[v3,31/33] ns: Dump creds xids in root_user_ns

Submitted by Kirill Tkhai on Feb. 16, 2017, 12:11 p.m.

Details

Message ID 148724706753.22444.10849188255273867411.stgit@localhost.localdomain
State New
Series "Nested user namespaces support"
Headers show

Commit Message

Kirill Tkhai Feb. 16, 2017, 12:11 p.m.
They may not be mapped in target user_ns, so dump they
values in NS_ROOT. But because of backward compatibility
we can't collect their values from "/proc/[pid]/status",
because it's supported on the most recent kernel only.
So, choose this dump file format (dumping values in NS_ROOT),
and we be ready for the future.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 criu/parasite-syscall.c |   29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

Patch hide | download patch | download mbox

diff --git a/criu/parasite-syscall.c b/criu/parasite-syscall.c
index b649552b8..5d59e6e8b 100644
--- a/criu/parasite-syscall.c
+++ b/criu/parasite-syscall.c
@@ -104,6 +104,15 @@  static void sigchld_handler(int signal, siginfo_t *siginfo, void *data)
 
 static int alloc_groups_copy_creds(const struct pstree_item *item, CredsEntry *ce, struct parasite_dump_creds *c)
 {
+	struct ns_id *ns = NULL;
+	int i;
+
+	ns = lookup_ns_by_id(item->ids->user_ns_id, &user_ns_desc);
+	if (!ns) {
+		pr_err("Can't find ns\n");
+		return -ENOENT;
+	}
+
 	BUILD_BUG_ON(sizeof(ce->groups[0]) != sizeof(c->groups[0]));
 	BUILD_BUG_ON(sizeof(ce->cap_inh[0]) != sizeof(c->cap_inh[0]));
 	BUILD_BUG_ON(sizeof(ce->cap_prm[0]) != sizeof(c->cap_prm[0]));
@@ -124,15 +133,17 @@  static int alloc_groups_copy_creds(const struct pstree_item *item, CredsEntry *c
 	ce->n_groups	= c->ngroups;
 
 	ce->groups	= xmemdup(c->groups, sizeof(c->groups[0]) * c->ngroups);
-
-	ce->uid		= c->uids[0];
-	ce->gid		= c->gids[0];
-	ce->euid	= c->uids[1];
-	ce->egid	= c->gids[1];
-	ce->suid	= c->uids[2];
-	ce->sgid	= c->gids[2];
-	ce->fsuid	= c->uids[3];
-	ce->fsgid	= c->gids[3];
+	for (i = 0; i < ce->n_groups; i++)
+		ce->groups[i] = root_userns_gid(ns, ce->groups[i]);
+
+	ce->uid		= root_userns_uid(ns, c->uids[0]);
+	ce->gid		= root_userns_gid(ns, c->gids[0]);
+	ce->euid	= root_userns_uid(ns, c->uids[1]);
+	ce->egid	= root_userns_gid(ns, c->gids[1]);
+	ce->suid	= root_userns_uid(ns, c->uids[2]);
+	ce->sgid	= root_userns_gid(ns, c->gids[2]);
+	ce->fsuid	= root_userns_uid(ns, c->uids[3]);
+	ce->fsgid	= root_userns_gid(ns, c->gids[3]);
 
 	return ce->groups ? 0 : -ENOMEM;
 }