[CRIU] [PATCH] restore: Wait for userns being prepared before moving into cgroups (v2)
Pavel Emelyanov
xemul at virtuozzo.com
Thu Apr 21 05:28:54 PDT 2016
On 04/21/2016 01:50 AM, Andrey Vagin wrote:
> From: Andrew Vagin <avagin at virtuozzo.com>
>
> When user namespace are stepping in we should wait for their preparation
> to complete before start using userns daemon (internally the kernel
> checks for uids and if uids are not set -EINVAL will be returned
> when usersn calls for sendmsg()).
>
> Thus use completion and wait for uid maps being written first.
The commit message doesn't match the patch itself.
> @@ -213,7 +213,8 @@ static inline unsigned long restorer_stack(struct thread_restore_args *a)
>
> enum {
> CR_STATE_FAIL = -1,
> - CR_STATE_RESTORE_NS = 0, /* is used for executing "setup-namespace" scripts */
> + CR_STATE_RESTORE_USERNS = 0, /* restore uid_map and gid_map */
> + CR_STATE_RESTORE_NS, /* is used for executing "setup-namespace" scripts */
Why not merge it with CR_STATE_RESTORE_NS?
> CR_STATE_RESTORE_SHARED,
> CR_STATE_FORKING,
> CR_STATE_RESTORE,
>
More information about the CRIU
mailing list