Quoting Dan Smith (danms@xxxxxxxxxx): > This patch adds basic support for C/R of open INET sockets. I think that > all the important bits of the TCP and ICSK socket structures is saved, > but I think there is still some additional IPv6 stuff that needs to be > handled. > > With this patch applied, the following script can be used to demonstrate > the functionality: > > https://lists.linux-foundation.org/pipermail/containers/2009-October/021239.html > > It shows that this enables migration of a sendmail process with open > connections from one machine to another without dropping. neato > Now that listening socket support is in the c/r tree, I think it is > a good time to start fielding comments and suggestions on the > connected part, as I think lots of folks have input on how to make it > better, safer, etc. One thing: > +static int sock_inet_cptrst(struct ckpt_ctx *ctx, > + struct sock *sock, > + struct ckpt_hdr_socket_inet *hh, > + int op) > +{ > + struct inet_sock *sk = inet_sk(sock); > + struct inet_connection_sock *icsk = inet_csk(sock); > + int ret; > + > + CKPT_COPY(op, hh->daddr, sk->daddr); > + CKPT_COPY(op, hh->rcv_saddr, sk->rcv_saddr); > + CKPT_COPY(op, hh->dport, sk->dport); > + CKPT_COPY(op, hh->num, sk->num); > + CKPT_COPY(op, hh->saddr, sk->saddr); > + CKPT_COPY(op, hh->sport, sk->sport); This becomes an easy way around CAP_NET_BIND_SERVICE right? Or will that be caught by something already done in your listen patch after this step? thanks, -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
