[Devel] Re: [PATCH 4/6] cr: checkpoint and restore task credentials
Serge E. Hallyn
serue at us.ibm.com
Thu May 21 07:14:50 PDT 2009
Quoting Oren Laadan (orenl at cs.columbia.edu):
>
>
> Serge E. Hallyn wrote:
> > Quoting Oren Laadan (orenl at cs.columbia.edu):
> >>> /* dump the task_struct of a given task */
> >>> static int checkpoint_task_struct(struct ckpt_ctx *ctx, struct task_struct *t)
> >>> {
> >>> struct ckpt_hdr_task *h;
> >>> int ret;
> >>> + int realcred_ref, ecred_ref;
> >>> +
> >>> + realcred_ref = checkpoint_obj(ctx, t->real_cred, CKPT_OBJ_CRED);
> >>> + if (realcred_ref < 0)
> >>> + return realcred_ref;
> >>> +
> >>> + ecred_ref = checkpoint_obj(ctx, t->cred, CKPT_OBJ_CRED);
> >>> + if (ecred_ref < 0)
> >>> + return ecred_ref;
> >> Is this safe even if the checkpointed task's state changes ?
> >> (e.g. unfrozen - yes, I know there is a patch in the works to
> >> prevent this; but if we ever want to checkpoint STOPPED tasks...
> >> for instance).
> >>
> >> Would incrementing the refcount on t->{cred,real_cred} help ?
> >
> > Doesn't checkpoint_obj already do that through obj_new?
> >
>
> No, it does not. There is a (potentially long) window of opportunity
> between the callback invoked from checkpoint_obj() - where the pointer
> is used, and when checkpoint_obj() later takes the extra reference.
>
> See for comparison checkpoint_mm_obj(), it safely grabs the task->mm
> (with a reference) around the invocation of checkpoint_obj().
Hmm, ok. Will do.
-serge
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list