From 2d899a843b7b36799474bbb811a0bd40bc04efce Mon Sep 17 00:00:00 2001 From: Ian Lewis Date: Mon, 28 Jun 2021 15:59:54 -0700 Subject: Exit early with error message on checkpoint/pause w/ hostinet. PiperOrigin-RevId: 381964660 --- runsc/boot/controller.go | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'runsc/boot') diff --git a/runsc/boot/controller.go b/runsc/boot/controller.go index 34f939953..132973e6b 100644 --- a/runsc/boot/controller.go +++ b/runsc/boot/controller.go @@ -334,6 +334,11 @@ func (cm *containerManager) ExecuteAsync(args *control.ExecArgs, pid *int32) err // Checkpoint pauses a sandbox and saves its state. func (cm *containerManager) Checkpoint(o *control.SaveOpts, _ *struct{}) error { log.Debugf("containerManager.Checkpoint") + // TODO(gvisor.dev/issues/6243): save/restore not supported w/ hostinet + if cm.l.root.conf.Network == config.NetworkHost { + return errors.New("checkpoint not supported when using hostinet") + } + state := control.State{ Kernel: cm.l.k, Watchdog: cm.l.watchdog, @@ -344,6 +349,10 @@ func (cm *containerManager) Checkpoint(o *control.SaveOpts, _ *struct{}) error { // Pause suspends a container. func (cm *containerManager) Pause(_, _ *struct{}) error { log.Debugf("containerManager.Pause") + // TODO(gvisor.dev/issues/6243): save/restore not supported w/ hostinet + if cm.l.root.conf.Network == config.NetworkHost { + return errors.New("pause not supported when using hostinet") + } cm.l.k.Pause() return nil } -- cgit v1.2.3