Changes

Jump to navigation Jump to search

Google Summer of Code Ideas (edit)

Revision as of 16:57, 28 March 2019

1,001 bytes added ,  16:57, 28 March 2019
no edit summary
Line 122: Line 122:  
   
 
   
 
'''Links:'''
 
'''Links:'''
 +
* [[Anonymize image files]]
 
* https://github.com/checkpoint-restore/criu/issues/360
 
* https://github.com/checkpoint-restore/criu/issues/360
 
* [[CRIT]], [[Images]]
 
* [[CRIT]], [[Images]]
Line 173: Line 174:  
* Mentor: Mike Rapoport <rppt@linux.ibm.com>
 
* Mentor: Mike Rapoport <rppt@linux.ibm.com>
 
* Suggested by: Mike Rapoport <rppt@linux.ibm.com>
 
* Suggested by: Mike Rapoport <rppt@linux.ibm.com>
 +
 +
=== Use eBPF to lock and unlock the network ===
 +
 +
'''Summary:''' Use ePBF instead of external iptables-restore tool for network lock and unlock.
 +
 +
During checkpointing and restoring CRIU locks the network to make sure no network packets are accepted by the network stack during the time the process is checkpointed. Currently CRIU calls out to iptables-restore to create and delete the corresponding iptables rules. Another approach which avoids calling out to the external binary iptables-restore would be to directly inject eBPF rules. There have been reports from users that iptables-restore fails in some way and eBPF could avoid this external dependency.
 +
 +
'''Links:'''
 +
* https://www.criu.org/TCP_connection#Checkpoint_and_restore_TCP_connection
 +
* https://github.com/systemd/systemd/blob/master/src/core/bpf-firewall.c
 +
 +
'''Details:'''
 +
* Skill level: intermediate
 +
* Language: C
 +
* Mentor: Adrian Reber <areber@redhat.com>
 +
* Suggested by: Adrian Reber <areber@redhat.com>
    
[[Category:GSoC]]
 
[[Category:GSoC]]
 
[[Category:Development]]
 
[[Category:Development]]
Adrian
79

edits

Retrieved from "https://criu.org/Special:MobileDiff/4867...4874"

Navigation menu