[CRIU] [PATCH 19/21] ns: First stage of restore pid_for_children ns

Kirill Tkhai ktkhai at virtuozzo.com
Tue May 23 05:41:17 PDT 2017


Restore it in dependence of thread numbers:
1)single-threaded -- before user_ns assignment
2)multi-threaded -- after thread creation (in next patch).

Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 criu/cr-restore.c |   26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/criu/cr-restore.c b/criu/cr-restore.c
index adeaeff5a..b3d686f3f 100644
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -456,6 +456,29 @@ static int set_pid_for_children_ns(struct ns_id *pid_ns)
 	return ret;
 }
 
+static int restore_task_pfc_before_user_ns(void)
+{
+	struct ns_id *ns;
+	uint32_t id;
+
+	if (!(root_ns_mask & CLONE_NEWPID))
+		return 0;
+	/*
+	 * One-threaded tasks should restore pid_for_children ns before
+	 * user ns assignment, when it has highest capabilities.
+	 * Multi-threaded do that after -- in each thread.
+	 */
+	if (current->nr_threads == 1)
+		id = current->ids->pid_for_children_ns_id;
+	else
+		id = current->ids->pid_ns_id;
+
+	ns = lookup_ns_by_id(id, &pid_ns_desc);
+	BUG_ON(!ns);
+
+	return set_pid_for_children_ns(ns);
+}
+
 static int setup_child_task_namespaces(struct pstree_item *item, struct ns_id **ret_pid_ns)
 {
 	struct ns_id *pid_ns;
@@ -986,6 +1009,9 @@ static int restore_one_alive_task(int pid, CoreEntry *core)
 	if (restore_task_net_ns(current))
 		return -1;
 
+	if (restore_task_pfc_before_user_ns())
+		return -1;
+
 	if (current->ids->has_user_ns_id && set_user_ns(current->ids->user_ns_id) < 0)
 		return -1;
 



More information about the CRIU mailing list