[CRIU] [PATCH 0/3] tun: Check that net ns of tun device is dumped
Andrei Vagin
avagin at virtuozzo.com
Thu Mar 1 20:56:11 MSK 2018
On Thu, Mar 01, 2018 at 11:16:25AM +0300, Kirill Tkhai wrote:
> On 28.02.2018 23:20, Andrei Vagin wrote:
> > On Mon, Feb 19, 2018 at 03:15:53PM +0300, Kirill Tkhai wrote:
> >> This patchset makes dump code to check, that net is related
> >> to one of net namespaces, we already collected. If it's not,
> >> dump will fail like we do that for plain sockets.
> >
> > But it isn't enought to dump tun devices from a non-root netns, isn't
> > it?
>
> Yes, but it isn't implemented in criu, and it needs more changes.
> It's a fix for stable.
>
> We may add one more patch like "tun: Check that net ns of tun device is root net ns",
> to be safe in criu-dev.
I would like to have patches like "tun: add supported for multible net
namespaces." ;)
>
> >>
> >> This patchset requires patch "tun: Add ioctl() SIOCGSKNS cmd
> >> to allow obtaining net ns of tun device" from net-next:
> >>
> >> https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=f2780d6d74756bc1d7ba32ff3dd0de4afd7c7e1e
> >>
> >> ---
> >>
> >> Kirill Tkhai (3):
> >> net: Extrack ioctl() call from kerndat_socket_netns()
> >> tun: Check tun has ioctl() cmd SIOCGSKNS
> >> tun: Check that net ns of tun device is dumped
> >>
> >>
> >> criu/include/kerndat.h | 1 +
> >> criu/include/net.h | 1 +
> >> criu/include/tun.h | 1 +
> >> criu/kerndat.c | 3 +++
> >> criu/net.c | 26 +++++++++++++++-----------
> >> criu/tun.c | 23 +++++++++++++++++++++++
> >> 6 files changed, 44 insertions(+), 11 deletions(-)
> >>
> >> --
> >> Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
More information about the CRIU
mailing list