Skip to content

C
criu
Commit 0ce60fdb authored by Andrew Vagin's avatar Andrew Vagin Committed by Pavel Emelyanov
Browse files
Options

pie: print an error and notify criu in error cases 

Cc: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: 's avatarAndrew Vagin <avagin@virtuozzo.com>
Acked-by: 's avatarTycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: 's avatarPavel Emelyanov <xemul@virtuozzo.com>
parent 15850963
Show whitespace changes
Inline Side-by-side
Showing with 18 additions and 15 deletions
pie/restorer.c
View file @ 0ce60fdb
...@@ -344,15 +344,20 @@ static int restore_signals(siginfo_t *ptr, int nr, bool group) ...@@ -344,15 +344,20 @@ static int restore_signals(siginfo_t *ptr, int nr, bool group)
return 0; return 0;
} }
static void restore_seccomp(struct task_restore_args *args) static int restore_seccomp(struct task_restore_args *args)
{ {
int ret;
switch (args->seccomp_mode) { switch (args->seccomp_mode) {
case SECCOMP_MODE_DISABLED: case SECCOMP_MODE_DISABLED:
return; return 0;
case SECCOMP_MODE_STRICT: case SECCOMP_MODE_STRICT:
if (sys_prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT, 0, 0, 0)) ret = sys_prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT, 0, 0, 0);
if (ret < 0) {
pr_err("prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT) returned %d\n", ret);
goto die; goto die;
return; }
return 0;
case SECCOMP_MODE_FILTER: { case SECCOMP_MODE_FILTER: {
int i; int i;
void *filter_data; void *filter_data;
...@@ -369,27 +374,24 @@ static void restore_seccomp(struct task_restore_args *args) ...@@ -369,27 +374,24 @@ static void restore_seccomp(struct task_restore_args *args)
* don't have to restore_seccomp() in threads, and that * don't have to restore_seccomp() in threads, and that
* future TSYNC behavior will be correct. * future TSYNC behavior will be correct.
*/ */
if (sys_seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, (char *) fprog) < 0) ret = sys_seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, (char *) fprog);
if (ret < 0) {
pr_err("sys_seccomp() returned %d\n", ret);
goto die; goto die;
}
filter_data += fprog->len * sizeof(struct sock_filter); filter_data += fprog->len * sizeof(struct sock_filter);
} }
return; return 0;
} }
default: default:
goto die; goto die;
} }
return 0;
die: die:
/* return -1;
* If preparing any seccomp state failed, we should make sure this
* process doesn't continue so that it can't do things outside the
* sandbox. Unfortunately, the rest of the restore has to continue
* since we're too late in the process to stop it and have unlocked the
* network.
*/
sys_exit_group(1);
} }
static int restore_thread_common(struct rt_sigframe *sigframe, static int restore_thread_common(struct rt_sigframe *sigframe,
...@@ -1268,7 +1270,8 @@ long __export_restore_task(struct task_restore_args *args) ...@@ -1268,7 +1270,8 @@ long __export_restore_task(struct task_restore_args *args)
* ns, so we must do this before restore_creds. * ns, so we must do this before restore_creds.
*/ */
pr_info("restoring seccomp mode %d for %ld\n", args->seccomp_mode, sys_getpid()); pr_info("restoring seccomp mode %d for %ld\n", args->seccomp_mode, sys_getpid());
restore_seccomp(args); if (restore_seccomp(args))
goto core_restore_end;
/* /*
* Writing to last-pid is CAP_SYS_ADMIN protected, * Writing to last-pid is CAP_SYS_ADMIN protected,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment