[CRIU] [PATCH RESEND v1 55/55] ns: Nested pid_ns support

Andrei Vagin avagin at virtuozzo.com
Mon Mar 27 11:08:31 PDT 2017


On Fri, Mar 24, 2017 at 06:17:39PM +0300, Kirill Tkhai wrote:
> Allow nested pid_ns, but turn restoring of pgid and sid off for the cases,
> when there are child pid namespaces. This functionality will be realized
> by Pavel Tikhomirov, he is working on that.

Pavel implements restore of a processes tree with additional
sub-reapers. I don't understand why we can't set sid and group, if we
have a whole tree (when all session leaders are alive)

> 
> Also, current criu has a problem with restoring tun if nested net namespaces
> exist. See my letter "[net_ns] Problem of restoring tun in nested net namespace".
> So, I've turned tun test off for a while.

I don't understand why we have to disable it. This test doesn't create
nested network namespace and it works now. How does this series affect
it?

> 
> Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
> ---
>  criu/cr-restore.c         |    5 +++++
>  criu/include/namespaces.h |    2 +-
>  criu/pstree.c             |    2 ++
>  test/zdtm/static/tun.desc |    2 +-
>  4 files changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/criu/cr-restore.c b/criu/cr-restore.c
> index bb5abd70..8bb045b3 100644
> --- a/criu/cr-restore.c
> +++ b/criu/cr-restore.c
> @@ -1263,6 +1263,8 @@ static void restore_sid(void)
>  {
>  	pid_t sid;
>  
> +	if (!list_empty(&top_pid_ns->children))
> +		return;
>  	/*
>  	 * SID can only be reset to pid or inherited from parent.
>  	 * Thus we restore it right here to let our kids inherit
> @@ -1306,6 +1308,9 @@ static void restore_pgid(void)
>  
>  	pid_t pgid, my_pgid = last_level_pid(current->pgid);
>  
> +	if (!list_empty(&top_pid_ns->children))
> +		return;
> +
>  	pr_info("Restoring %d to %d pgid\n", vpid(current), my_pgid);
>  
>  	pgid = getpgrp();
> diff --git a/criu/include/namespaces.h b/criu/include/namespaces.h
> index d8126eb5..068d9e66 100644
> --- a/criu/include/namespaces.h
> +++ b/criu/include/namespaces.h
> @@ -39,7 +39,7 @@
>  #define CLONE_ALLNS	(CLONE_NEWPID | CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWUTS | CLONE_NEWNS | CLONE_NEWUSER | CLONE_NEWCGROUP)
>  
>  /* Nested namespaces are supported only for these types */
> -#define CLONE_SUBNS	(CLONE_NEWNS | CLONE_NEWNET | CLONE_NEWUSER)
> +#define CLONE_SUBNS	(CLONE_NEWNS | CLONE_NEWNET | CLONE_NEWUSER | CLONE_NEWPID)
>  
>  #define MAX_NS_NESTING	32
>  #define EXTRA_SIZE	20
> diff --git a/criu/pstree.c b/criu/pstree.c
> index 09a7ac8c..f3492010 100644
> --- a/criu/pstree.c
> +++ b/criu/pstree.c
> @@ -858,6 +858,8 @@ static int prepare_pstree_ids(void)
>  	struct pstree_item *item, *child, *helper, *tmp;
>  	LIST_HEAD(helpers);
>  
> +	if (!list_empty(&top_pid_ns->children))
> +		return 0;
>  	pid_t current_pgid = getpgid(getpid());
>  
>  	/*
> diff --git a/test/zdtm/static/tun.desc b/test/zdtm/static/tun.desc
> index 8c7cfe86..eac32c2d 100644
> --- a/test/zdtm/static/tun.desc
> +++ b/test/zdtm/static/tun.desc
> @@ -1 +1 @@
> -{'flavor': 'ns uns', 'flags': 'suid', 'feature': 'tun'}
> +{'flavor': 'ns uns', 'flags': 'suid noauto', 'feature': 'tun'}
> 


More information about the CRIU mailing list