net: add support for "net/core/*" sysctls

Details

Message ID	1555410131-1588-1-git-send-email-jan.dakinevich@virtuozzo.com
State	New
Series	"net: add support for "net/core/*" sysctls"
Headers	show Delivered-To: criupatchwork@gmail.com Received-SPF: pass (google.com: domain of devel-bounces@openvz.org designates 185.231.241.50 as permitted sender) client-ip=185.231.241.50; Received-SPF: Pass (protection.outlook.com: domain of virtuozzo.com designates 185.231.240.75 as permitted sender) receiver=protection.outlook.com; client-ip=185.231.240.75; helo=relay.sw.ru; From: Jan Dakinevich <jan.dakinevich@virtuozzo.com> To: <devel@openvz.org>, <vzlin-dev@virtuozzo.com> Date: Tue, 16 Apr 2019 13:22:11 +0300 Message-ID: <1555410131-1588-1-git-send-email-jan.dakinevich@virtuozzo.com> MIME-Version: 1.0 Cc: Kirill Gorkunov <kgorkunov@virtuozzo.com>, Denis Lunev <den@virtuozzo.com> Subject: [Devel] [PATCH] net: add support for "net/core/*" sysctls Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: devel-bounces@openvz.org Errors-To: devel-bounces@openvz.org

Message ID

1555410131-1588-1-git-send-email-jan.dakinevich@virtuozzo.com

State

New

Series

"net: add support for "net/core/*" sysctls"

