[Devel] [PATCH rh7] signal/ve: allow to send signal from another ve namespace
Andrey Ryabinin
aryabinin at virtuozzo.com
Thu Nov 12 08:11:26 PST 2015
On 11/12/2015 07:08 PM, Stanislav Kinsburskiy wrote:
>
>
> 12.11.2015 16:47, Andrey Ryabinin пишет:
>> On 11/12/2015 05:59 PM, Stanislav Kinsburskiy wrote:
>>> 12.11.2015 15:53, Andrey Wagin пишет:
>>>> 2015-11-12 17:46 GMT+03:00 Stanislav Kinsburskiу <skinsbursky at odin.com>:
>>>>> 12 нояб. 2015 г. 15:14 пользователь Andrey Ryabinin <aryabinin at virtuozzo.com> написал:
>>>>>> CRIU sends SIGKILL to container's init process as a part of
>>>>>> cleanup process if restoring failed.
>>>>>> CRIU does this from a different ve, which is currently not allowed
>>>>>> without any apparent reason.
>>>>> The reason looks very clear to me: improve namespaces isolation.
>>>>> It espesially applies to killing child reaper of another ve.
>>>>> You throwed away this check, and now it's possible to kill one container from another one.
>>>>> Or I'm missing somethig?
>>>> Each container has its own pidns, so you can't kill anyone who isn't
>>>> in this pidns.
>>> So how CRIU sends kill signal from one ve to another then?
>>>
>> AFAIK, CRIU creates it's own ve namespace, but it still operates in root pid namespace.
> Hmm, ok.
> Then nothing against this patch.
> The only thing I'm curios: for how long we have this patch? Pid namespaces are used in OpenVZ for at least last 6 years (probably more).
> When this checks appeared? Maybe there was another reason, which is just not obvious so far?
I suspect that it was just blindly ported from 2.6:
commit fd3207d650434ac82f2c897cadd5607e67f2c274
Author: Kirill Tkhai <ktkhai at parallels.com>
Date: Fri Oct 10 19:35:02 2014 +0400
ve: Ignore signals from wrong ve
Port sig_ve_ignored().
This is a part of 74-diff-ve-mix-combined.
https://jira.sw.ru/browse/PSBM-17903
Signed-off-by: Kirill Tkhai <ktkhai at parallels.com>
More information about the Devel
mailing list