Applied.
Serge E. Hallyn wrote:
> The nsproxy restore path recognizes that an objref of 0 for
> ipc or uts ns means don't unshare it. But the checkpoint side
> forgot to write down 0 when the ipc or uts ns isn't unshared!
>
> Fix that.
>
> To test, run a program with a private pidns but shared utsns
> which does
>
> sleep(5);
> sethostname("serge", 6);
>
> checkpoint it, reset your hostname (if you let the program
> complete), then restart the program: without this patch, it
> will not reset your hostname. It should, and with this patch
> it will.
>
> Signed-off-by: Serge E. Hallyn <serue@xxxxxxxxxx>
> ---
> kernel/nsproxy.c | 19 +++++++++++++------
> 1 files changed, 13 insertions(+), 6 deletions(-)
>
> diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c
> index 0da0d83..dcb502c 100644
> --- a/kernel/nsproxy.c
> +++ b/kernel/nsproxy.c
> @@ -280,13 +280,20 @@ static int do_checkpoint_ns(struct ckpt_ctx *ctx, struct nsproxy *nsproxy)
> if (!h)
> return -ENOMEM;
>
> - ret = checkpoint_obj(ctx, nsproxy->uts_ns, CKPT_OBJ_UTS_NS);
> - if (ret <= 0)
> - goto out;
> + ret = 0;
> + if (nsproxy->uts_ns != ctx->root_nsproxy->uts_ns) {
> + ret = checkpoint_obj(ctx, nsproxy->uts_ns, CKPT_OBJ_UTS_NS);
> + if (ret <= 0)
> + goto out;
> + }
> h->uts_objref = ret;
> - ret = checkpoint_obj(ctx, nsproxy->ipc_ns, CKPT_OBJ_IPC_NS);
> - if (ret < 0)
> - goto out;
> +
> + ret = 0;
> + if (nsproxy->ipc_ns != ctx->root_nsproxy->ipc_ns) {
> + ret = checkpoint_obj(ctx, nsproxy->ipc_ns, CKPT_OBJ_IPC_NS);
> + if (ret < 0)
> + goto out;
> + }
> h->ipc_objref = ret;
>
> /* FIXME: for now, only marked visited to pacify leaks */
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/containers