Headers

show

Delivered-To: criupatchwork@gmail.com
Received: from gmail-imap.l.google.com [74.125.131.108]
	by patchwork.criu.org with IMAP (fetchmail-6.3.26)
	for <root@localhost> (single-drop);
	Thu, 18 Apr 2019 13:50:07 +0200 (CEST)
Received: by 2002:a6b:4016:0:0:0:0:0 with SMTP id k22csp3907103ioa; Tue, 16
	Apr 2019 03:24:38 -0700 (PDT)
X-Google-Smtp-Source: APXvYqx7r3o8TcBaep68Hou20MBjSLX2sbizeUGCYmui5+muONrscQ2EFkHNkd21MzzdMl6ItMsP
X-Received: by 2002:a17:902:8a81:: with SMTP id
	p1mr82166386plo.106.1555410278328;
	Tue, 16 Apr 2019 03:24:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1555410278; cv=none; d=google.com;
	s=arc-20160816;
	b=bLNnifZCv5f84OMyImzxLDoxXSoK2OKQzU/ji1C+3fC13EcrpGP1owQ8U8vKwuqWrn
	AG2FnIOE55WeHOxyhdPWlN5ehRB8Cj+THnFAYsqUhth1k6WC4HcX5F6kGL7rhv6n1qRO
	DCkwldqHAz/0L2z4rRR2SF5wDbPgV6nU0M338F9edAkH0Q50qurMCw/4ZmK1AOO4oe9m
	vfj7g3tJLrpBYzyoMSaTQmkobA6dnBvPqY1zaLROWjNajfVIRXX50o4QWSq/n4K2rT5M
	WgpuXTsVtf4CMwOiclIrdDn5ovHDiyzIh9TZscnZstLPzPCabBXHNVIGCHojRlIpokcA
	DeJA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=errors-to:sender:content-transfer-encoding:list-subscribe:list-help
	:list-post:list-archive:list-unsubscribe:list-id:precedence:subject
	:cc:mime-version:message-id:date:to:from;
	bh=L/y35nHmmAzK/HMa5D3r+Fc/qW52/ACwooOUdHCg7l0=;
	b=oC65+J80LqzUnNjz29notTudM0T7aGrchKjiii0oRJ4Mi+7T5e0ftRIzTO/IXy04D9
	O9/XRA1b0sb1g+BkuPfuVUfa5Xzo0VYS6UsMKW5oPK43IetoJIEv6nfBoIdrGRZJ3AlX
	KMz5uOkLEEr3CqzDlPv/O6lV+A07+gzdVNqC4UakV1R8+AFZTWulYdh3PUrQT8b5A0ZT
	GKGGBlNE892l0v2b2YMjRS3jrN4m0BcEyBduAw60tdWfes1RuLUFXvO8qO+N/nT+f3ei
	7VXs6covBgY6MAtQgwEgoYGfK3urKNRT9+IsESizV4dJpRviQOTYWx/qBlIwVCjVDBma
	7h7w==
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain
	of devel-bounces@openvz.org designates
	185.231.241.50 as permitted sender)
	smtp.mailfrom=devel-bounces@openvz.org;
	dmarc=fail (p=NONE sp=NONE dis=NONE)
	header.from=virtuozzo.com
Return-Path: <devel-bounces@openvz.org>
Received: from mail.openvz.org (mail.openvz.org. [185.231.241.50]) by
	mx.google.com with ESMTPS id 133si51932011pfu.82.2019.04.16.03.24.35
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 16 Apr 2019 03:24:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of devel-bounces@openvz.org designates
	185.231.241.50 as permitted sender) client-ip=185.231.241.50;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
	devel-bounces@openvz.org designates 185.231.241.50 as permitted
	sender) smtp.mailfrom=devel-bounces@openvz.org;
	dmarc=fail (p=NONE sp=NONE dis=NONE)
	header.from=virtuozzo.com
Received: from localhost.localdomain (localhost [127.0.0.1]) by
	mail.openvz.org (8.14.4/8.14.4) with ESMTP id x3GAMGET029732;
	Tue, 16 Apr 2019 13:22:25 +0300
