[CRIU] [PATCH v10 07/11] net: open a netlink socket in criu's netns

Pavel Emelyanov xemul at virtuozzo.com
Thu Oct 27 05:49:37 PDT 2016 

On 10/27/2016 07:55 AM, Andrei Vagin wrote:
> On Thu, Oct 20, 2016 at 10:25:27AM -0600, Tycho Andersen wrote:
>> We'll use this socket to restore macvlan interfaces.
>>
>> Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
>> ---
>>  criu/net.c | 41 ++++++++++++++++++++++++++++++++++++++---
>>  1 file changed, 38 insertions(+), 3 deletions(-)
>>
>> diff --git a/criu/net.c b/criu/net.c
>> index f807c5e..f7d586e 100644
>> --- a/criu/net.c
>> +++ b/criu/net.c
>> @@ -1026,7 +1026,7 @@ static int changeflags(int s, char *name, short flags)
>>  	return 0;
>>  }
>>  
>> -static int restore_link(NetDeviceEntry *nde, int nlsk)
>> +static int restore_link(NetDeviceEntry *nde, int nlsk, int criu_nlsk)
>>  {
>>  	pr_info("Restoring link %s type %d\n", nde->name, nde->type);
>>  
>> @@ -1052,7 +1052,7 @@ static int restore_link(NetDeviceEntry *nde, int nlsk)
>>  
>>  static int restore_links(int pid, NetnsEntry **netns)
>>  {
>> -	int nlsk, ret;
>> +	int nlsk, criu_nlsk = -1, ret = -1, my_netns = -1, ns_fd = get_service_fd(NS_FD_OFF);
>>  	struct cr_img *img;
>>  	NetDeviceEntry *nde;
>>  
>> @@ -1067,6 +1067,38 @@ static int restore_links(int pid, NetnsEntry **netns)
>>  		return -1;
>>  	}
>>  
>> +	if (!(root_ns_mask & CLONE_NEWUSER)) {
>> +		/* FIXME: this whole dance is so we can have a netlink socket to criu's
>> +		 * netns in case we need it. It should really live on the ns_id struct,
>> +		 * but those aren't generated on restore yet.
>> +		 */
>> +		my_netns = open_proc(PROC_SELF, "ns/net");
>> +		if (my_netns < 0) {
>> +			pr_perror("couldn't open my netns");
>> +			goto out;
>> +		}
>> +
>> +		if (setns(ns_fd, CLONE_NEWNET) < 0) {
>> +			close(my_netns);
>> +			pr_perror("couldn't setns to parent ns");
>> +			goto out;
>> +		}
>> +
>> +		criu_nlsk = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
> 
> Why we can't create this socket before forking the root task? In this
> case it will work for userns too.

I wanted to have this socket for each netns created in your multi-ns patchset :)
and sit on ns_id structure.

-- Pavel

>> +		ret = setns(my_netns, CLONE_NEWNET);
>> +		close(my_netns);
>> +
>> +		if (ret < 0) {
>> +			pr_perror("Can't setns back my netns");
>> +			goto out;
>> +		}
>> +
>> +		if (criu_nlsk < 0) {
>> +			pr_perror("Can't create nlk socket");
>> +			goto out;
>> +		}
>> +	}
>> +
>>  	while (1) {
>>  		NetnsEntry **def_netns = netns;
>>  
>> @@ -1074,7 +1106,7 @@ static int restore_links(int pid, NetnsEntry **netns)
>>  		if (ret <= 0)
>>  			break;
>>  
>> -		ret = restore_link(nde, nlsk);
>> +		ret = restore_link(nde, nlsk, criu_nlsk);
>>  		if (ret) {
>>  			pr_err("Can't restore link\n");
>>  			goto exit;
>> @@ -1103,6 +1135,9 @@ exit:
>>  			break;
>>  	}
>>  
>> +out:
>> +	if (criu_nlsk >= 0)
>> +		close(criu_nlsk);
>>  	close(nlsk);
>>  	close_image(img);
>>  	return ret;
>> -- 
>> 2.7.4
>>
>> _______________________________________________
>> CRIU mailing list
>> CRIU at openvz.org
>> https://lists.openvz.org/mailman/listinfo/criu
> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu
> .
>

More information about the CRIU mailing list