Changes

Jump to navigation Jump to search

Google Summer of Code Ideas (edit)

Revision as of 12:30, 25 January 2026

1,103 bytes removed ,  25 January
m
no edit summary
Line 28: Line 28:  
* Suggested by: Andrei Vagin <avagin@gmail.com>
 
* Suggested by: Andrei Vagin <avagin@gmail.com>
 
* Mentors: Radostin Stoyanov <rstoyanov@fedoraproject.org>, Alexander Mikhalitsyn <alexander@mihalicyn.com>, Andrei Vagin <avagin@gmail.com>
 
* Mentors: Radostin Stoyanov <rstoyanov@fedoraproject.org>, Alexander Mikhalitsyn <alexander@mihalicyn.com>, Andrei Vagin <avagin@gmail.com>
  −
=== Use eBPF to lock and unlock the network ===
  −
  −
'''Summary:''' Use eBPF instead of external iptables-restore tool for network lock and unlock.
  −
  −
During checkpointing and restoring CRIU locks the network to make sure no network packets are accepted by the network stack during the time the process is checkpointed. Currently CRIU calls out to iptables-restore to create and delete the corresponding iptables rules. Another approach which avoids calling out to the external binary iptables-restore would be to directly inject eBPF rules. There have been reports from users that iptables-restore fails in some way and eBPF could avoid this external dependency.
  −
  −
'''Links:'''
  −
* https://www.criu.org/TCP_connection#Checkpoint_and_restore_TCP_connection
  −
* https://github.com/systemd/systemd/blob/master/src/core/bpf-firewall.c
  −
* https://blog.zeyady.com/2021-08-16/gsoc-criu
  −
  −
'''Details:'''
  −
* Skill level: intermediate
  −
* Language: C
  −
* Expected size: 350 hours
  −
* Mentors: Radostin Stoyanov <rstoyanov@fedoraproject.org>, Prajwal S N <prajwalnadig21@gmail.com>
  −
* Suggested by: Adrian Reber <areber@redhat.com>
      
=== Files on detached mounts ===
 
=== Files on detached mounts ===
Radostin
569

edits

Retrieved from "https://criu.org/Special:MobileDiff/5851"

Navigation menu