[Devel] Re: [PATCH RFC] refuse c/r with nested network namespaces
Oren Laadan
orenl at cs.columbia.edu
Tue Dec 22 16:48:47 PST 2009
For v19-rc3.
Serge E. Hallyn wrote:
> ...because we can't restore network devices in private
> namespaces anyway. This leaves userspace to set up
> network devices however it wants at restart, and leaves
> it free to restart the application either in the global
> or a private (configured) network namespace.
>
> Signed-off-by: Serge E. Hallyn <serue at us.ibm.com>
> ---
> kernel/nsproxy.c | 7 +++++++
> 1 files changed, 7 insertions(+), 0 deletions(-)
>
> diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c
> index c91b725..851777a 100644
> --- a/kernel/nsproxy.c
> +++ b/kernel/nsproxy.c
> @@ -291,6 +291,13 @@ static int do_checkpoint_ns(struct ckpt_ctx *ctx, struct nsproxy *nsproxy)
>
> /* TODO: Write other namespaces here */
>
> + /* We do not support >1 private netns */
> + ret = -EINVAL;
> + if (nsproxy->net_ns != ctx->root_nsproxy->net_ns) {
> + ckpt_err(ctx, ret, "%(T)Nested net_ns unsupported\n");
> + goto out;
> + }
> +
> ret = ckpt_write_obj(ctx, &h->h);
> out:
> ckpt_hdr_put(ctx, h);
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list