[CRIU] [PATCH v10 07/11] net: open a netlink socket in criu's netns

Andrei Vagin avagin at virtuozzo.com
Wed Oct 26 21:55:19 PDT 2016 

On Thu, Oct 20, 2016 at 10:25:27AM -0600, Tycho Andersen wrote:
> We'll use this socket to restore macvlan interfaces.
> 
> Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
> ---
>  criu/net.c | 41 ++++++++++++++++++++++++++++++++++++++---
>  1 file changed, 38 insertions(+), 3 deletions(-)
> 
> diff --git a/criu/net.c b/criu/net.c
> index f807c5e..f7d586e 100644
> --- a/criu/net.c
> +++ b/criu/net.c
> @@ -1026,7 +1026,7 @@ static int changeflags(int s, char *name, short flags)
>  	return 0;
>  }
>  
> -static int restore_link(NetDeviceEntry *nde, int nlsk)
> +static int restore_link(NetDeviceEntry *nde, int nlsk, int criu_nlsk)
>  {
>  	pr_info("Restoring link %s type %d\n", nde->name, nde->type);
>  
> @@ -1052,7 +1052,7 @@ static int restore_link(NetDeviceEntry *nde, int nlsk)
>  
>  static int restore_links(int pid, NetnsEntry **netns)
>  {
> -	int nlsk, ret;
> +	int nlsk, criu_nlsk = -1, ret = -1, my_netns = -1, ns_fd = get_service_fd(NS_FD_OFF);
>  	struct cr_img *img;
>  	NetDeviceEntry *nde;
>  
> @@ -1067,6 +1067,38 @@ static int restore_links(int pid, NetnsEntry **netns)
>  		return -1;
>  	}
>  
> +	if (!(root_ns_mask & CLONE_NEWUSER)) {
> +		/* FIXME: this whole dance is so we can have a netlink socket to criu's
> +		 * netns in case we need it. It should really live on the ns_id struct,
> +		 * but those aren't generated on restore yet.
> +		 */
> +		my_netns = open_proc(PROC_SELF, "ns/net");
> +		if (my_netns < 0) {
> +			pr_perror("couldn't open my netns");
> +			goto out;
> +		}
> +
> +		if (setns(ns_fd, CLONE_NEWNET) < 0) {
> +			close(my_netns);
> +			pr_perror("couldn't setns to parent ns");
> +			goto out;
> +		}
> +
> +		criu_nlsk = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);

Why we can't create this socket before forking the root task? In this
case it will work for userns too.

> +		ret = setns(my_netns, CLONE_NEWNET);
> +		close(my_netns);
> +
> +		if (ret < 0) {
> +			pr_perror("Can't setns back my netns");
> +			goto out;
> +		}
> +
> +		if (criu_nlsk < 0) {
> +			pr_perror("Can't create nlk socket");
> +			goto out;
> +		}
> +	}
> +
>  	while (1) {
>  		NetnsEntry **def_netns = netns;
>  
> @@ -1074,7 +1106,7 @@ static int restore_links(int pid, NetnsEntry **netns)
>  		if (ret <= 0)
>  			break;
>  
> -		ret = restore_link(nde, nlsk);
> +		ret = restore_link(nde, nlsk, criu_nlsk);
>  		if (ret) {
>  			pr_err("Can't restore link\n");
>  			goto exit;
> @@ -1103,6 +1135,9 @@ exit:
>  			break;
>  	}
>  
> +out:
> +	if (criu_nlsk >= 0)
> +		close(criu_nlsk);
>  	close(nlsk);
>  	close_image(img);
>  	return ret;
> -- 
> 2.7.4
> 
> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu

More information about the CRIU mailing list