[CRIU] [PATCH v3 00/33] Nested user namespaces support
Kirill Tkhai
ktkhai at virtuozzo.com
Thu Feb 16 04:06:33 PST 2017
Hi,
this is the third version of nested user namespaces support.
There are also a couple of refactoring for pid namespaces
support, which is the thing I'm working at the moment.
In comparation to v2 there were made:
1)Create user ns hierarhy from root_item
2)Rebased on fresh criu-dev; mostly it's fdstore
3)Added a patch to support user_ns in nested net_ns
4)Some fixes to determ ns hierarhy right, where kernel does not support nsfs
5)Fixes for alignment of stack in clone
https://travis-ci.org/tkhai/criu/builds/202219501
---
Kirill Tkhai (33):
zdtm: Add userns00 test
zdtm: Add userns01 test
core: Introduce last_pid_mutex and use it to synchronize ns_last_pid assignment
restore: Implement set_next_pid() helper
ns: Set nested namespaces hookups
ns: Set hookups for all namespaces
ns: Change arguments of dump_user_ns()
user_ns: Make collect_user_ns() allocate child UsernsEntry mappings
user_ns: Make host_id() working with any mapping and rename it
ns: Rename and export userns_id() and INVALID_ID
ns: Implement target_userns_{u,g}id() and root_userns_{u,g}id()
ns: Add user and pid ns_id on restore
user_ns: Name loading UsernsEntry mappings on restore "old format"
ns: Provide the case when root_item has !NS_ROOT user_ns in rst_add_ns_id()
ns: Set pointer to root_user_ns in ns_ids
ns: Implement dup_userns_entry()
images: Move uid_gid_extent and userns_entry descriptions
proto: Add ns_hookup_entry description
ns: Write/read ns entries in new way
ns: Make prepare_userns() have ns map parameter
ns: Make write_id_map() use CR_PROC_FD_OFF
proc: Close CR_PROC_FD_OFF and TRANSPORT_FD_OFF later
utils: Move getting real pid functionality to separate function
ns: Generate user_ns tree
user_ns: Set user_ns before net_ns creation
utils: Introduce open_fd_of_real_pid()
ns: Implement set_user_ns()
ns: Set target user_ns after net_ns is set
shmem: Fixup shmem_wait_and_open() opens foreign /proc/[pid]/fd/[i]
rst: Pass pstree_item argument to alloc_groups_copy_creds()
ns: Dump creds xids in root_user_ns
ns: Convert task cred's xids to target user ns
ns: Allow nested user namespaces
criu/cgroup.c | 2
criu/cr-dump.c | 6
criu/cr-restore.c | 141 ++++---
criu/files.c | 1
criu/image-desc.c | 1
criu/include/cgroup.h | 2
criu/include/image-desc.h | 1
criu/include/magic.h | 1
criu/include/namespaces.h | 37 ++
criu/include/parasite-syscall.h | 4
criu/include/protobuf-desc.h | 1
criu/include/pstree.h | 2
criu/include/rst_info.h | 1
criu/include/util.h | 3
criu/namespaces.c | 796 ++++++++++++++++++++++++++++++++++++---
criu/net.c | 43 ++
criu/parasite-syscall.c | 42 +-
criu/pie/restorer.c | 56 +--
criu/protobuf-desc.c | 2
criu/pstree.c | 14 +
criu/shmem.c | 4
criu/util.c | 48 ++
images/Makefile | 1
images/ns.proto | 30 +
images/userns.proto | 12 -
lib/py/images/images.py | 1
test/zdtm/static/Makefile | 2
test/zdtm/static/userns00.c | 295 ++++++++++++++
test/zdtm/static/userns00.desc | 1
test/zdtm/static/userns01.c | 149 +++++++
test/zdtm/static/userns01.desc | 1
31 files changed, 1516 insertions(+), 184 deletions(-)
delete mode 100644 images/userns.proto
create mode 100644 test/zdtm/static/userns00.c
create mode 100644 test/zdtm/static/userns00.desc
create mode 100644 test/zdtm/static/userns01.c
create mode 100644 test/zdtm/static/userns01.desc
--
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
More information about the CRIU
mailing list