[CRIU] [PATCH v1 06/55] net: Do not change net_ns of root_item in create_net_ns()

Kirill Tkhai ktkhai at virtuozzo.com
Fri Mar 24 07:56:14 PDT 2017


Currently, we do unshare(CLONE_NEWNET), but do not restore
old net ns. So, net_ns of criu task and root_item becomes
different. Unpredictible net_ns of root_item is not good,
so this patch fixes the problem.

Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 criu/net.c |   37 +++++++++++++++++--------------------
 1 file changed, 17 insertions(+), 20 deletions(-)

diff --git a/criu/net.c b/criu/net.c
index a5d3df6b..977a9091 100644
--- a/criu/net.c
+++ b/criu/net.c
@@ -1721,20 +1721,22 @@ static int create_net_ns(void *arg)
 	int ufd, ret;
 
 	uns = ns->user_ns;
-	ufd = fdstore_get(uns->user.nsfd_id);
-	if (ufd < 0) {
-		pr_err("Can't get user ns\n");
-		exit(1);
-	}
-	if (setns(ufd, CLONE_NEWUSER) < 0) {
-		pr_perror("Can't set user ns");
-		exit(2);
-	}
-	if (prepare_userns_creds() < 0) {
-		pr_err("Can't prepare creds\n");
-		exit(3);
+	if (uns && uns != root_user_ns) {
+		ufd = fdstore_get(uns->user.nsfd_id);
+		if (ufd < 0) {
+			pr_err("Can't get user ns\n");
+			exit(1);
+		}
+		if (setns(ufd, CLONE_NEWUSER) < 0) {
+			pr_perror("Can't set user ns");
+			exit(2);
+		}
+		close(ufd);
+		if (prepare_userns_creds() < 0) {
+			pr_err("Can't prepare creds\n");
+			exit(3);
+		}
 	}
-	close(ufd);
 	ret = do_create_net_ns(ns) ? 3 : 0;
 	exit(ret);
 }
@@ -1751,13 +1753,8 @@ int prepare_net_namespaces()
 		if (nsid->nd != &net_ns_desc)
 			continue;
 
-		if (root_user_ns && nsid->user_ns != root_user_ns) {
-			if (call_in_child_process(create_net_ns, nsid) < 0)
-				goto err;
-		} else {
-			if (do_create_net_ns(nsid))
-				goto err;
-		}
+		if (call_in_child_process(create_net_ns, nsid) < 0)
+			goto err;
 	}
 
 	close_service_fd(NS_FD_OFF);



More information about the CRIU mailing list