[v2,19/21] ns: First stage of restore pid_for_children ns

Submitted by Kirill Tkhai on May 31, 2017, 5:54 p.m.

Details

Message ID 149625329347.18060.10116215565073887700.stgit@localhost.localdomain
State Accepted
Series "Add /proc/[pid]/ns/pid_for_children ns support (and fixes)"
Headers show

Commit Message

Kirill Tkhai May 31, 2017, 5:54 p.m.
Restore it in dependence of thread numbers:
1)single-threaded -- before user_ns assignment
2)multi-threaded -- after thread creation (in next patch).

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 criu/cr-restore.c |   26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

Patch hide | download patch | download mbox

diff --git a/criu/cr-restore.c b/criu/cr-restore.c
index 48b718695..184940ded 100644
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -456,6 +456,29 @@  static int set_pid_for_children_ns(struct ns_id *pid_ns)
 	return ret;
 }
 
+static int restore_task_pfc_before_user_ns(void)
+{
+	struct ns_id *ns;
+	uint32_t id;
+
+	if (!(root_ns_mask & CLONE_NEWPID))
+		return 0;
+	/*
+	 * One-threaded tasks should restore pid_for_children ns before
+	 * user ns assignment, when it has highest capabilities.
+	 * Multi-threaded do that after -- in each thread.
+	 */
+	if (current->nr_threads == 1)
+		id = current->ids->pid_for_children_ns_id;
+	else
+		id = current->ids->pid_ns_id;
+
+	ns = lookup_ns_by_id(id, &pid_ns_desc);
+	BUG_ON(!ns);
+
+	return set_pid_for_children_ns(ns);
+}
+
 static int setup_child_task_namespaces(struct pstree_item *item, struct ns_id **ret_pid_ns)
 {
 	struct ns_id *pid_ns;
@@ -986,6 +1009,9 @@  static int restore_one_alive_task(int pid, CoreEntry *core)
 	if (restore_task_net_ns(current))
 		return -1;
 
+	if (restore_task_pfc_before_user_ns())
+		return -1;
+
 	if (current->ids->has_user_ns_id && set_user_ns(current->ids->user_ns_id) < 0)
 		return -1;