The nsproxy restore path recognizes that an objref of 0 for
ipc or uts ns means don't unshare it. But the checkpoint side
forgot to write down 0 when the ipc or uts ns isn't unshared!
Fix that.
To test, run a program with a private pidns but shared utsns
which does
sleep(5);
sethostname("serge", 6);
checkpoint it, reset your hostname (if you let the program
complete), then restart the program: without this patch, it
will not reset your hostname. It should, and with this patch
it will.
Signed-off-by: Serge E. Hallyn <serue@xxxxxxxxxx>
---
kernel/nsproxy.c | 19 +++++++++++++------
1 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c
index 0da0d83..dcb502c 100644
--- a/kernel/nsproxy.c
+++ b/kernel/nsproxy.c
@@ -280,13 +280,20 @@ static int do_checkpoint_ns(struct ckpt_ctx *ctx, struct nsproxy *nsproxy)
if (!h)
return -ENOMEM;
- ret = checkpoint_obj(ctx, nsproxy->uts_ns, CKPT_OBJ_UTS_NS);
- if (ret <= 0)
- goto out;
+ ret = 0;
+ if (nsproxy->uts_ns != ctx->root_nsproxy->uts_ns) {
+ ret = checkpoint_obj(ctx, nsproxy->uts_ns, CKPT_OBJ_UTS_NS);
+ if (ret <= 0)
+ goto out;
+ }
h->uts_objref = ret;
- ret = checkpoint_obj(ctx, nsproxy->ipc_ns, CKPT_OBJ_IPC_NS);
- if (ret < 0)
- goto out;
+
+ ret = 0;
+ if (nsproxy->ipc_ns != ctx->root_nsproxy->ipc_ns) {
+ ret = checkpoint_obj(ctx, nsproxy->ipc_ns, CKPT_OBJ_IPC_NS);
+ if (ret < 0)
+ goto out;
+ }
h->ipc_objref = ret;
/* FIXME: for now, only marked visited to pacify leaks */
--
1.6.1
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/containers
