[CRIU] [PATCH RESEND v1 55/55] ns: Nested pid_ns support
Kirill Tkhai
ktkhai at virtuozzo.com
Tue Mar 28 02:59:18 PDT 2017
On 27.03.2017 21:08, Andrei Vagin wrote:
> On Fri, Mar 24, 2017 at 06:17:39PM +0300, Kirill Tkhai wrote:
>> Allow nested pid_ns, but turn restoring of pgid and sid off for the cases,
>> when there are child pid namespaces. This functionality will be realized
>> by Pavel Tikhomirov, he is working on that.
>
> Pavel implements restore of a processes tree with additional
> sub-reapers. I don't understand why we can't set sid and group, if we
> have a whole tree (when all session leaders are alive)
If session leaders are alive, it's not guaranteed, we can restore a tree
without subreapers. I disabled restore_before_setsid, because I want to minimize
number of dependencies in task creation order. Dependencies simply give deadlocks.
The only dependence remaining is INIT_PID of a pid_ns must be created before
other tasks from this namespace. But they may be sorted wrong in parent->children.
It's a problem, and I do not solve it in any way, because it's one of the problems,
which are being solved by Pavel at the moment.
>>
>> Also, current criu has a problem with restoring tun if nested net namespaces
>> exist. See my letter "[net_ns] Problem of restoring tun in nested net namespace".
>> So, I've turned tun test off for a while.
>
> I don't understand why we have to disable it. This test doesn't create
> nested network namespace and it works now. How does this series affect
> it?
Patch "[PATCH RESEND v1 06/55] net: Do not change net_ns of root_item in create_net_ns()"
pops up a problem I talked you in "[net_ns] Problem of restoring tun in nested net namespace".
I disabled tun in the end of the series just to not a create a separate patch for that.
If it s more clear, I may disable the test in [6/55] in next version.
>>
>> Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
>> ---
>> criu/cr-restore.c | 5 +++++
>> criu/include/namespaces.h | 2 +-
>> criu/pstree.c | 2 ++
>> test/zdtm/static/tun.desc | 2 +-
>> 4 files changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/criu/cr-restore.c b/criu/cr-restore.c
>> index bb5abd70..8bb045b3 100644
>> --- a/criu/cr-restore.c
>> +++ b/criu/cr-restore.c
>> @@ -1263,6 +1263,8 @@ static void restore_sid(void)
>> {
>> pid_t sid;
>>
>> + if (!list_empty(&top_pid_ns->children))
>> + return;
>> /*
>> * SID can only be reset to pid or inherited from parent.
>> * Thus we restore it right here to let our kids inherit
>> @@ -1306,6 +1308,9 @@ static void restore_pgid(void)
>>
>> pid_t pgid, my_pgid = last_level_pid(current->pgid);
>>
>> + if (!list_empty(&top_pid_ns->children))
>> + return;
>> +
>> pr_info("Restoring %d to %d pgid\n", vpid(current), my_pgid);
>>
>> pgid = getpgrp();
>> diff --git a/criu/include/namespaces.h b/criu/include/namespaces.h
>> index d8126eb5..068d9e66 100644
>> --- a/criu/include/namespaces.h
>> +++ b/criu/include/namespaces.h
>> @@ -39,7 +39,7 @@
>> #define CLONE_ALLNS (CLONE_NEWPID | CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWUTS | CLONE_NEWNS | CLONE_NEWUSER | CLONE_NEWCGROUP)
>>
>> /* Nested namespaces are supported only for these types */
>> -#define CLONE_SUBNS (CLONE_NEWNS | CLONE_NEWNET | CLONE_NEWUSER)
>> +#define CLONE_SUBNS (CLONE_NEWNS | CLONE_NEWNET | CLONE_NEWUSER | CLONE_NEWPID)
>>
>> #define MAX_NS_NESTING 32
>> #define EXTRA_SIZE 20
>> diff --git a/criu/pstree.c b/criu/pstree.c
>> index 09a7ac8c..f3492010 100644
>> --- a/criu/pstree.c
>> +++ b/criu/pstree.c
>> @@ -858,6 +858,8 @@ static int prepare_pstree_ids(void)
>> struct pstree_item *item, *child, *helper, *tmp;
>> LIST_HEAD(helpers);
>>
>> + if (!list_empty(&top_pid_ns->children))
>> + return 0;
>> pid_t current_pgid = getpgid(getpid());
>>
>> /*
>> diff --git a/test/zdtm/static/tun.desc b/test/zdtm/static/tun.desc
>> index 8c7cfe86..eac32c2d 100644
>> --- a/test/zdtm/static/tun.desc
>> +++ b/test/zdtm/static/tun.desc
>> @@ -1 +1 @@
>> -{'flavor': 'ns uns', 'flags': 'suid', 'feature': 'tun'}
>> +{'flavor': 'ns uns', 'flags': 'suid noauto', 'feature': 'tun'}
>>
More information about the CRIU
mailing list