Received: from EUR01-VE1-obe.outbound.protection.outlook.com
	(mail-ve1eur01lp2059.outbound.protection.outlook.com [104.47.1.59])
	by mail.openvz.org (8.14.4/8.14.4) with ESMTP id x3GAMDcZ029729 for
	<devel@openvz.org>; Tue, 16 Apr 2019 13:22:13 +0300
Received: from VI1PR08CA0174.eurprd08.prod.outlook.com (10.175.227.28) by
	AM0PR08MB5091.eurprd08.prod.outlook.com (10.255.30.28) with Microsoft
	SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.1792.16; Tue, 16 Apr 2019 10:22:14 +0000
Received: from DB5EUR01FT062.eop-EUR01.prod.protection.outlook.com
	(2a01:111:f400:7e02::203) by VI1PR08CA0174.outlook.office365.com
	(2603:10a6:800:d1::28) with Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1813.12 via
	Frontend Transport; Tue, 16 Apr 2019 10:22:13 +0000
Authentication-Results: spf=pass (sender IP is 185.231.240.75)
	smtp.mailfrom=virtuozzo.com; openvz.org;
	dkim=none (message not signed)
	header.d=none; openvz.org;
	dmarc=pass action=none header.from=virtuozzo.com; 
Received-SPF: Pass (protection.outlook.com: domain of virtuozzo.com
	designates
	185.231.240.75 as permitted sender) receiver=protection.outlook.com; 
	client-ip=185.231.240.75; helo=relay.sw.ru;
Received: from relay.sw.ru (185.231.240.75) by
	DB5EUR01FT062.mail.protection.outlook.com (10.152.5.167) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.1771.16 via Frontend Transport; Tue, 16 Apr 2019 10:22:13 +0000
Received: from [172.16.24.175] (helo=work.sw.ru) by relay.sw.ru with esmtp
	(Exim 4.91) (envelope-from <jan.dakinevich@virtuozzo.com>) id
	1hGLEC-00073p-3d; Tue, 16 Apr 2019 13:22:12 +0300
From: Jan Dakinevich <jan.dakinevich@virtuozzo.com>
To: <devel@openvz.org>, <vzlin-dev@virtuozzo.com>
Date: Tue, 16 Apr 2019 13:22:11 +0300
Message-ID: <1555410131-1588-1-git-send-email-jan.dakinevich@virtuozzo.com>
X-Mailer: git-send-email 2.1.4
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: SFV:SKI; SFV:SKN; SFS:; DIR:INB; SFP:; SCL:-1; 
	SRVR:AM0PR08MB5091; H:relay.sw.ru; FPR:;
	SPF:None; LANG:en; 
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: a0f011df-2ba3-4f10-81e4-08d6c255646e
X-Microsoft-Antispam: BCL:0; PCL:0;
	RULEID:(2390118)(7020095)(4652040)(8989299)(5600140)(711020)(4605104)(4709054)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328);
	SRVR:AM0PR08MB5091;
X-MS-TrafficTypeDiagnostic: AM0PR08MB5091:
X-MS-Exchange-PUrlCount: 1
X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?3jeGlIdiVqtC402vji+8k5Bo58ccGVGOIF52zPuTzeppIggvNoX50TnfsiVt?=
	=?us-ascii?Q?HIq2iGrm3c8NPBockb5v8L9K7q5mO2+9e0NuoqnKFtTLrxAwULfKaR/xBBij?=
	=?us-ascii?Q?BnFUMIHfhVvLaJ91STXMxKcBA4TCTjkzmSerRqzRbC88cJqO/VhqsnBSxpB5?=
	=?us-ascii?Q?OTsRnF1MrtINL3Omw5tAcNazrC4+iFBE4fPJ/Oa8NIOro8y5EkDSfImMOKx/?=
