On 10/5/21 15:55, Pavel Tikhomirov wrote:
In criu we do:+-> restore_one_alive_task +-> set_user_ns #1 +-> restore_one_alive_task +-> sigreturn_restore #2 +-> arch_export_restore_task +-> __export_restore_task +-> sys_prctl(PR_SET_MM, PR_SET_MM_MAP,...) So we call PR_SET_MM after we've switched to unprivileged userns, but PR_SET_MM_MAP is already available in unprivileged context. In case of fallback where PR_SET_MM_MAP is not available there would be a problem, but on our kernel we have it so criu should just work fine. In spfs we do PR_SET_MM + PR_SET_MM_EXE_FILE from parasite (can be unprivileged userns). PR_SET_MM_EXE_FILE one is not available in mainstream. Here are descriptions of patches which allowed PR_SET_MM_EXE_FILE everywhere and all other PR_SET_MM flags in ve:
Acked-by: Cyrill Gorcunov <[email protected]> _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
