[6/8] seccomp/restorer: Disable gtod from vdso in strict mode

Submitted by Dmitry Safonov on July 25, 2019, 10:01 p.m.

Details

Message ID 20190725220114.16977-7-dima@arista.com
State Accepted
Series "vdso: Use gettimeofday() from vdso for timings"
Headers show

Commit Message

Dmitry Safonov July 25, 2019, 10:01 p.m.
Signed-off-by: Dmitry Safonov <dima@arista.com>
---
 criu/pie/restorer.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

Patch hide | download patch | download mbox

diff --git a/criu/pie/restorer.c b/criu/pie/restorer.c
index d60fdbebf8c2..9d49a831373b 100644
--- a/criu/pie/restorer.c
+++ b/criu/pie/restorer.c
@@ -476,6 +476,23 @@  static int restore_seccomp(struct thread_restore_args *args)
 		return 0;
 		break;
 	case SECCOMP_MODE_STRICT:
+		/*
+		 * Disable gettimeofday() from vdso: it may use TSC
+		 * which is restricted by kernel:
+		 *
+		 * static long seccomp_set_mode_strict(void)
+		 * {
+		 * [..]
+		 * #ifdef TIF_NOTSC
+		 *	disable_TSC();
+		 * #endif
+		 * [..]
+		 *
+		 * XXX: It may need to be fixed in kernel under
+		 * PTRACE_O_SUSPEND_SECCOMP, but for now just get timings
+		 * with a raw syscall instead of vdso.
+		 */
+		std_log_set_gettimeofday(NULL);
 		ret = sys_prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT, 0, 0, 0);
 		if (ret < 0) {
 			pr_err("seccomp: SECCOMP_MODE_STRICT returned %d on tid %d\n",