[CRIU] [PATCH v2 33/36] ns: Dump creds xids in root_user_ns

Kirill Tkhai ktkhai at virtuozzo.com
Fri Feb 3 08:16:28 PST 2017


They may not be mapped in target user_ns, so dump they
values in NS_ROOT. But because of backward compatibility
we can't collect their values from "/proc/[pid]/status",
because it's supported on the most recent kernel only.
So, choose this dump file format (dumping values in NS_ROOT),
and we be ready for the future.

Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 criu/parasite-syscall.c |   29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

diff --git a/criu/parasite-syscall.c b/criu/parasite-syscall.c
index 60c2457e8..c82af5b34 100644
--- a/criu/parasite-syscall.c
+++ b/criu/parasite-syscall.c
@@ -105,6 +105,15 @@ static void sigchld_handler(int signal, siginfo_t *siginfo, void *data)
 
 static int alloc_groups_copy_creds(const struct pstree_item *item, CredsEntry *ce, struct parasite_dump_creds *c)
 {
+	struct ns_id *ns = NULL;
+	int i;
+
+	ns = lookup_ns_by_id(item->ids->user_ns_id, &user_ns_desc);
+	if (!ns) {
+		pr_err("Can't find ns\n");
+		return -ENOENT;
+	}
+
 	BUILD_BUG_ON(sizeof(ce->groups[0]) != sizeof(c->groups[0]));
 	BUILD_BUG_ON(sizeof(ce->cap_inh[0]) != sizeof(c->cap_inh[0]));
 	BUILD_BUG_ON(sizeof(ce->cap_prm[0]) != sizeof(c->cap_prm[0]));
@@ -125,15 +134,17 @@ static int alloc_groups_copy_creds(const struct pstree_item *item, CredsEntry *c
 	ce->n_groups	= c->ngroups;
 
 	ce->groups	= xmemdup(c->groups, sizeof(c->groups[0]) * c->ngroups);
-
-	ce->uid		= c->uids[0];
-	ce->gid		= c->gids[0];
-	ce->euid	= c->uids[1];
-	ce->egid	= c->gids[1];
-	ce->suid	= c->uids[2];
-	ce->sgid	= c->gids[2];
-	ce->fsuid	= c->uids[3];
-	ce->fsgid	= c->gids[3];
+	for (i = 0; i < ce->n_groups; i++)
+		ce->groups[i] = root_userns_gid(ns, ce->groups[i]);
+
+	ce->uid		= root_userns_uid(ns, c->uids[0]);
+	ce->gid		= root_userns_gid(ns, c->gids[0]);
+	ce->euid	= root_userns_uid(ns, c->uids[1]);
+	ce->egid	= root_userns_gid(ns, c->gids[1]);
+	ce->suid	= root_userns_uid(ns, c->uids[2]);
+	ce->sgid	= root_userns_gid(ns, c->gids[2]);
+	ce->fsuid	= root_userns_uid(ns, c->uids[3]);
+	ce->fsgid	= root_userns_gid(ns, c->gids[3]);
 
 	return ce->groups ? 0 : -ENOMEM;
 }



More information about the CRIU mailing list