[CRIU] [PATCH v5 06/31] user_ns: Make collect_user_ns() allocate child UsernsEntry mappings

Kirill Tkhai ktkhai at virtuozzo.com
Thu Feb 23 07:13:16 PST 2017


Allocate mapping for NS_OTHER too.

Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 criu/include/namespaces.h |    4 +++
 criu/namespaces.c         |   60 +++++++++++++++++++++++++++++++++------------
 2 files changed, 48 insertions(+), 16 deletions(-)

diff --git a/criu/include/namespaces.h b/criu/include/namespaces.h
index 1b5409aef..642f04cf9 100644
--- a/criu/include/namespaces.h
+++ b/criu/include/namespaces.h
@@ -6,6 +6,7 @@
 #include "common/compiler.h"
 #include "files.h"
 #include "common/list.h"
+#include "images/userns.pb-c.h"
 
 #ifndef CLONE_NEWNS
 #define CLONE_NEWNS	0x00020000
@@ -112,6 +113,9 @@ struct ns_id {
 			int nlsk;	/* for sockets collection */
 			int seqsk;	/* to talk to parasite daemons */
 		} net;
+		struct {
+			UsernsEntry *e;
+		} user;
 	};
 };
 extern struct ns_id *ns_ids;
diff --git a/criu/namespaces.c b/criu/namespaces.c
index 8863a0be3..d3f2ebe37 100644
--- a/criu/namespaces.c
+++ b/criu/namespaces.c
@@ -753,16 +753,14 @@ static int set_ns_hookups(struct ns_id *ns)
 	return ret;
 }
 
-static UsernsEntry userns_entry = USERNS_ENTRY__INIT;
+/* Mapping NS_ROOT to NS_CRIU */
+static UsernsEntry *userns_entry;
 #define INVALID_ID (~0U)
 
 static unsigned int userns_id(unsigned int id, UidGidExtent **map, int n)
 {
 	int i;
 
-	if (!(root_ns_mask & CLONE_NEWUSER))
-		return id;
-
 	for (i = 0; i < n; i++) {
 		if (map[i]->lower_first <= id &&
 		    map[i]->lower_first + map[i]->count > id)
@@ -790,25 +788,33 @@ static unsigned int host_id(unsigned int id, UidGidExtent **map, int n)
 
 static uid_t host_uid(uid_t uid)
 {
-	UsernsEntry *e = &userns_entry;
+	UsernsEntry *e = userns_entry;
 	return host_id(uid, e->uid_map, e->n_uid_map);
 }
 
 static gid_t host_gid(gid_t gid)
 {
-	UsernsEntry *e = &userns_entry;
+	UsernsEntry *e = userns_entry;
 	return host_id(gid, e->gid_map, e->n_gid_map);
 }
 
 uid_t userns_uid(uid_t uid)
 {
-	UsernsEntry *e = &userns_entry;
+	UsernsEntry *e = userns_entry;
+
+	if (!(root_ns_mask & CLONE_NEWUSER) || !e)
+		return uid;
+
 	return userns_id(uid, e->uid_map, e->n_uid_map);
 }
 
 gid_t userns_gid(gid_t gid)
 {
-	UsernsEntry *e = &userns_entry;
+	UsernsEntry *e = userns_entry;
+
+	if (!(root_ns_mask & CLONE_NEWUSER) || !e)
+		return gid;
+
 	return userns_id(gid, e->gid_map, e->n_gid_map);
 }
 
@@ -880,6 +886,15 @@ static int dump_user_ns(struct ns_id *ns);
 
 int collect_user_ns(struct ns_id *ns, void *oarg)
 {
+	UsernsEntry *e;
+
+	e = xmalloc(sizeof(*e));
+	if (!e)
+		return -1;
+	userns_entry__init(e);
+	ns->user.e = e;
+	if (ns->type == NS_ROOT)
+		userns_entry = e;
 	/*
 	 * User namespace is dumped before files to get uid and gid
 	 * mappings, which are used for convirting local id-s to
@@ -1023,7 +1038,7 @@ static int dump_user_ns(struct ns_id *ns)
 {
 	int ret, exit_code = -1;
 	pid_t pid = ns->ns_pid;
-	UsernsEntry *e = &userns_entry;
+	UsernsEntry *e = ns->user.e;
 	struct cr_img *img;
 
 	ret = parse_id_map(pid, "uid_map", &e->uid_map);
@@ -1060,16 +1075,29 @@ static int dump_user_ns(struct ns_id *ns)
 	return exit_code;
 }
 
-void free_userns_maps()
+static int do_free_userns_map(struct ns_id *ns, void *arg)
 {
-	if (userns_entry.n_uid_map > 0) {
-		xfree(userns_entry.uid_map[0]);
-		xfree(userns_entry.uid_map);
+	UsernsEntry *e = ns->user.e;
+
+	if (!e)
+		return 0;
+	if (e->n_uid_map > 0) {
+		xfree(e->uid_map[0]);
+		xfree(e->uid_map);
 	}
-	if (userns_entry.n_gid_map > 0) {
-		xfree(userns_entry.gid_map[0]);
-		xfree(userns_entry.gid_map);
+	if (e->n_gid_map > 0) {
+		xfree(e->gid_map[0]);
+		xfree(e->gid_map);
 	}
+	if (e == userns_entry)
+		userns_entry = NULL;
+	ns->user.e = NULL;
+
+	return 0;
+}
+void free_userns_maps()
+{
+	walk_namespaces(&user_ns_desc, do_free_userns_map, NULL);
 }
 
 static int do_dump_namespaces(struct ns_id *ns)



More information about the CRIU mailing list