empty_image() on result.
> + /*
> + * Delete 3 default rules to prevent duplicates. See kernel's
> + * function fib_default_rules_init() for the details.
> + */
> + run_ip_tool("rule", "delete", NULL, -1, -1);
> + run_ip_tool("rule", "delete", NULL, -1, -1);
> + run_ip_tool("rule", "delete", NULL, -1, -1);
> +
> + if (restore_ip_dump(CR_FD_RULE, pid, "rule"))
> + return -1;
> + }
> +
> + return 0;
> +}
> +
> static inline int restore_iptables(int pid)
> {
> int ret = -1;
More information about the CRIU
mailing list