	=?us-ascii?Q?Hszb9/2BIC7dcq6o0rtq0Pmj7DfH3Gk1rEJvOuqzePfykTL56/fi6EcFLcZg?=
	=?us-ascii?Q?HHW8+2JGzXDsG2paQkBxCgJfML8oYkbgjU9iDG6Xu3qyIicDAJ6fl0vX+9Oy?=
	=?us-ascii?Q?PEgMPKRDynJt3GqOogQCvGPJP4uRG3TmFlhZZzRp6OCguDMlai/vnfDwWzHn?=
	=?us-ascii?Q?AUgt99DJH05Gsq/8Comp432MIuEgdddHpLNc+4k2NjE6v6kWpKKrFj2jkUb1?=
	=?us-ascii?Q?ENw1pCVU9tQg3NJlJJ9wGKLConAtp6xu1ZCNn54by+eMH/9DFUUithlHvE9t?=
	=?us-ascii?Q?zDmitmURHZhZ0leeVNAWIySq+ig+eH2lJqxSw5FOk80ie8Ugpi4U1QPJLZWB?=
	=?us-ascii?Q?MI4JEKhnPPIGwdqls42yEXPyRCZS3moLsVd6waI2WkwvvtNaJrhk0aFE9ihk?=
	=?us-ascii?Q?cdFUZ+b6dDNUZJweVRFTMef8KEXnrZY2E/Penk1jd3ay18WYO5r6D94VeSam?=
	=?us-ascii?Q?ZBOcBNMGjeHqH4psW584ELoLR5nxY0YndN35hEGusRR6h1wb6/RzWkRoT+DD?=
	=?us-ascii?Q?oy1ly8qwWoal8lzE3eGoE1XCQ67r61EZkq1t87ENYx4y4Vl71fRWoq21GrlQ?=
	=?us-ascii?Q?R2hE76EiqfgGnyVBEwDecVdcMj0RlHnEGr5P4ZVQhJ72UczFABTIp3uiyL16?=
	=?us-ascii?Q?682jTdb3QaS0XueGJ/ZqBGyNRjx2vhk+wEkSuMEHWsldP6hEOsWimby1STeL?=
	=?us-ascii?Q?yFPuP/RQmR+TFrWgn3/4i3G63f5g/4d8QVWQuEJsB9Wwg6hsZL3swwk+KvRO?=
	=?us-ascii?Q?O9ZB?=
X-OriginatorOrg: virtuozzo.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Apr 2019 10:22:13.2316
	(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: a0f011df-2ba3-4f10-81e4-08d6c255646e
X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=0bc7f26d-0264-416e-a6fc-8352af79c58f; 
	Ip=[185.231.240.75]; Helo=[relay.sw.ru]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB5091
X-MS-Exchange-CrossPremises-OriginalClientIPAddress: 185.231.240.75
X-MS-Exchange-CrossPremises-SCL: -1
X-MS-Exchange-CrossPremises-AuthSource: DB5EUR01FT062.eop-EUR01.prod.protection.outlook.com
X-MS-Exchange-CrossPremises-AuthAs: Anonymous
X-MS-Exchange-CrossPremises-TransportTrafficType: Email
X-MS-Exchange-CrossPremises-TransportTrafficSubType: 
X-MS-Exchange-CrossPremises-Antispam-ScanContext: DIR:Originating; SFV:SKN; 
	SKIP:0;
X-MS-Exchange-CrossPremises-Processed-By-Journaling: Journal Agent
X-OrganizationHeadersPreserved: AM0PR08MB5091.eurprd08.prod.outlook.com
Cc: Kirill Gorkunov <kgorkunov@virtuozzo.com>,
	Denis Lunev <den@virtuozzo.com>
Subject: [Devel] [PATCH] net: add support for "net/core/*" sysctls
X-BeenThere: devel@openvz.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OpenVZ development <devel.openvz.org>
List-Unsubscribe: <https://lists.openvz.org/mailman/options/devel>,
	<mailto:devel-request@openvz.org?subject=unsubscribe>
List-Archive: <http://lists.openvz.org/pipermail/devel/>
List-Post: <mailto:devel@openvz.org>
List-Help: <mailto:devel-request@openvz.org?subject=help>
List-Subscribe: <https://lists.openvz.org/mailman/listinfo/devel>,
	<mailto:devel-request@openvz.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: devel-bounces@openvz.org
Errors-To: devel-bounces@openvz.org

