X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=src%2Fplanetlab.c;h=b931e812d13ab2e66d1c08fb6a7aef61353e0821;hb=361e96e42610e4f7600ae1175617f110874f563e;hp=73ccfc3efa452c95dde704e8e5502e6609d7b001;hpb=d35ef08a986920e31142f27cbe3de2a0836a0c25;p=util-vserver-pl.git diff --git a/src/planetlab.c b/src/planetlab.c index 73ccfc3..b931e81 100644 --- a/src/planetlab.c +++ b/src/planetlab.c @@ -43,7 +43,6 @@ POSSIBILITY OF SUCH DAMAGE. #include #include #include -#include #include #define _GNU_SOURCE #include @@ -51,9 +50,6 @@ POSSIBILITY OF SUCH DAMAGE. #include "vserver.h" #include "planetlab.h" -/* defined in netns.c */ -extern uint32_t get_space_flag(xid_t); - #ifndef VC_NXC_RAW_SOCKET # define VC_NXC_RAW_SOCKET 0x00000200ull #endif @@ -93,16 +89,19 @@ tag: if (vc_tag_create(ctx) == VC_NOCTX) return -1; +process: + /* * Create context info - this sets the STATE_SETUP and STATE_INIT flags. */ if (vc_ctx_create(ctx, 0) == VC_NOCTX) return -1; - if (unshare_flags != 0) { + if (unshare_flags != 0) { unshare(unshare_flags); unshare_flags |= vc_get_space_mask(); - vc_set_namespace(ctx, unshare_flags); + //printf("vc_set_namespace(%d, %X)\n", ctx, unshare_flags); + //vc_set_namespace(ctx, unshare_flags); } /* Set capabilities - these don't take effect until SETUP flag is unset */ @@ -140,11 +139,12 @@ pl_setup_done(xid_t ctx) #define RETRY_LIMIT 10 int -pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr) +pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr, + int unshare_netns) { int retry_count = 0; int net_migrated = 0; - + if (pl_set_ulimits(slr) != 0) return -1; @@ -154,12 +154,12 @@ pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr) if (vc_get_cflags(ctx, &vc_flags)) { - uint32_t unshare_flags; + uint32_t unshare_flags; if (errno != ESRCH) return -1; - /* Unshare the net namespace if the slice if requested in the local slice configuration */ - unshare_flags = get_space_flag(ctx); + /* Always unshare the net namespace for a new context */ + unshare_flags = CLONE_NEWNET; /* context doesn't exist - create it */ if (create_context(ctx, bcaps, unshare_flags)) @@ -194,13 +194,16 @@ pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr) migrate: if (net_migrated || !vc_net_migrate(ctx)) { - uint32_t unshare_flags; - /* Unshare the net namespace if the slice if requested in the local slice configuration */ - unshare_flags = get_space_flag(ctx); - if (unshare_flags != 0) { - unshare_flags |=vc_get_space_mask(); - vc_enter_namespace(ctx, unshare_flags); - } + uint32_t unshare_flags; + + /* Unshare the net namespace if requested in the slice config */ + unshare_flags = unshare_netns ? CLONE_NEWNET : 0; + + if (unshare_flags != 0) { + unshare_flags |=vc_get_space_mask(); + //printf("vc_enter_namespace(%d, %X)\n", ctx, unshare_flags); + //vc_enter_namespace(ctx, unshare_flags); + } if (!vc_tag_migrate(ctx) && !vc_ctx_migrate(ctx, 0)) break; /* done */ @@ -261,8 +264,8 @@ enum { }; struct pl_resources { - char *name; - unsigned type; + char *name; + unsigned type; union { unsigned long long *limit; unsigned long int *personality; @@ -280,8 +283,9 @@ pl_get_limits(const char *context, struct sliver_resources *slr) { FILE *fb; int cwd; + size_t len = strlen(VSERVERCONF) + strlen(context) + NULLBYTE_SIZE; + char *conf = (char *)malloc(len + strlen("rlimits/openfd.hard")); struct pl_resources *r; - struct pl_resources sliver_list[] = { {"sched/fill-rate2", TYPE_LONG, &slr->vs_cpu}, @@ -297,21 +301,15 @@ pl_get_limits(const char *context, struct sliver_resources *slr) {"rlimits/as.soft", TYPE_LONG, &slr->vs_as.soft}, {"rlimits/as.min", TYPE_LONG, &slr->vs_as.min}, - {"rlimits/nofile.hard", TYPE_LONG, &slr->vs_nofile.hard}, - {"rlimits/nofile.soft", TYPE_LONG, &slr->vs_nofile.soft}, - {"rlimits/nofile.min", TYPE_LONG, &slr->vs_nofile.min}, - - {"rlimits/memlock.hard", TYPE_LONG, &slr->vs_memlock.hard}, - {"rlimits/memlock.soft", TYPE_LONG, &slr->vs_memlock.soft}, - {"rlimits/memlock.min", TYPE_LONG, &slr->vs_memlock.min}, + {"rlimits/openfd.hard", TYPE_LONG, &slr->vs_openfd.hard}, + {"rlimits/openfd.soft", TYPE_LONG, &slr->vs_openfd.soft}, + {"rlimits/openfd.min", TYPE_LONG, &slr->vs_openfd.min}, {"personality", TYPE_PERS, &slr->personality}, {0,0} }; - size_t len = strlen(VSERVERCONF) + strlen(context) + NULLBYTE_SIZE; - char *conf = (char *)malloc(len); sprintf(conf, "%s%s", VSERVERCONF, context); slr->vs_rss.hard = VC_LIM_KEEP; @@ -326,13 +324,9 @@ pl_get_limits(const char *context, struct sliver_resources *slr) slr->vs_nproc.soft = VC_LIM_KEEP; slr->vs_nproc.min = VC_LIM_KEEP; - slr->vs_nofile.hard = VC_LIM_KEEP; - slr->vs_nofile.soft = VC_LIM_KEEP; - slr->vs_nofile.min = VC_LIM_KEEP; - - slr->vs_memlock.hard = VC_LIM_KEEP; - slr->vs_memlock.soft = VC_LIM_KEEP; - slr->vs_memlock.min = VC_LIM_KEEP; + slr->vs_openfd.hard = VC_LIM_KEEP; + slr->vs_openfd.soft = VC_LIM_KEEP; + slr->vs_openfd.min = VC_LIM_KEEP; slr->personality = 0; @@ -359,13 +353,8 @@ pl_get_limits(const char *context, struct sliver_resources *slr) buf[len-1]='\0'; len --; } - if (r->type == TYPE_LONG) { - int val; - char *res=0; - errno=0; - val = strtol(buf,&res,0); - if ( !( (val==0 && res) || (errno!=0) ) ) - *r->limit = val; + if ( (r->type == TYPE_LONG) && isdigit(*buf)) { + *r->limit = atoi(buf); } else if ( (r->type == TYPE_PERS) && isalpha(*buf)) { unsigned long int res; res = vc_str2personalitytype(buf,len); @@ -378,7 +367,7 @@ pl_get_limits(const char *context, struct sliver_resources *slr) fclose(fb); } - (void)fchdir(cwd); + fchdir(cwd); out_fd: close(cwd); out: @@ -453,7 +442,6 @@ pl_set_ulimits(const struct sliver_resources *slr) set_one_ulimit(RLIMIT_RSS, &slr->vs_rss); set_one_ulimit(RLIMIT_AS, &slr->vs_as); set_one_ulimit(RLIMIT_NPROC, &slr->vs_nproc); - set_one_ulimit(RLIMIT_NOFILE, &slr->vs_nofile); - set_one_ulimit(RLIMIT_MEMLOCK, &slr->vs_memlock); + set_one_ulimit(RLIMIT_NOFILE, &slr->vs_openfd); return set_personality(slr->personality); }