createProcessArgs.RootFromContext should return process Root if it exists.

It was always returning the MountNamespace root, which may be different from the process Root if the process is in a chroot environment. PiperOrigin-RevId: 211862181 Change-Id: I63bfeb610e2b0affa9fdbdd8147eba3c39014480
author: Nicolas Lacasse <nlacasse@google.com> 2018-09-06 13:46:45 -0700
committer: Shentubot <shentubot@google.com> 2018-09-06 13:47:49 -0700
commit: 6516b5648b471951e8c4da7869531c9509ba1495 (patch)
tree: 3eb07d6a48942bf2bc60a84a62176c6fef3dac3b /pkg/sentry/kernel/kernel.go
parent: 4f3053cb4e4ec408efdce6c7174e847ae71f2f88 (diff)
1 files changed, 11 insertions, 3 deletions
diff --git a/pkg/sentry/kernel/kernel.go b/pkg/sentry/kernel/kernel.go
index c2b5c7269..31a2f068d 100644
--- a/pkg/sentry/kernel/kernel.go
+++ b/pkg/sentry/kernel/kernel.go
@@ -553,10 +553,18 @@ func (ctx *createProcessContext) Value(key interface{}) interface{} {
 	case auth.CtxCredentials:
 		return ctx.args.Credentials
 	case fs.CtxRoot:
-		if ctx.k.mounts == nil {
-			return nil
+		if ctx.args.Root != nil {
+			// Take a refernce on the root dirent that will be
+			// given to the caller.
+			ctx.args.Root.IncRef()
+			return ctx.args.Root
 		}
-		return ctx.k.mounts.Root()
+		if ctx.k.mounts != nil {
+			// MountNamespace.Root() will take a reference on the
+			// root dirent for us.
+			return ctx.k.mounts.Root()
+		}
+		return nil
 	case ktime.CtxRealtimeClock:
 		return ctx.k.RealtimeClock()
 	case limits.CtxLimits:
author	Nicolas Lacasse <nlacasse@google.com>	2018-09-06 13:46:45 -0700
committer	Shentubot <shentubot@google.com>	2018-09-06 13:47:49 -0700
commit	6516b5648b471951e8c4da7869531c9509ba1495 (patch)
tree	3eb07d6a48942bf2bc60a84a62176c6fef3dac3b /pkg/sentry/kernel/kernel.go
parent	4f3053cb4e4ec408efdce6c7174e847ae71f2f88 (diff)