X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=src%2Fplanetlab.c;h=d3669e38ecab6e404976a70b8175f4292f4e1bc1;hb=f925934b595e983e5f0d980402b72bac7dd8e927;hp=824039b4ceb5755cda297cd2f48ed80c3a0a408e;hpb=de7215310b459bac3471991612e1e9a0b0ae347c;p=util-vserver-pl.git

diff --git a/src/planetlab.c b/src/planetlab.c
index 824039b..d3669e3 100644
--- a/src/planetlab.c
+++ b/src/planetlab.c
@@ -43,11 +43,17 @@ POSSIBILITY OF SUCH DAMAGE.
 #include <unistd.h>
 #include <ctype.h>
 #include <sys/resource.h>
+#include <sys/types.h>
 #include <fcntl.h>
+#define _GNU_SOURCE 
+#include <sched.h>
 
 #include "vserver.h"
 #include "planetlab.h"
 
+/* defined in netns.c */
+extern uint32_t get_space_flag(xid_t);
+
 #ifndef VC_NXC_RAW_SOCKET
 #  define VC_NXC_RAW_SOCKET	0x00000200ull
 #endif
@@ -59,12 +65,11 @@ POSSIBILITY OF SUCH DAMAGE.
 #endif
 
 static int
-create_context(xid_t ctx, uint64_t bcaps)
+create_context(xid_t ctx, uint64_t bcaps, uint32_t unshare_flags)
 {
   struct vc_ctx_caps   vc_caps;
   struct vc_net_flags  vc_nf;
   struct vc_net_caps   vc_ncaps;
-  uint32_t unshare_mask;
 
   /* Create network context */
   if (vc_net_create(ctx) == VC_NOCTX) {
@@ -88,18 +93,16 @@ tag:
   if (vc_tag_create(ctx) == VC_NOCTX)
     return -1;
 
-process:
-
   /*
    * Create context info - this sets the STATE_SETUP and STATE_INIT flags.
    */
   if (vc_ctx_create(ctx, 0) == VC_NOCTX)
     return -1;
 
-  /* Unshare the NET namespace if the slice if requested in the local slice configuration */
-  unshare_mask = get_space_flag(ctx);
-  if (unshare_mask != 0) {
-      sys_unshare(unshare_mask);
+    if (unshare_flags != 0) {
+      unshare(unshare_flags);
+      unshare_flags |= vc_get_space_mask();
+      vc_set_namespace(ctx, unshare_flags);
   }
 
   /* Set capabilities - these don't take effect until SETUP flag is unset */
@@ -151,11 +154,15 @@ pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr)
 
       if (vc_get_cflags(ctx, &vc_flags))
 	{
+        uint32_t unshare_flags;
 	  if (errno != ESRCH)
 	    return -1;
 
+       /* Unshare the net namespace if the slice if requested in the local slice configuration */
+        unshare_flags = get_space_flag(ctx);
+
 	  /* context doesn't exist - create it */
-	  if (create_context(ctx, bcaps))
+	  if (create_context(ctx, bcaps, unshare_flags))
 	    {
 	      if (errno == EEXIST)
 		/* another process beat us in a race */
@@ -187,6 +194,14 @@ pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr)
     migrate:
       if (net_migrated || !vc_net_migrate(ctx))
 	{
+        uint32_t unshare_flags;
+      /* Unshare the net namespace if the slice if requested in the local slice configuration */
+      unshare_flags = get_space_flag(ctx);
+      if (unshare_flags != 0) {
+          unshare_flags |=vc_get_space_mask();
+          vc_enter_namespace(ctx, unshare_flags);
+      }
+
 	  if (!vc_tag_migrate(ctx) && !vc_ctx_migrate(ctx, 0))
 	    break;  /* done */
 	  net_migrated = 1;
@@ -287,6 +302,10 @@ pl_get_limits(const char *context, struct sliver_resources *slr)
     {"rlimits/openfd.soft", TYPE_LONG, &slr->vs_openfd.soft},
     {"rlimits/openfd.min", TYPE_LONG, &slr->vs_openfd.min},
 
+    {"rlimits/memlock.hard", TYPE_LONG, &slr->vs_memlock.hard},
+    {"rlimits/memlock.soft", TYPE_LONG, &slr->vs_memlock.soft},
+    {"rlimits/memlock.min", TYPE_LONG, &slr->vs_memlock.min},
+
     {"personality", TYPE_PERS, &slr->personality},
 
     {0,0}
@@ -310,6 +329,10 @@ pl_get_limits(const char *context, struct sliver_resources *slr)
   slr->vs_openfd.soft = VC_LIM_KEEP;
   slr->vs_openfd.min = VC_LIM_KEEP;
 
+  slr->vs_memlock.hard = VC_LIM_KEEP;
+  slr->vs_memlock.soft = VC_LIM_KEEP;
+  slr->vs_memlock.min = VC_LIM_KEEP;
+
   slr->personality = 0;
 
   cwd = open(".", O_RDONLY);
@@ -335,8 +358,13 @@ pl_get_limits(const char *context, struct sliver_resources *slr)
 	buf[len-1]='\0';
 	len --;
       }
-      if ( (r->type == TYPE_LONG) && isdigit(*buf)) {
-	*r->limit = atoi(buf);
+      if (r->type == TYPE_LONG) {
+	int val;
+	char *res=0;
+	errno=0;
+	val = strtol(buf,&res,0);
+	if ( !( (val==0 && res) || (errno!=0) ) )
+	  *r->limit = val;
       } else if ( (r->type == TYPE_PERS) && isalpha(*buf)) {
 	unsigned long int res;
 	res = vc_str2personalitytype(buf,len);
@@ -349,7 +377,7 @@ pl_get_limits(const char *context, struct sliver_resources *slr)
     fclose(fb);
   }
 
-  fchdir(cwd);
+  (void)fchdir(cwd);
 out_fd:
   close(cwd);
 out:
@@ -425,5 +453,6 @@ pl_set_ulimits(const struct sliver_resources *slr)
   set_one_ulimit(RLIMIT_AS, &slr->vs_as);
   set_one_ulimit(RLIMIT_NPROC, &slr->vs_nproc);
   set_one_ulimit(RLIMIT_NOFILE, &slr->vs_openfd);
+  set_one_ulimit(RLIMIT_MEMLOCK, &slr->vs_memlock);
   return set_personality(slr->personality);
 }