[PATCH 4/5] cr: checkpoint and restore task credentials

Alexey Dobriyan adobriyan at gmail.com
Thu May 14 01:18:50 PDT 2009


On Mon, May 11, 2009 at 11:05:39AM -0500, Serge E. Hallyn wrote:
> --- a/checkpoint/objhash.c
> +++ b/checkpoint/objhash.c
> +#define CKPT_MAXGROUPS 15
> +#define MAX_GROUPINFO_SIZE (sizeof(*h)+CKPT_MAXGROUPS*sizeof(gid_t))
> +/* move this fn into kernel/sys.c next to group functions? */
> +static int checkpoint_write_groupinfo(struct ckpt_ctx *ctx,
> +					struct group_info *g)
> +{
> +	int ret, i, size;
> +	struct ckpt_hdr_groupinfo *h;
> +
> +	if (g->ngroups > CKPT_MAXGROUPS) {
> +		ckpt_debug("Too many groups: %d  (max is %d)\n",
> +			g->ngroups, CKPT_MAXGROUPS);
> +		return -E2BIG;
> +	}

Ooh, a hack :-)

> +	size = sizeof(*h) + g->ngroups * sizeof(__u32);
> +	h = ckpt_hdr_get_type(ctx, size, CKPT_HDR_GROUPINFO);
> +	if (!h)
> +		return -ENOMEM;
> +
> +	h->ngroups = g->ngroups;
> +	for (i = 0; i < g->ngroups; i++)
> +		h->groups[i] = GROUP_AT(g, i);
> +
> +	ret = ckpt_write_obj(ctx, (struct ckpt_hdr *) h);
> +	ckpt_hdr_put(ctx, h);
> +
> +	return ret;
> +}

> +/*
> + * write the user struct
> + * TODO keyring will need to be dumped
> + */
> +#define UNSAVED_NS_MAX 5

Another hack :-)

This is an invitation to discuss what to do with references to future,
especially given that object image can be variable-size _and_
streamability on dump.

In case of user->user_ns->creator, we can avoid the issue and dump creator
first.


More information about the Containers mailing list