[Devel] [PATCH] criu: threads -- Allow uids/gids being different
Cyrill Gorcunov
gorcunov at gmail.com
Sun Jul 23 18:15:08 MSK 2017
We are carrying uids/gids in per-thread way since v1.8,
so no need to require them to match anymore. We still
require seccomp to match though. Need to revisit, seems
may relax this requirement as well.
https://jira.sw.ru/browse/PSBM-68756
Signed-off-by: Cyrill Gorcunov <gorcunov at virtuozzo.com>
---
criu/seize.c | 11 ++---------
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/criu/seize.c b/criu/seize.c
index 9f41369..c3d61b4 100644
--- a/criu/seize.c
+++ b/criu/seize.c
@@ -776,21 +776,14 @@ static inline bool thread_collected(struct pstree_item *i, pid_t tid)
static bool creds_dumpable(struct proc_status_creds *parent,
struct proc_status_creds *child)
{
- const size_t size = sizeof(struct proc_status_creds) -
- offsetof(struct proc_status_creds, cap_inh);
-
/*
- * The comparison rules are the following
- *
- * - CAPs can be different
* - seccomp filters should be passed via
* semantic comparison (FIXME) but for
* now we require them to be exactly
* identical
- * - the rest of members must match
*/
-
- if (memcmp(parent, child, size)) {
+ if (parent->s.seccomp_mode != child->s.seccomp_mode ||
+ parent->last_filter != child->last_filter) {
if (!pr_quelled(LOG_DEBUG)) {
pr_debug("Creds undumpable (parent:child)\n"
" uids: %d:%d %d:%d %d:%d %d:%d\n"
--
2.7.5
More information about the Devel
mailing list