Fix misuses of kernel.Task as context.Context.

kernel.Task can only be used as context.Context by that Task's task goroutine.
This is violated in at least two places:

- In any case where one thread accesses the /proc/[tid] of any other thread,
  passing the kernel.Task for [tid] as the context.Context is incorrect.

- Task.rebuildTraceContext() may be called by Kernel.RebuildTraceContexts()
  outside the scope of any task goroutine.

Fix these (as well as a data race on Task.traceContext discovered during the
course of finding the latter).

PiperOrigin-RevId: 342174404

1 files changed, 7 insertions, 0 deletions

diff --git a/pkg/sentry/kernel/kernel.go b/pkg/sentry/kernel/kernel.go
index 1ecf76b2b..2cdcdfc1f 100644
--- a/pkg/sentry/kernel/kernel.go
+++ b/pkg/sentry/kernel/kernel.go
@@ -1359,6 +1359,13 @@ func (k *Kernel) SendContainerSignal(cid string, info *arch.SignalInfo) error {
 // not have meaningful trace data. Rebuilding here ensures that we can do so
 // after tracing has been enabled.
 func (k *Kernel) RebuildTraceContexts() {
+	// We need to pause all task goroutines because Task.rebuildTraceContext()
+	// replaces Task.traceContext and Task.traceTask, which are
+	// task-goroutine-exclusive (i.e. the task goroutine assumes that it can
+	// access them without synchronization) for performance.
+	k.Pause()
+	defer k.Unpause()
+
 	k.extMu.Lock()
 	defer k.extMu.Unlock()
 	k.tasks.mu.RLock()