[CRIU] [PATCH v3 06/26] files: Allow to receive further fds

Kirill Tkhai ktkhai at virtuozzo.com
Tue Dec 6 09:19:03 PST 2016


On 06.12.2016 20:16, Pavel Emelyanov wrote:
> 
>>  int recv_fd_from_peer(struct fdinfo_list_entry *fle)
>>  {
>>  	struct fdinfo_list_entry *tmp;
>>  	int fd, ret;
>>  
>> +	if (fle->received)
>> +		return fle->fe->fd;
>> +again:
>>  	ret = recv_fds(fle->fe->fd, &fd, 1, (void *)&tmp, sizeof(struct fdinfo_list_entry *));
>>  	if (ret)
>>  		return -1;
>>  
>>  	if (tmp != fle) {
>> -		pr_err("Received wrong fle\n");
>> -		return -1;
>> +		pr_info("Further fle=%p, pid=%d\n", tmp, fle->pid);
>> +		if (!task_fle(current, fle)) {
> 
> OK, so this routine makes sure the fle received sits in current's list.
> Two questions: 1. should we consider receiving of non-current fle as BUG()?

Yes, it's a BUG. We fail restore if so.

> and 2. can we make the same check by comparing fle->pid with current? All
> fle's are in shmem, so contents is accessible by everyone.

It seems to be worse, because if there is a problem with fle, it may point
to a random memory. So fle->pid dereference will finish with SIGSEGV.
 
> 
>> +			pr_err("Unexpected fle %p, pid=%d\n", fle, current->pid.virt);
>> +			return -1;
>> +		}
>> +		if (keep_fd_for_future(tmp, fd))
>> +			return -1;
>> +		goto again;
>>  	}
>>  	close(fle->fe->fd);
>> +	fle->received = 1;
>>  
>>  	return fd;
>>  }
> 


More information about the CRIU mailing list