[Devel,vz7-u5,v2,1/2] mount: restore_task_mnt_ns - Lookup for mount namespace conditionally

Submitted by Kirill Gorkunov on July 23, 2017, 1:40 p.m.

Details

Message ID 20170723134006.GA17657@uranus.lan
State New
Series "Fix nil dereference in mount code and udp socks"
Headers show

Commit Message

Kirill Gorkunov July 23, 2017, 1:40 p.m.
In case if our parent is a dead task (zombie) we should lookup
for parent ids which will be inherited on restore. Otherwise
parent->ids may be nil and SIGSEGV produced.

https://jira.sw.ru/browse/PSBM-68062

v2:
 - make sure the ids is inherited if zombie met

Signed-off-by: Cyrill Gorcunov <gorcunov@virtuozzo.com>
---
 criu/mount.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

Patch hide | download patch | download mbox

diff --git a/criu/mount.c b/criu/mount.c
index 2ec94b3..7acfed6 100644
--- a/criu/mount.c
+++ b/criu/mount.c
@@ -3069,6 +3069,7 @@  int restore_task_mnt_ns(struct pstree_item *current)
 		return 0;
 
 	if (current->ids && current->ids->has_mnt_ns_id) {
+		struct pstree_item *next = current->parent;
 		unsigned int id = current->ids->mnt_ns_id;
 		struct ns_id *nsid;
 
@@ -3081,8 +3082,14 @@  int restore_task_mnt_ns(struct pstree_item *current)
 		 * already there, otherwise it will have to do
 		 * setns().
 		 */
-		if (current->parent && id == current->parent->ids->mnt_ns_id)
-			return 0;
+		for (; next; next = next->parent) {
+			if (!next->ids)
+			       continue;
+			if (id == next->ids->mnt_ns_id)
+				return 0;
+			else
+				break;
+		}
 
 		nsid = lookup_ns_by_id(id, &mnt_ns_desc);
 		if (nsid == NULL) {

Comments

Andrey Vagin July 25, 2017, 5:27 p.m.
On Sun, Jul 23, 2017 at 04:40:06PM +0300, Cyrill Gorcunov wrote:
> In case if our parent is a dead task (zombie) we should lookup
> for parent ids which will be inherited on restore. Otherwise
> parent->ids may be nil and SIGSEGV produced.
> 
> https://jira.sw.ru/browse/PSBM-68062
> 
> v2:
>  - make sure the ids is inherited if zombie met
>

Acked-by: Andrey Vagin <avagin@virtuozzo.com>

> Signed-off-by: Cyrill Gorcunov <gorcunov@virtuozzo.com>
> ---
>  criu/mount.c | 11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/criu/mount.c b/criu/mount.c
> index 2ec94b3..7acfed6 100644
> --- a/criu/mount.c
> +++ b/criu/mount.c
> @@ -3069,6 +3069,7 @@ int restore_task_mnt_ns(struct pstree_item *current)
>  		return 0;
>  
>  	if (current->ids && current->ids->has_mnt_ns_id) {
> +		struct pstree_item *next = current->parent;
>  		unsigned int id = current->ids->mnt_ns_id;
>  		struct ns_id *nsid;
>  
> @@ -3081,8 +3082,14 @@ int restore_task_mnt_ns(struct pstree_item *current)
>  		 * already there, otherwise it will have to do
>  		 * setns().
>  		 */
> -		if (current->parent && id == current->parent->ids->mnt_ns_id)
> -			return 0;
> +		for (; next; next = next->parent) {
> +			if (!next->ids)
> +			       continue;
> +			if (id == next->ids->mnt_ns_id)
> +				return 0;
> +			else
> +				break;
> +		}
>  
>  		nsid = lookup_ns_by_id(id, &mnt_ns_desc);
>  		if (nsid == NULL) {
> -- 
> 2.7.5
>