mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-09-04 00:05:26 +00:00
Code Issues Releases Wiki Activity

seccomp: Don't lookup for pidns in restore_seccomp

Browse Source 
Looking up for pid in nesting pidns supposed to be done
for non group leaders only, thus __export_restore_thread
do this check on its own and we don't have to make
a similar lookup especially on group leader where
pids in args never were valid.

Reported-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
This commit is contained in:
Cyrill Gorcunov
2018-05-15 11:12:40 +03:00
committed by Andrei Vagin
parent 8340e64137
commit 2d27a43300
1 changed files with 2 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
criu/pie/restorer.c
View File

@@ -445,21 +445,8 @@ static int restore_seccomp_filter(pid_t tid, struct thread_restore_args *args)
static int restore_seccomp(struct thread_restore_args *args) static int restore_seccomp(struct thread_restore_args *args)
{ {
pid_t tid = 0; pid_t tid = sys_gettid();
int ret, i; int ret;
for (i = 0; i < MAX_NS_NESTING; i++) {
if (args->pid[i] == 0) {
tid = args->pid[i - 1];
break;
}
}
if (tid != sys_gettid()) {
pr_err("seccomp: Unexpected tid %d != %d\n",
tid, (pid_t)sys_gettid());
return -1;
}
switch (args->seccomp_mode) { switch (args->seccomp_mode) {
case SECCOMP_MODE_DISABLED: case SECCOMP_MODE_DISABLED: