[CRIU] [PATCH] restore: Wait for userns being prepared before moving into cgroups (v3)

[Andrey Vagin]

From: Andrew Vagin <avagin at virtuozzo.com>

When user namespace are stepping in we should wait for their preparation
to complete before start using userns daemon (internally the kernel
checks for uids and if uids are not set -EINVAL will be returned
when usersn calls for sendmsg()).

https://jira.sw.ru/browse/PSBM-46360

v2: change stages correctly
v3: Wait prepare_userns() before making any calls to usernsd()

Cc: Cyrill Gorcunov <gorcunov at gmail.com>
Acked-by: Cyrill Gorcunov <gorcunov at gmail.com>
Signed-off-by: Andrew Vagin <avagin at virtuozzo.com>
---
 criu/cr-restore.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/criu/cr-restore.c b/criu/cr-restore.c
index 34db7f7..6ee0850 100644
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -1663,6 +1663,11 @@ static int restore_task_with_children(void *_arg)
 			goto err;
 	}
 
+	/* Wait prepare_userns */
+	if (current->parent == NULL &&
+            restore_finish_stage(CR_STATE_RESTORE_NS) < 0)
+			goto err;
+
 	/*
 	 * Call this _before_ forking to optimize cgroups
 	 * restore -- if all tasks live in one set of cgroups
@@ -1679,9 +1684,6 @@ static int restore_task_with_children(void *_arg)
 			goto err;
 		}
 
-		if (restore_finish_stage(CR_STATE_RESTORE_NS) < 0)
-			goto err;
-
 		pr_info("Calling restore_sid() for init\n");
 		restore_sid();
 
-- 
2.5.5