[CRIU] [PATCH 1/2] don't assume the kernel has CONFIG_SECCOMP
Tycho Andersen
tycho.andersen at canonical.com
Thu Jun 25 07:48:42 PDT 2015
On Thu, Jun 25, 2015 at 02:13:49PM +0300, Pavel Emelyanov wrote:
> On 06/24/2015 11:34 PM, Tycho Andersen wrote:
> > linux/seccomp.h may not be available, and the seccomp mode might not be
> > listed in /proc/pid/status, so let's not assume those two things are
> > present.
> >
> > I'm doing this by just #defining the various constants that we use from
> > linux/seccomp.h, although we could just always #define them as we do for
> > some ptrace constants, instead of including the header sometimes.
>
> If all we need from seccomp.h is those SECCOMP_MODE-s then I think the
> easiest way would be providing them our own. All the more so we have
> them in pie/restorer.c already.
Yep, all we need is the constants, so I'll just #define them for
everyone.
> And one more thing:
>
> > diff --git a/proc_parse.c b/proc_parse.c
> > index 168afcb..3ef9729 100644
> > --- a/proc_parse.c
> > +++ b/proc_parse.c
> > @@ -780,7 +785,13 @@ int parse_pid_status(pid_t pid, struct proc_status_creds *cr)
> > if (bfdopenr(&f))
> > return -1;
> >
> > - while (done < 9) {
> > +#ifdef CONFIG_HAS_SECCOMP
> > +#define THINGS_TO_PARSE 9
> > +#else
> > +#define THINGS_TO_PARSE 8
> > +#endif
>
> Why is this required? If criu finds seccomp mark in /proc, then shouldn't
> it properly parse one?
The problem is when it doesn't have Seccomp:. We won't get to 9 things
parsed, even though we check for 9 things. I suppose it's not strictly
necessary in the while() loop, but the check for success below
requires it.
Tycho
> > +
> > + while (done < THINGS_TO_PARSE) {
> > str = breadline(&f);
> > if (str == NULL)
> > break;
>
> -- Pavel
More information about the CRIU
mailing list