Lines Matching refs:container
5 … The container mechanism allows the processes in different containers to have independent global r…
7 …container isolation function involves seven containers: UTS container, PID container, Mount contai…
21 The container-based resource isolation can be further classified into the following types:
23 …he containers are parallel (without inheritance relationships), and the container resources are in…
25 … same level are invisible, but the upper-level container can access resources of the lower-level c…
27 For the PID container, **unshare()** or **setns()** changes the container of the child process (not…
29 …ProcessCB** of a process to implement container functionalities. You can also enable or disable sp…
33 …endent User container management. This design facilitates modularization and independent processin…
37 
43 The UTS container isolates information, such as host names, domain names, and version information. …
47 The Mount container isolates file mount points. The mount and unmount operations in a container doe…
49 The Mount container allows processes to use the file mounting system independently. Child processes…
51 …container, use **clone()** with the **CLONE_NEWNS** flag to create a process, and change the mount…
53 …container is created, change the implementation of obtaining the mount information to enable the m…
57 The PID container isolates PIDs. Processes of different containers can use the same virtual process…
59 The PID container provides the following features:
62 …the parent PID container. For the same process, the PID in the parent PID container is independent…
63 - The child PID container cannot view the processes in its parent container.
64 - All PIDs of the system can be viewed in the root container.
68 The Network container isolates the system's network devices and network stacks.
70 The Network container isolates the TCP/IP protocol stacks and network device resources.
72 …container isolates port numbers. The available port numbers in a Network container range from 0 to…
73 …on: The Network container isolates IP resources. Each container has its own IP resources. Changing…
74 …- Network device isolation: The Network container isolates network interface cards (NICs). Each co…
78 The User container isolates users and user groups.
80 The User container isolates management rights by User ID or Group ID (UID/GID) and capability.
84 …container isolates UIDs/GIDs. Different User containers have different UIDs/GIDs. Each User contai…
88 With the User container, you can set different capabilities for processes.
119 The Time container isolates the time maintenance information of the system.
121 Each process has its own Time container to hold the **CLOCK_MONOTONIC** and **CLOCK_MONOTONIC_RAW**…
123 …container of the current process is recorded in the **/proc/PID/timens_offsets** file. You can als…
125 …y, the only way to create a Time container is to call **unshare()** with the **CLONE_NEWTIME** fla…
127 …ock offset (**/proc/PID/timens_offsets**) for this container before the first process of the conta…
131 The IPC container isolates IPC objects, including the message queues and shared memory.
133 Each process has its own IPC container to hold the message queue and shared memory.
137 …e global variable struct **LosQueueCB** to a local variable in each IPC container to implement the…
139 …*, **shmSegs**, and **shmUsedPageCount** to local variables in each IPC container to implement the…
145 …m initialization process, a root container is created for initial processes (processes 0, 1, and 2…
147 …e container flag specified to create a container for a process. If the container flag is not speci…
149 
155 …unshare()** to move a process to a newly created container. The following figure uses the IPC cont…
157 <img src="figures/container-003.png" alt="ContainerBase" style="zoom:80%;" />
161 The following describes how to create, switch, and destroy a container.
165 You can create a container when using **clone()** to create a process.
169 A container can be created when you use **clone()** to create a process. The function prototype is …
176 …- When using **clone()** to create a process, you can specify a container to isolate resources (su…
178 - If no container flag is specified, the process shares the containers of its parent process.
182 You can use either of the following interfaces to move a process to another container:
186 …Use **unshare()** to move a process to a newly created container. The function prototype is as fol…
194 …> For the PID or Time container, **unshare()** moves the child process (not the process itself) to…
198 …Use **setns()** to move a process to another existing container. The function prototype is as foll…
206 …> For the PID or Time container, **setns()** moves the child process (not the process itself) to a…
210 … containers and the container reference count decrements. When the reference count decrements to 0…
220 You can run the **ls** command to view container information in the **/proc/[pid]/container/** dire…
223 ls -l /proc/[pid]/container
228 …net -> 'net:[4026531847]' | The referenced object is the container with a unique ID…
229 …user -> 'user:[4026531841]' | The referenced object is the container with a unique ID…
230 …time_for_children -> 'time:[4026531846]' | The referenced object is the container with a unique ID…
231 …time -> 'time:[4026531846]' | The referenced object is the container with a unique ID…
232 …ipc -> 'ipc:[4026531845]' | The referenced object is the container with a unique ID…
233 …mnt -> 'mnt:[4026531844]' | The referenced object is the container with a unique ID…
234 …uts -> 'uts:[4026531843]' | The referenced object is the container with a unique ID…
235 …pid_for_children -> 'pid:[4026531842]' | The referenced object is the container with a unique ID…
236 …pid -> 'pid:[4026531842]' | The referenced object is the container with a unique ID…
298 - The PID container and User container support nesting of up to three layers. Other containers do n…
304 … | Create a Mount container for a child process. | Move this process to the specified Mount c…
305 … | Create a PID container for a child process. | Move this process to the specified PID c…
306 …| Create an IPC container for a child process. | Move this process to the specified IPC co…
307 … Create a Time container for the parent process of this process.| Not supported currently …
308 … | Create a User container for a child process. | Move this process to the specified User c…
309 …WUTS | Create a UTS container for a child process. | Move this process to the specified UTS c…
310 …| Create a Network container for a child process. | Move this process to the specified Network con…
312 - The container features are controlled by compiler macros.
315 // Macro of the container feature
317 // Macro of the container of each type
332 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_uts_con…
334 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_uts_con…
336 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_uts_con…
338 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_net_con…
340 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_user_co…
342 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_pid_con…
344 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_mnt_con…
346 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_ipc_con…
348 …//gitee.com/openharmony/kernel_liteos_a/blob/master/testsuites/unittest/container/smoke/It_time_co…