Changes

274 bytes added ,  11:16, 28 April 2022
Line 126: Line 126:  
  # 899 843 0:5 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
 
  # 899 843 0:5 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
   −
Mounts 812 (on the host) and 861 (in a container) have the same sharing (shared group) - external sharing and mount 898 has it's own local shared group - internal sharing.
+
Mounts 812 (on the host) and 861 (in a container) have the same sharing (shared group) - external sharing and mount 898 has it's own local shared group - internal sharing. Same is applicable for master_ids, if we convert them into slaves external/internal shared_id would convert to external/internal master_id.
   −
Before [https://github.com/checkpoint-restore/criu/pull/906 #906] we were detecting this external/internal sharing state for auto-detected external mounts only, but we need it for manual external mounts too. Moreover, this also applies to manual external slave mounts they can be external/internal slaves too.
+
[https://criu.org/Mount-v2 Mount-v2] is introducing a better support of external sharing:
   −
So we detect that the mount is from external sharing if in mount namespace of CRIU there are mounts of the same shared group and also we detect that the mount is from external slavery if there is no master mount for it in CT mount namespaces.
+
- External sharing is not supported (converted to internal sharing after c/r) as reasonable container environments should not allow it due to security reasons, and implementing it's lookup would lead to bad performance (host mountinfo reading).
 +
- External slavery is supported for mountpoint external mounts and the root mount. It is detected when criu can't lookup master_id of the mount across shared_ids in container mount namespaces. CRIU relies that mountpoint external source provides right shared/slave mount to copy sharing from. Everything else is considered as internal sharing/slavery.
    
== Old days ==
 
== Old days ==