Commit Message

Jan Dakinevich April 16, 2019, 10:22 a.m.

- handle 'somaxconn' option.

https://jira.sw.ru/browse/PSBM-91415
Signed-off-by: Jan Dakinevich <jan.dakinevich@virtuozzo.com>
---
 criu/net.c          | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
 images/netdev.proto |  2 ++
 2 files changed, 81 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/criu/net.c b/criu/net.c
index 3eebf48..6aa8bc6 100644
--- a/criu/net.c
+++ b/criu/net.c
@@ -334,6 +334,61 @@  static int ipv6_conf_op(char *tgt, SysctlEntry **conf, int n, int op, SysctlEntr
 			devconfs6, def_conf);
 }
 
+static char *coreconfs[] = {
+	"somaxconn",
+};
+
+static int core_conf_op(SysctlEntry **conf, int n, int op)
+{
+	struct sysctl_req req[ARRAY_SIZE(coreconfs)];
+	char path[ARRAY_SIZE(coreconfs)][256];
+	SysctlEntry *rconf[ARRAY_SIZE(coreconfs)];
+	int ret = 0;
+	int i, ri;
+
+	if (n > ARRAY_SIZE(coreconfs))
+		pr_warn("The image contains unknown sysctl-s\n");
+
+	for (i = 0, ri = 0; i < ARRAY_SIZE(coreconfs); i++) {
+		if (i >= n) {
+			pr_warn("Skip %s\n", coreconfs[i]);
+			continue;
+		}
+
+		if (conf[i]->type != SYSCTL_TYPE__CTL_32)
+			continue;
+		if (op == CTL_WRITE && !conf[i]->has_iarg)
+			continue;
+
+		snprintf(path[i], sizeof(path[i]), "net/core/%s", coreconfs[i]);
+		req[ri].name = path[i];
+		req[ri].type = CTL_32;
+		req[ri].arg = &conf[i]->iarg;
+		if (op == CTL_READ || opts.weak_sysctls)
+			req[ri].flags = CTL_FLAGS_OPTIONAL;
+		else
+			req[ri].flags = 0;
+
+		rconf[ri] = conf[i];
+		ri++;
+	}
+
+	ret = sysctl_op(req, ri, op, CLONE_NEWNET);
+	if (ret < 0) {
+		pr_err("Failed to %s\n", (op == CTL_READ ? "read" : "write"));
+		return ret;
+	}
+
+	if (op == CTL_READ) {
+		for (i = 0; i < ri; i++) {
+			if (req[i].flags & CTL_FLAGS_HAS)
+				rconf[i]->has_iarg = true;
+		}
+	}
+
+	return ret;
+}
+
 /*
  * I case if some entry is missing in
  * the kernel, simply write DEVCONFS_UNUSED
@@ -1827,6 +1882,8 @@  static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
 	char all_stable_secret[MAX_STR_CONF_LEN + 1] = {};
 	NetnsId	*ids;
 	struct netns_id *p;
+	int core_size = ARRAY_SIZE(coreconfs);
+	SysctlEntry *core_confs = NULL;
 
