From: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> Criu algorithm is (prepare_mnt_ns): 1) Restore all mounts of the CT (from all mntns'es) in single temporary mount namespace. 2) For each mount namespace of the container recreate it's mounts: a) Unshare temporary mntns (mounts are doubled) b) Remove with pivot_root all excess mounts
So at some point we have many mntnses of the CT already created with their mounts and two temporary mount namespaces with mounts copies, that is ~3x mounts (and may be also some aditional temporary mounts). When we restore a CT with > 1/3*sysctl_ve_mount_nr mounts we hit the limit and fail, fix it ignoring the limit at restore stage. https://jira.sw.ru/browse/PSBM-86511 Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> Acked-by: Cyrill Gorcunov <gorcu...@openvz.org> (cherry picked from vz7 commit cb5488bae355 ("ve/mount: allow pseudosuper to temporary exceed the container limit")) VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127837 Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalit...@virtuozzo.com> (cherry picked from vz8 commit 454d3b6b7b79d76ce785d21d2c95d2efc173eddc) Signed-off-by: Andrey Zhadchenko <andrey.zhadche...@virtuozzo.com> --- fs/namespace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/namespace.c b/fs/namespace.c index 0abab30..b2f925a 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -2811,7 +2811,7 @@ static inline int ve_mount_allowed(void) { struct ve_struct *ve = get_exec_env(); - return ve_is_super(ve) || + return ve_is_super(ve) || ve->is_pseudosuper || atomic_read(&ve->mnt_nr) < (int)sysctl_ve_mount_nr; } -- 1.8.3.1 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
