pie: better detection of /proc belonging to pid ns

While this commit is logically part of the "implement cgns support" commit, it's worth noting this separately I think: since cgns requires each task to look at its own proc file, we can now no longer dump unprivileged tasks whose /proc doesn't belong to them. This is because unprivileged tasks can't mount /proc, so if their /proc doesn't belong to them and they need to read it (because they're in a cgns), the pie code can't do anything about it. For cgns, we could solve this problem by simply fork()ing and setns()ing to the tasks pid and cgroup namespaces, and then reading the /proc from that task instead. (And perhaps we should implement it that way so we can still dump tasks whose /proc doesn't belong to them, although I don't think that's a common case.) Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>

pie: better detection of /proc belonging to pid ns
While this commit is logically part of the "implement cgns support" commit, it's worth noting this separately I think: since cgns requires each task to look at its own proc file, we can now no longer dump unprivileged tasks whose /proc doesn't belong to them. This is because unprivileged tasks can't mount /proc, so if their /proc doesn't belong to them and they need to read it (because they're in a cgns), the pie code can't do anything about it. For cgns, we could solve this problem by simply fork()ing and setns()ing to the tasks pid and cgroup namespaces, and then reading the /proc from that task instead. (And perhaps we should implement it that way so we can still dump tasks whose /proc doesn't belong to them, although I don't think that's a common case.) Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
1b291d8b · Tycho Andersen · Pavel Emelyanov · 6e33d080 · 1b291d8b
Commit 1b291d8b authored Feb 21, 2016 by Tycho Andersen Committed by Pavel Emelyanov Feb 24, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 5 deletions

parasite.c criu/pie/parasite.c +22 -5

No files found.
--- a/criu/pie/parasite.c
+++ b/criu/pie/parasite.c
@@ -294,21 +294,35 @@ static int dump_thread(struct parasite_dump_thread *args)
 }

 static char proc_mountpoint[] = "proc.crtools";
-static int get_proc_fd(void)
+
+static int pie_atoi(char *str)
+{
+	int ret = 0;
+
+	while (*str) {
+		ret *= 10;
+		ret += *str - '0';
+		str++;
+	}
+
+	return ret;
+}
+
+static int get_proc_fd()
 {
 	int ret;
-	char buf[2];
+	char buf[10];

 	ret = sys_readlinkat(AT_FDCWD, "/proc/self", buf, sizeof(buf));
 	if (ret < 0 && ret != -ENOENT) {
 		pr_err("Can't readlink /proc/self (%d)\n", ret);
 		return ret;
 	}
+	buf[ret] = 0;

 	/* Fast path -- if /proc belongs to this pidns */
-	if (ret == 1 && buf[0] == '1') {
+	if (pie_atoi(buf) == sys_getpid())
 		return sys_open("/proc", O_RDONLY, 0);
-	}

 	ret = sys_mkdir(proc_mountpoint, 0700);
 	if (ret) {
@@ -318,7 +332,10 @@ static int get_proc_fd(void)

 	ret = sys_mount("proc", proc_mountpoint, "proc", MS_MGC_VAL, NULL);
 	if (ret) {
-		pr_err("mount failed (%d)\n", ret);
+		if (ret == -EPERM)
+			pr_err("can't dump unpriviliged task whose /proc doesn't belong to it\n");
+		else
+			pr_err("mount failed (%d)\n", ret);
 		sys_rmdir(proc_mountpoint);
 		return -1;
 	}