 	i = 0;
 	list_for_each_entry(p, &ns->net.ids, node)
@@ -1835,7 +1892,8 @@  static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
 	o_buf = buf = xmalloc(
 			i * (sizeof(NetnsId*) + sizeof(NetnsId)) +
 			size4 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2 +
-			size6 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2
+			size6 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2 +
+			core_size * (sizeof(SysctlEntry*) + sizeof(SysctlEntry))
 		     );
 	if (!buf)
 		goto out;
@@ -1891,6 +1949,16 @@  static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
 		}
 	}
 
+	netns.n_core_conf = core_size;
+	netns.core_conf = xptr_pull_s(&buf, core_size * sizeof(SysctlEntry*));
+	core_confs = xptr_pull_s(&buf, core_size * sizeof(SysctlEntry));
+
+	for (i = 0; i < core_size; i++) {
+		sysctl_entry__init(&core_confs[i]);
+		netns.core_conf[i] = &core_confs[i];
+		netns.core_conf[i]->type = CTL_32;
+	}
+
 	ret = ipv4_conf_op("default", netns.def_conf4, size4, CTL_READ, NULL);
 	if (ret < 0)
 		goto err_free;
@@ -1905,6 +1973,10 @@  static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
 	if (ret < 0)
 		goto err_free;
 
+	ret = core_conf_op(netns.core_conf, core_size, CTL_READ);
+	if (ret < 0)
+		goto err_free;
+
 	ret = pb_write_one(img_from_set(fds, CR_FD_NETNS), &netns, PB_NETNS);
 err_free:
 	xfree(o_buf);
@@ -2114,6 +2186,12 @@  static int restore_netns_conf(struct ns_id *ns)
 		ret = ipv6_conf_op("default", (netns)->def_conf6, (netns)->n_def_conf6, CTL_WRITE, NULL);
 	}
 
+	if ((netns)->core_conf) {
+		ret = core_conf_op((netns)->core_conf, (netns)->n_core_conf, CTL_WRITE);
+		if (ret)
+			goto out;
+	}
+
 	ns->net.netns = netns;
 out:
 	return ret;
diff --git a/images/netdev.proto b/images/netdev.proto
index 476a92c..7b9ab8d 100644
--- a/images/netdev.proto
+++ b/images/netdev.proto
@@ -71,4 +71,6 @@  message netns_entry {
 
 	repeated netns_id nsids		= 7;
 	optional string	ext_key		= 8;
+
+	repeated sysctl_entry core_conf	= 9;
 }

Comments

Pavel Tikhomirov April 17, 2019, 8:40 a.m.

Looks good to me except for a small naming confusion, e.g. ipv6_conf_op 
was named for "/proc/sys/net/ipv6/conf/" path to it, but in 
"/proc/sys/net/core" we don't have any conf, though we have coreconfs, 
core_conf_op, also arrays rconf and conf, and image field core_conf =). 
Think we can leave as is.

