[Devel] [PATCH RH9 6/7] ve/prctl_set_mm: allow setting exe link while unprivileged for spfs
Cyrill Gorcunov
kgorkunov at virtuozzo.com
Tue Oct 5 16:09:06 MSK 2021
On 10/5/21 15:55, Pavel Tikhomirov wrote:
> In criu we do:
>
> +-> restore_one_alive_task
> +-> set_user_ns #1
>
> +-> restore_one_alive_task
> +-> sigreturn_restore #2
> +-> arch_export_restore_task
> +-> __export_restore_task
> +-> sys_prctl(PR_SET_MM, PR_SET_MM_MAP,...)
>
> So we call PR_SET_MM after we've switched to unprivileged userns, but
> PR_SET_MM_MAP is already available in unprivileged context. In case of
> fallback where PR_SET_MM_MAP is not available there would be a problem,
> but on our kernel we have it so criu should just work fine.
>
> In spfs we do PR_SET_MM + PR_SET_MM_EXE_FILE from parasite (can be
> unprivileged userns). PR_SET_MM_EXE_FILE one is not available in
> mainstream.
>
> Here are descriptions of patches which allowed PR_SET_MM_EXE_FILE
> everywhere and all other PR_SET_MM flags in ve:
Acked-by: Cyrill Gorcunov <gorcunov at virtuozzo.com>
More information about the Devel
mailing list