[CRIU] [PATCH 3/3] rst: No creds restore for unpriviledged

[Pavel Emelyanov]

When restoring in user mode no need in restoring the creds,
kernel won't allow.

Signed-off-by: Pavel Emelyanov <xemul at virtuozzo.com>
---
 criu/cr-restore.c   | 4 +++-
 criu/pie/restorer.c | 5 +++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/criu/cr-restore.c b/criu/cr-restore.c
index 797669d..b2367e0 100644
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -3084,8 +3084,10 @@ static int rst_prep_creds(pid_t pid, CoreEntry *core, unsigned long *creds_pos)
 	 * present. It means we don't have
 	 * creds either, just ignore and exit
 	 * early.
+	 *
+	 * Or -- we're doing --unshare user restore from non-root context
 	 */
-	if (unlikely(!core->thread_core)) {
+	if (unlikely(!core->thread_core || (opts.unshare_flags & UNSHARE_UNPRIVILEDGED))) {
 		*creds_pos = 0;
 		return 0;
 	}
diff --git a/criu/pie/restorer.c b/criu/pie/restorer.c
index 1058dbf..c4fc1e5 100644
--- a/criu/pie/restorer.c
+++ b/criu/pie/restorer.c
@@ -132,6 +132,11 @@ static int restore_creds(struct thread_creds_args *args, int procfd)
 	struct cap_header hdr;
 	struct cap_data data[_LINUX_CAPABILITY_U32S_3];
 
+	if (!args) {
+		pr_info("No creds to restore\n");
+		return 0;
+	}
+
 	/*
 	 * We're still root here and thus can do it without failures.
 	 */
-- 
2.5.0