seccomp: Don't lookup for pidns in restore_seccomp

Looking up for pid in nesting pidns supposed to be done for non group leaders only, thus __export_restore_thread do this check on its own and we don't have to make a similar lookup especially on group leader where pids in args never were valid. Reported-by: Andrei Vagin <avagin@virtuozzo.com> Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>

seccomp: Don't lookup for pidns in restore_seccomp
Looking up for pid in nesting pidns supposed to be done for non group leaders only, thus __export_restore_thread do this check on its own and we don't have to make a similar lookup especially on group leader where pids in args never were valid. Reported-by: Andrei Vagin <avagin@virtuozzo.com> Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
d5a3d807 · Cyrill Gorcunov · Pavel Emelyanov · 673d1c77 · d5a3d807
Commit d5a3d807 authored May 15, 2018 by Cyrill Gorcunov Committed by Pavel Emelyanov Jul 09, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 9 deletions

restorer.c criu/pie/restorer.c +1 -9

No files found.
--- a/criu/pie/restorer.c
+++ b/criu/pie/restorer.c
@@ -431,17 +431,9 @@ static int restore_seccomp_filter(pid_t tid, struct thread_restore_args *args)

 static int restore_seccomp(struct thread_restore_args *args)
 {
-	pid_t tid;
+	pid_t tid = sys_gettid();
 	int ret;

-	tid = args->pid;
-
-	if (tid != sys_gettid()) {
-		pr_err("seccomp: Unexpected tid %d != %d\n",
-		       tid, (pid_t)sys_gettid());
-		return -1;
-	}
-
 	switch (args->seccomp_mode) {
 	case SECCOMP_MODE_DISABLED:
 		pr_debug("seccomp: mode %d on tid %d\n", SECCOMP_MODE_DISABLED, tid);