[CRIU] [PATCH RFC] namespaces: use CLONE_VFORK with CLONE_VM when it is possible
Pavel Emelyanov
xemul at virtuozzo.com
Mon Mar 20 12:40:09 PDT 2017
> @@ -1026,13 +1025,7 @@ int collect_user_ns(struct ns_id *ns, void *oarg)
> * may do changes about CRIU's internal files states in memory,
> * so pass CLONE_FILES to reflect that.
> */
> - stack_size = 2 * 1024 * 1024;
> - stack = mmap(NULL, stack_size, PROT_WRITE | PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
> - if (stack == MAP_FAILED) {
> - pr_perror("Can't allocate stack");
> - return -1;
> - }
> - pid = clone(dump_user_ns, stack + stack_size, CLONE_VM | CLONE_FILES | SIGCHLD, ns);
> + pid = clone_noasan(dump_user_ns, CLONE_VM | CLONE_FILES | SIGCHLD | CLONE_VFORK, ns);
This seems legit. I has some worries about dump_user_ns() might screw things up in the
parent VM, but it seems not to.
So ... looks like ACK :) but CLONE_VM here itself is quite nasty :(
> if (pid == -1) {
> pr_perror("Can't clone");
> return -1;
> @@ -1045,7 +1038,6 @@ int collect_user_ns(struct ns_id *ns, void *oarg)
> pr_err("Can't dump nested user_ns: %x\n", status);
> return -1;
> }
> - munmap(stack, stack_size);
> return 0;
> } else {
> if (__dump_user_ns(ns))
>
More information about the CRIU
mailing list