summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorIan Lewis <ianlewis@google.com>2021-06-28 15:59:54 -0700
committergVisor bot <gvisor-bot@google.com>2021-06-28 16:02:29 -0700
commit2d899a843b7b36799474bbb811a0bd40bc04efce (patch)
tree0595b5cb8b85c987383799a2ce68b70ca1d9c85e
parent2cbd82c0d6ff397a301def56d4a25eda07b53a9b (diff)
Exit early with error message on checkpoint/pause w/ hostinet.
PiperOrigin-RevId: 381964660
-rw-r--r--runsc/boot/controller.go9
1 files changed, 9 insertions, 0 deletions
diff --git a/runsc/boot/controller.go b/runsc/boot/controller.go
index 34f939953..132973e6b 100644
--- a/runsc/boot/controller.go
+++ b/runsc/boot/controller.go
@@ -334,6 +334,11 @@ func (cm *containerManager) ExecuteAsync(args *control.ExecArgs, pid *int32) err
// Checkpoint pauses a sandbox and saves its state.
func (cm *containerManager) Checkpoint(o *control.SaveOpts, _ *struct{}) error {
log.Debugf("containerManager.Checkpoint")
+ // TODO(gvisor.dev/issues/6243): save/restore not supported w/ hostinet
+ if cm.l.root.conf.Network == config.NetworkHost {
+ return errors.New("checkpoint not supported when using hostinet")
+ }
+
state := control.State{
Kernel: cm.l.k,
Watchdog: cm.l.watchdog,
@@ -344,6 +349,10 @@ func (cm *containerManager) Checkpoint(o *control.SaveOpts, _ *struct{}) error {
// Pause suspends a container.
func (cm *containerManager) Pause(_, _ *struct{}) error {
log.Debugf("containerManager.Pause")
+ // TODO(gvisor.dev/issues/6243): save/restore not supported w/ hostinet
+ if cm.l.root.conf.Network == config.NetworkHost {
+ return errors.New("pause not supported when using hostinet")
+ }
cm.l.k.Pause()
return nil
}