[CRIU] [PATCH 00/27] seccomp: Add support to track filters on per-thread basis
Cyrill Gorcunov
gorcunov at openvz.org
Thu Mar 1 15:41:22 MSK 2018
With this series we can c/r processes (like java) where thread migh carry
own filter chains.
https://jira.sw.ru/browse/PSBM-78762
Cyrill Gorcunov (27):
compel: seccomp -- Add PTRACE_SECCOMP_GET_METADATA data
seccomp: Fetch seccomp flags if kernel provides
seccomp: Move seccomp_info into seccomp.h
seccomp: Collect seccomp data on per-thread basis
seccomp: Use collected seccomp_entry to figure out if filter is present
seccomp: Define prefix for logging
seccomp: Drop pstree_item from find_inherited
seccomp: Drop pi_creds from dmp_info
seccomp: Use tid_real member name
seccomp: images,core -- Move seccomp data into per-thread origin
seccomp: Move filter position into seccomp_entry
seccomp: Untaggle entries from process_tree
seccomp: Drop leftover member from pstree
seccomp: Produce thread core records
seccomp: Add support of per thread filters on dump
seccomp: Speedup entry cleaning
seccomp: Rename last_filter to img_filter_pos
seccomp: Don't use BUG_ON in dump_seccomp_filters
seccomp: Add restore of per-thread filters
seccomp: Try use tsync flag if possible
seccomp: Always setup chain flags
seccomp: collect_filters -- Drop unneeded parent
seccomp: dump_seccomp_filters -- Be ready for chains absence
seccomp: Drop filter mode on tsync propagation
seccomp: Drop no longer needed comment
seccomp: Allow to dump thread with different seccomps
seccomp: test -- Add seccomp_filter_threads
compel/include/uapi/ptrace.h | 10 +
criu/cr-dump.c | 19 +-
criu/cr-restore.c | 26 +-
criu/include/proc_parse.h | 7 -
criu/include/pstree.h | 7 +-
criu/include/restorer.h | 15 +-
criu/include/seccomp.h | 47 ++-
criu/pie/restorer.c | 106 ++++--
criu/pstree.c | 12 +
criu/seccomp.c | 537 +++++++++++++++++++--------
criu/seize.c | 77 +---
images/core.proto | 8 +-
images/seccomp.proto | 1 +
test/zdtm/static/Makefile | 2 +
test/zdtm/static/seccomp_filter_threads.c | 161 ++++++++
test/zdtm/static/seccomp_filter_threads.desc | 1 +
16 files changed, 747 insertions(+), 289 deletions(-)
create mode 100644 test/zdtm/static/seccomp_filter_threads.c
create mode 100644 test/zdtm/static/seccomp_filter_threads.desc
--
2.14.3
More information about the CRIU
mailing list