[CRIU] [PATCH] dump: prevent dumping if a session leader is outside of the current pidns
Pavel Emelyanov
xemul at parallels.com
Mon Apr 1 12:11:32 EDT 2013
On 04/01/2013 07:10 PM, Andrey Vagin wrote:
> A parasite code returns zero sid for such cases.
>
> Signed-off-by: Andrey Vagin <avagin at openvz.org>
> ---
> cr-dump.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/cr-dump.c b/cr-dump.c
> index c8e2779..f62c42c 100644
> --- a/cr-dump.c
> +++ b/cr-dump.c
> @@ -1402,6 +1402,13 @@ static int dump_one_task(struct pstree_item *item)
> pr_info("sid=%d pgid=%d pid=%d\n",
> item->sid, item->pgid, item->pid.virt);
>
> + if (item->sid == 0) {
> + pr_err("A session leader of %d(%d) is outside of its pid namespace\n",
> + item->pid.real, item->pid.virt);
> + ret = -1;
> + goto err_cure;
> + }
> +
> ret = -1;
> cr_fdset = cr_task_fdset_open(item->pid.virt, O_DUMP);
> if (!cr_fdset)
>
It's worth thinking about --shell-job allowing this.
Applied for now.
More information about the CRIU
mailing list