[CRIU] [PATCH] net: Call ip[6]tables-restore with -w parameter

Kirill Tkhai ktkhai at virtuozzo.com
Tue Sep 26 20:49:27 MSK 2017


New ip[6]tables-restore utils has this parameter,
which allows to wait for xtables lock, if it's
occupied. When they don't wait, then the restore
of iptables fails.

Old versions just ignore this parameter
with error in stderr, but it does not make them
fail. So, pass it unconditionally.

Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 criu/net.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/criu/net.c b/criu/net.c
index 68296c8a5..cb8f9dfd3 100644
--- a/criu/net.c
+++ b/criu/net.c
@@ -1973,7 +1973,7 @@ static inline int restore_iptables(int pid)
 
 	img = open_image(CR_FD_IPTABLES, O_RSTR, pid);
 	if (img) {
-		ret = run_iptables_tool("iptables-restore", img_raw_fd(img), -1);
+		ret = run_iptables_tool("iptables-restore -w", img_raw_fd(img), -1);
 		close_image(img);
 	}
 	if (ret)
@@ -1985,7 +1985,7 @@ static inline int restore_iptables(int pid)
 	if (empty_image(img))
 		goto out;
 
-	ret = run_iptables_tool("ip6tables-restore", img_raw_fd(img), -1);
+	ret = run_iptables_tool("ip6tables-restore -w", img_raw_fd(img), -1);
 out:
 	close_image(img);
 



More information about the CRIU mailing list