[v2,25/30] net_ns: Make net_ns check in do_restore_task_net_ns more universal

Submitted by Kirill Tkhai on June 7, 2017, 11:30 a.m.

Details

Message ID 149683504015.4663.7864620446736786406.stgit@localhost.localdomain
State Accepted
Series "Support sockets leaked to child user_ns task"
Headers show

Commit Message

Kirill Tkhai June 7, 2017, 11:30 a.m.
setns() on the same net_ns is OK (just a noop),
while the task has permissions to do that.
But if the namespace is inherited from parent task,
we can't do that.

So, speedup existing cases, and support "inherited ns"
case.

v2: New

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 criu/net.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/criu/net.c b/criu/net.c
index 410a3d2a7..2e7599b7c 100644
--- a/criu/net.c
+++ b/criu/net.c
@@ -2175,7 +2175,7 @@  static int do_restore_task_net_ns(struct ns_id *nsid, struct pstree_item *curren
 {
 	int fd;
 
-	if (!(root_ns_mask & CLONE_NEWNET))
+	if (current->net_ns == nsid)
 		return 0;
 
 	fd = fdstore_get(nsid->net.nsfd_id);