Reviewed-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>

On 4/16/19 1:22 PM, Jan Dakinevich wrote:
>   - handle 'somaxconn' option.
> 
> https://jira.sw.ru/browse/PSBM-91415
> Signed-off-by: Jan Dakinevich <jan.dakinevich@virtuozzo.com>
> ---
>   criu/net.c          | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
>   images/netdev.proto |  2 ++
>   2 files changed, 81 insertions(+), 1 deletion(-)
> 
> diff --git a/criu/net.c b/criu/net.c
> index 3eebf48..6aa8bc6 100644
> --- a/criu/net.c
> +++ b/criu/net.c
> @@ -334,6 +334,61 @@ static int ipv6_conf_op(char *tgt, SysctlEntry **conf, int n, int op, SysctlEntr
>   			devconfs6, def_conf);
>   }
>   
> +static char *coreconfs[] = {
> +	"somaxconn",
> +};
> +
> +static int core_conf_op(SysctlEntry **conf, int n, int op)
> +{
> +	struct sysctl_req req[ARRAY_SIZE(coreconfs)];
> +	char path[ARRAY_SIZE(coreconfs)][256];
> +	SysctlEntry *rconf[ARRAY_SIZE(coreconfs)];
> +	int ret = 0;
> +	int i, ri;
> +
> +	if (n > ARRAY_SIZE(coreconfs))
> +		pr_warn("The image contains unknown sysctl-s\n");
> +
> +	for (i = 0, ri = 0; i < ARRAY_SIZE(coreconfs); i++) {
> +		if (i >= n) {
> +			pr_warn("Skip %s\n", coreconfs[i]);
> +			continue;
> +		}
> +
> +		if (conf[i]->type != SYSCTL_TYPE__CTL_32)
> +			continue;
> +		if (op == CTL_WRITE && !conf[i]->has_iarg)
> +			continue;
> +
> +		snprintf(path[i], sizeof(path[i]), "net/core/%s", coreconfs[i]);
> +		req[ri].name = path[i];
> +		req[ri].type = CTL_32;
> +		req[ri].arg = &conf[i]->iarg;
> +		if (op == CTL_READ || opts.weak_sysctls)
> +			req[ri].flags = CTL_FLAGS_OPTIONAL;
> +		else
> +			req[ri].flags = 0;
> +
> +		rconf[ri] = conf[i];
> +		ri++;
> +	}
> +
> +	ret = sysctl_op(req, ri, op, CLONE_NEWNET);
> +	if (ret < 0) {
> +		pr_err("Failed to %s\n", (op == CTL_READ ? "read" : "write"));
> +		return ret;
> +	}
> +
> +	if (op == CTL_READ) {
> +		for (i = 0; i < ri; i++) {
> +			if (req[i].flags & CTL_FLAGS_HAS)
> +				rconf[i]->has_iarg = true;
> +		}
> +	}
> +
> +	return ret;
> +}
> +
>   /*
>    * I case if some entry is missing in
>    * the kernel, simply write DEVCONFS_UNUSED
> @@ -1827,6 +1882,8 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>   	char all_stable_secret[MAX_STR_CONF_LEN + 1] = {};
>   	NetnsId	*ids;
>   	struct netns_id *p;
> +	int core_size = ARRAY_SIZE(coreconfs);
> +	SysctlEntry *core_confs = NULL;
>   
>   	i = 0;
>   	list_for_each_entry(p, &ns->net.ids, node)
> @@ -1835,7 +1892,8 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>   	o_buf = buf = xmalloc(
>   			i * (sizeof(NetnsId*) + sizeof(NetnsId)) +
>   			size4 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2 +
> -			size6 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2
> +			size6 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2 +
> +			core_size * (sizeof(SysctlEntry*) + sizeof(SysctlEntry))
>   		     );
>   	if (!buf)
>   		goto out;
> @@ -1891,6 +1949,16 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>   		}
>   	}
>   
> +	netns.n_core_conf = core_size;
> +	netns.core_conf = xptr_pull_s(&buf, core_size * sizeof(SysctlEntry*));
> +	core_confs = xptr_pull_s(&buf, core_size * sizeof(SysctlEntry));
> +
> +	for (i = 0; i < core_size; i++) {
> +		sysctl_entry__init(&core_confs[i]);
> +		netns.core_conf[i] = &core_confs[i];
> +		netns.core_conf[i]->type = CTL_32;
> +	}
> +
>   	ret = ipv4_conf_op("default", netns.def_conf4, size4, CTL_READ, NULL);
>   	if (ret < 0)
>   		goto err_free;
> @@ -1905,6 +1973,10 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>   	if (ret < 0)
>   		goto err_free;
>   
> +	ret = core_conf_op(netns.core_conf, core_size, CTL_READ);
> +	if (ret < 0)
> +		goto err_free;
> +
>   	ret = pb_write_one(img_from_set(fds, CR_FD_NETNS), &netns, PB_NETNS);
>   err_free:
>   	xfree(o_buf);
> @@ -2114,6 +2186,12 @@ static int restore_netns_conf(struct ns_id *ns)
>   		ret = ipv6_conf_op("default", (netns)->def_conf6, (netns)->n_def_conf6, CTL_WRITE, NULL);
>   	}
>   
> +	if ((netns)->core_conf) {
> +		ret = core_conf_op((netns)->core_conf, (netns)->n_core_conf, CTL_WRITE);
> +		if (ret)
> +			goto out;
> +	}
> +
>   	ns->net.netns = netns;
>   out:
>   	return ret;
> diff --git a/images/netdev.proto b/images/netdev.proto
> index 476a92c..7b9ab8d 100644
> --- a/images/netdev.proto
> +++ b/images/netdev.proto
> @@ -71,4 +71,6 @@ message netns_entry {
>   
>   	repeated netns_id nsids		= 7;
>   	optional string	ext_key		= 8;
> +
> +	repeated sysctl_entry core_conf	= 9;
>   }
>

