rst: unmap restore memory after seccomp restore

In order to restore seccomp filters, we need to have access to dynamically allocated memory from the restorer blob, so we should unmap this memory afterwards. In order to do this, we need to suspend seccomp earlier, right after we attach to the tasks instead of just before we do the unmap of the restorer blob itself. Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

rst: unmap restore memory after seccomp restore
In order to restore seccomp filters, we need to have access to dynamically allocated memory from the restorer blob, so we should unmap this memory afterwards. In order to do this, we need to suspend seccomp earlier, right after we attach to the tasks instead of just before we do the unmap of the restorer blob itself. Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
934c3125 · Tycho Andersen · Pavel Emelyanov · 5577c2e8 · 934c3125 · 934c3125
Commit 934c3125 authored Nov 04, 2015 by Tycho Andersen Committed by Pavel Emelyanov Nov 11, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 13 deletions

cr-restore.c cr-restore.c +10 -11

restorer.c pie/restorer.c +2 -2

No files found.
--- a/cr-restore.c
+++ b/cr-restore.c
@@ -1654,6 +1654,16 @@ static int attach_to_tasks(bool root_seized, enum trace_flags *flag)
 				return -1;
 			}

+			/*
+			 * Suspend seccomp if necessary. We need to do this because
+			 * although seccomp is restored at the very end of the
+			 * restorer blob (and the final sigreturn is ok), here we're
+			 * doing an munmap in the process, which may be blocked by
+			 * seccomp and cause the task to be killed.
+			 */
+			if (rsti(item)->has_seccomp && suspend_seccomp(pid) < 0)
+				pr_err("failed to suspend seccomp, restore will probably fail...\n");
+
 			ret = ptrace_stop_pie(pid, rsti(item)->breakpoint, flag);
 			if (ret < 0)
 				return -1;
@@ -1694,17 +1704,6 @@ static void finalize_restore(int status)
 			goto detach;

 		/* Unmap the restorer blob */
-
-		/*
-		 * Suspend seccomp if necessary. We need to do this because
-		 * although seccomp is restored at the very end of the
-		 * restorer blob (and the final sigreturn is ok), here we're
-		 * doing an munmap in the process, which may be blocked by
-		 * seccomp and cause the task to be killed.
-		 */
-		if (rsti(item)->has_seccomp && suspend_seccomp(pid) < 0)
-			pr_err("failed to suspend seccomp, restore will probably fail...\n");
-
 		ctl = parasite_prep_ctl(pid, NULL);
 		if (ctl == NULL)
 			goto detach;

--- a/pie/restorer.c
+++ b/pie/restorer.c
@@ -1283,10 +1283,10 @@ long __export_restore_task(struct task_restore_args *args)

 	restore_posix_timers(args);

-	sys_munmap(args->rst_mem, args->rst_mem_size);
-
 	restore_seccomp(args->seccomp_mode);

+	sys_munmap(args->rst_mem, args->rst_mem_size);
+
 	/*
 	 * Sigframe stack.
 	 */