diff options
| author | Fabricio Voznika <fvoznika@google.com> | 2018-06-21 13:21:25 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-06-21 13:22:18 -0700 |
| commit | f6be5fe6193163ad46722bc36209572da4a15ad0 (patch) | |
| tree | 4f7424aa6dc619d4f674dee989f401ee758e179b | |
| parent | d571a4359cebbcf8a9b201bb125f1cdc9fb126e4 (diff) | |
Forward SIGUSR2 to the sandbox too
SIGUSR2 was being masked out to be used as a way to dump sentry
stacks. This could cause compatibility problems in cases anyone
uses SIGUSR2 to communicate with the container init process.
PiperOrigin-RevId: 201575374
Change-Id: I312246e828f38ad059139bb45b8addc2ed055d74
| -rw-r--r-- | pkg/sentry/sighandling/sighandling.go | 10 | ||||
| -rw-r--r-- | runsc/boot/loader.go | 5 |
2 files changed, 4 insertions, 11 deletions
diff --git a/pkg/sentry/sighandling/sighandling.go b/pkg/sentry/sighandling/sighandling.go index 0c3a14da5..ef6f7f617 100644 --- a/pkg/sentry/sighandling/sighandling.go +++ b/pkg/sentry/sighandling/sighandling.go @@ -95,7 +95,7 @@ func forwardSignals(k *kernel.Kernel, sigchans []chan os.Signal, start, stop cha // PrepareForwarding ensures that synchronous signals are forwarded to k and // returns a callback that starts signal delivery, which itself returns a // callback that stops signal forwarding. -func PrepareForwarding(k *kernel.Kernel) func() func() { +func PrepareForwarding(k *kernel.Kernel, enablePanicSignal bool) func() func() { start := make(chan struct{}) stop := make(chan struct{}) @@ -112,7 +112,7 @@ func PrepareForwarding(k *kernel.Kernel) func() func() { sigchans = append(sigchans, sigchan) // SignalPanic is handled by Run. - if linux.Signal(sig) == kernel.SignalPanic { + if enablePanicSignal && linux.Signal(sig) == kernel.SignalPanic { continue } @@ -128,9 +128,3 @@ func PrepareForwarding(k *kernel.Kernel) func() func() { } } } - -// StartForwarding ensures that synchronous signals are forwarded to k and -// returns a callback that stops signal forwarding. -func StartForwarding(k *kernel.Kernel) func() { - return PrepareForwarding(k)() -} diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go index e1194bd03..a0a28dc43 100644 --- a/runsc/boot/loader.go +++ b/runsc/boot/loader.go @@ -215,9 +215,8 @@ func New(spec *specs.Spec, conf *Config, controllerFD, restoreFD int, ioFDs []in if err := sighandling.IgnoreChildStop(); err != nil { return nil, fmt.Errorf("failed to ignore child stop signals: %v", err) } - // Ensure that most signals received in sentry context are forwarded to - // the emulated kernel. - stopSignalForwarding := sighandling.StartForwarding(k) + // Ensure that signals received are forwarded to the emulated kernel. + stopSignalForwarding := sighandling.PrepareForwarding(k, false)() procArgs, err := newProcess(spec, conf, ioFDs, console, creds, utsns, ipcns, k) if err != nil { |