[CRIU] [PATCH 2/3] seccomp: Move changed ptrace flags setup after creds
Cyrill Gorcunov
gorcunov at gmail.com
Tue May 15 11:12:39 MSK 2018
Credential commitment affects dumpable and pdeath signals
so we have to move their restore after the restore_creds,
just like we have in __export_restore_task (ie for
group leader).
https://jira.sw.ru/browse/PSBM-84198
Signed-off-by: Cyrill Gorcunov <gorcunov at gmail.com>
---
criu/pie/restorer.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/criu/pie/restorer.c b/criu/pie/restorer.c
index f4f5ae83cf85..8189da2efa50 100644
--- a/criu/pie/restorer.c
+++ b/criu/pie/restorer.c
@@ -587,10 +587,6 @@ long __export_restore_thread(struct thread_restore_args *args)
sys_close(fd);
}
- ret = restore_dumpable_flag(&args->ta->mm);
- if (ret)
- goto core_restore_end;
-
pr_info("%ld: Restored\n", sys_gettid());
restore_finish_stage(task_entries_local, CR_STATE_RESTORE);
@@ -599,7 +595,6 @@ long __export_restore_thread(struct thread_restore_args *args)
goto core_restore_end;
restore_finish_stage(task_entries_local, CR_STATE_RESTORE_SIGCHLD);
- restore_pdeath_sig(args);
/*
* Make sure it's before creds, since it's privileged
@@ -609,8 +604,11 @@ long __export_restore_thread(struct thread_restore_args *args)
goto core_restore_end;
ret = restore_creds(args->creds_args, args->ta->proc_fd);
+ ret = ret || restore_dumpable_flag(&args->ta->mm);
+ ret = ret || restore_pdeath_sig(args);
if (ret)
goto core_restore_end;
+
restore_finish_stage(task_entries_local, CR_STATE_RESTORE_CREDS);
futex_dec_and_wake(&thread_inprogress);
--
2.14.3
More information about the CRIU
mailing list