restore: Wait for userns being prepared before moving into cgroups (v3)

When user namespace are stepping in we should wait for their preparation
to complete before start using userns daemon (internally the kernel
checks for uids and if uids are not set -EINVAL will be returned
when usersn calls for sendmsg()).

v2: change stages correctly
v3: Wait prepare_userns() before making any calls to usernsd()

Cc: Cyrill Gorcunov <gorcunov@gmail.com>
Acked-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>

criu/cr-restore.c

@@ -1643,6 +1643,11 @@ static int restore_task_with_children(void *_arg)
 			goto err;
 	}
 
+	/* Wait prepare_userns */
+	if (current->parent == NULL &&
+            restore_finish_stage(CR_STATE_RESTORE_NS) < 0)
+			goto err;
+
 	/*
 	 * Call this _before_ forking to optimize cgroups
 	 * restore -- if all tasks live in one set of cgroups
@@ -1654,9 +1659,6 @@ static int restore_task_with_children(void *_arg)
 
 	/* Restore root task */
 	if (current->parent == NULL) {
-		if (restore_finish_stage(CR_STATE_RESTORE_NS) < 0)
-			goto err;
-
 		pr_info("Calling restore_sid() for init\n");
 		restore_sid();