Pavel Tikhomirov April 17, 2019, 8:46 a.m.

One more thing, we likely need a test for it to zdtm, something like 
test/zdtm/static/netns-dev.c

On 4/17/19 11:40 AM, Pavel Tikhomirov wrote:
> Looks good to me except for a small naming confusion, e.g. ipv6_conf_op
> was named for "/proc/sys/net/ipv6/conf/" path to it, but in
> "/proc/sys/net/core" we don't have any conf, though we have coreconfs,
> core_conf_op, also arrays rconf and conf, and image field core_conf =).
> Think we can leave as is.
> 
> Reviewed-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
> 
> On 4/16/19 1:22 PM, Jan Dakinevich wrote:
>>    - handle 'somaxconn' option.
>>
>> https://jira.sw.ru/browse/PSBM-91415
>> Signed-off-by: Jan Dakinevich <jan.dakinevich@virtuozzo.com>
>> ---
>>    criu/net.c          | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
>>    images/netdev.proto |  2 ++
>>    2 files changed, 81 insertions(+), 1 deletion(-)
>>
>> diff --git a/criu/net.c b/criu/net.c
>> index 3eebf48..6aa8bc6 100644
>> --- a/criu/net.c
>> +++ b/criu/net.c
>> @@ -334,6 +334,61 @@ static int ipv6_conf_op(char *tgt, SysctlEntry **conf, int n, int op, SysctlEntr
>>    			devconfs6, def_conf);
>>    }
>>    
>> +static char *coreconfs[] = {
>> +	"somaxconn",
>> +};
>> +
>> +static int core_conf_op(SysctlEntry **conf, int n, int op)
>> +{
>> +	struct sysctl_req req[ARRAY_SIZE(coreconfs)];
>> +	char path[ARRAY_SIZE(coreconfs)][256];
>> +	SysctlEntry *rconf[ARRAY_SIZE(coreconfs)];
>> +	int ret = 0;
>> +	int i, ri;
>> +
>> +	if (n > ARRAY_SIZE(coreconfs))
>> +		pr_warn("The image contains unknown sysctl-s\n");
>> +
>> +	for (i = 0, ri = 0; i < ARRAY_SIZE(coreconfs); i++) {
>> +		if (i >= n) {
>> +			pr_warn("Skip %s\n", coreconfs[i]);
>> +			continue;
>> +		}
>> +
>> +		if (conf[i]->type != SYSCTL_TYPE__CTL_32)
>> +			continue;
>> +		if (op == CTL_WRITE && !conf[i]->has_iarg)
>> +			continue;
>> +
>> +		snprintf(path[i], sizeof(path[i]), "net/core/%s", coreconfs[i]);
>> +		req[ri].name = path[i];
>> +		req[ri].type = CTL_32;
>> +		req[ri].arg = &conf[i]->iarg;
>> +		if (op == CTL_READ || opts.weak_sysctls)
>> +			req[ri].flags = CTL_FLAGS_OPTIONAL;
>> +		else
>> +			req[ri].flags = 0;
>> +
>> +		rconf[ri] = conf[i];
>> +		ri++;
>> +	}
>> +
>> +	ret = sysctl_op(req, ri, op, CLONE_NEWNET);
>> +	if (ret < 0) {
>> +		pr_err("Failed to %s\n", (op == CTL_READ ? "read" : "write"));
>> +		return ret;
>> +	}
>> +
>> +	if (op == CTL_READ) {
>> +		for (i = 0; i < ri; i++) {
>> +			if (req[i].flags & CTL_FLAGS_HAS)
>> +				rconf[i]->has_iarg = true;
>> +		}
>> +	}
>> +
>> +	return ret;
>> +}
>> +
>>    /*
>>     * I case if some entry is missing in
>>     * the kernel, simply write DEVCONFS_UNUSED
>> @@ -1827,6 +1882,8 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>>    	char all_stable_secret[MAX_STR_CONF_LEN + 1] = {};
>>    	NetnsId	*ids;
>>    	struct netns_id *p;
>> +	int core_size = ARRAY_SIZE(coreconfs);
>> +	SysctlEntry *core_confs = NULL;
>>    
>>    	i = 0;
>>    	list_for_each_entry(p, &ns->net.ids, node)
>> @@ -1835,7 +1892,8 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>>    	o_buf = buf = xmalloc(
>>    			i * (sizeof(NetnsId*) + sizeof(NetnsId)) +
>>    			size4 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2 +
>> -			size6 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2
>> +			size6 * (sizeof(SysctlEntry*) + sizeof(SysctlEntry)) * 2 +
>> +			core_size * (sizeof(SysctlEntry*) + sizeof(SysctlEntry))
>>    		     );
>>    	if (!buf)
>>    		goto out;
>> @@ -1891,6 +1949,16 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>>    		}
>>    	}
>>    
>> +	netns.n_core_conf = core_size;
>> +	netns.core_conf = xptr_pull_s(&buf, core_size * sizeof(SysctlEntry*));
>> +	core_confs = xptr_pull_s(&buf, core_size * sizeof(SysctlEntry));
>> +
>> +	for (i = 0; i < core_size; i++) {
>> +		sysctl_entry__init(&core_confs[i]);
>> +		netns.core_conf[i] = &core_confs[i];
>> +		netns.core_conf[i]->type = CTL_32;
>> +	}
>> +
>>    	ret = ipv4_conf_op("default", netns.def_conf4, size4, CTL_READ, NULL);
>>    	if (ret < 0)
>>    		goto err_free;
>> @@ -1905,6 +1973,10 @@ static int dump_netns_conf(struct ns_id *ns, struct cr_imgset *fds)
>>    	if (ret < 0)
>>    		goto err_free;
>>    
>> +	ret = core_conf_op(netns.core_conf, core_size, CTL_READ);
>> +	if (ret < 0)
>> +		goto err_free;
>> +
>>    	ret = pb_write_one(img_from_set(fds, CR_FD_NETNS), &netns, PB_NETNS);
>>    err_free:
>>    	xfree(o_buf);
>> @@ -2114,6 +2186,12 @@ static int restore_netns_conf(struct ns_id *ns)
>>    		ret = ipv6_conf_op("default", (netns)->def_conf6, (netns)->n_def_conf6, CTL_WRITE, NULL);
>>    	}
>>    
>> +	if ((netns)->core_conf) {
>> +		ret = core_conf_op((netns)->core_conf, (netns)->n_core_conf, CTL_WRITE);
>> +		if (ret)
>> +			goto out;
>> +	}
>> +
>>    	ns->net.netns = netns;
>>    out:
>>    	return ret;
>> diff --git a/images/netdev.proto b/images/netdev.proto
>> index 476a92c..7b9ab8d 100644
>> --- a/images/netdev.proto
>> +++ b/images/netdev.proto
>> @@ -71,4 +71,6 @@ message netns_entry {
>>    
>>    	repeated netns_id nsids		= 7;
>>    	optional string	ext_key		= 8;
>> +
>> +	repeated sysctl_entry core_conf	= 9;
>>    }
>>
>

Kirill Gorkunov April 17, 2019, 8:52 a.m.

On Wed, Apr 17, 2019 at 11:46:25AM +0300, Pavel Tikhomirov wrote:
> One more thing, we likely need a test for it to zdtm, something like 
> test/zdtm/static/netns-dev.c
>

Yes, Jan, please make a test once time permit.