diff options
author | Michael Pratt <mpratt@google.com> | 2018-09-07 10:27:19 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-09-07 10:28:25 -0700 |
commit | 169e2efc5a2116755beca91e65802780282ab4c1 (patch) | |
tree | 65e4fa5878c9ddd683f0b65b07597b12b6201de9 /pkg/seccomp/seccomp.go | |
parent | 210c2520890ea48d551c0c9fffe890a7c60fb802 (diff) |
Continue handling signals after disabling forwarding
Before destroying the Kernel, we disable signal forwarding,
relinquishing control to the Go runtime. External signals that arrive
after disabling forwarding but before the sandbox exits thus may use
runtime.raise (i.e., tkill(2)) and violate the syscall filters.
Adjust forwardSignals to handle signals received after disabling
forwarding the same way they are handled before starting forwarding.
i.e., by implementing the standard Go runtime behavior using tgkill(2)
instead of tkill(2).
This also makes the stop callback block until forwarding actually stops.
This isn't required to avoid tkill(2) but is a saner interface.
PiperOrigin-RevId: 211995946
Change-Id: I3585841644409260eec23435cf65681ad41f5f03
Diffstat (limited to 'pkg/seccomp/seccomp.go')
0 files changed, 0 insertions, 0 deletions