diff options
| author | Jamie Liu <jamieliu@google.com> | 2018-08-31 13:57:02 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-08-31 13:58:04 -0700 |
| commit | 098046ba193b839d69c059f7a0e68c89409b4237 (patch) | |
| tree | 22a6bfcdbb4d440ef067c8df4643ef26f7255be1 /pkg/sentry/kernel/task_start.go | |
| parent | b1c1afa3ccc499df3fd15814d2b6cf9005bc2ab1 (diff) | |
Disintegrate kernel.TaskResources.
This allows us to call kernel.FDMap.DecRef without holding mutexes
cleanly.
PiperOrigin-RevId: 211139657
Change-Id: Ie59d5210fb9282e1950e2e40323df7264a01bcec
Diffstat (limited to 'pkg/sentry/kernel/task_start.go')
| -rw-r--r-- | pkg/sentry/kernel/task_start.go | 75 |
1 files changed, 46 insertions, 29 deletions
diff --git a/pkg/sentry/kernel/task_start.go b/pkg/sentry/kernel/task_start.go index c97dee8fc..6ce99d268 100644 --- a/pkg/sentry/kernel/task_start.go +++ b/pkg/sentry/kernel/task_start.go @@ -15,6 +15,7 @@ package kernel import ( + "gvisor.googlesource.com/gvisor/pkg/abi/linux" "gvisor.googlesource.com/gvisor/pkg/sentry/arch" "gvisor.googlesource.com/gvisor/pkg/sentry/kernel/auth" "gvisor.googlesource.com/gvisor/pkg/sentry/kernel/futex" @@ -26,7 +27,7 @@ import ( // TaskConfig defines the configuration of a new Task (see below). type TaskConfig struct { // Kernel is the owning Kernel. - *Kernel + Kernel *Kernel // Parent is the new task's parent. Parent may be nil. Parent *Task @@ -36,13 +37,24 @@ type TaskConfig struct { InheritParent *Task // ThreadGroup is the ThreadGroup the new task belongs to. - *ThreadGroup + ThreadGroup *ThreadGroup - // TaskContext is the TaskContext of the new task. - *TaskContext + // SignalMask is the new task's initial signal mask. + SignalMask linux.SignalSet - // TaskResources is the TaskResources of the new task. - *TaskResources + // TaskContext is the TaskContext of the new task. Ownership of the + // TaskContext is transferred to TaskSet.NewTask, whether or not it + // succeeds. + TaskContext *TaskContext + + // FSContext is the FSContext of the new task. A reference must be held on + // FSContext, which is transferred to TaskSet.NewTask whether or not it + // succeeds. + FSContext *FSContext + + // FDMap is the FDMap of the new task. A reference must be held on FDMap, + // which is transferred to TaskSet.NewTask whether or not it succeeds. + FDMap *FDMap // Credentials is the Credentials of the new task. Credentials *auth.Credentials @@ -62,25 +74,27 @@ type TaskConfig struct { // IPCNamespace is the IPCNamespace of the new task. IPCNamespace *IPCNamespace + + // AbstractSocketNamespace is the AbstractSocketNamespace of the new task. + AbstractSocketNamespace *AbstractSocketNamespace } -// NewTask creates a new task defined by TaskConfig. -// Whether or not NewTask is successful, it takes ownership of both TaskContext -// and TaskResources of the TaskConfig. +// NewTask creates a new task defined by cfg. // // NewTask does not start the returned task; the caller must call Task.Start. func (ts *TaskSet) NewTask(cfg *TaskConfig) (*Task, error) { t, err := ts.newTask(cfg) if err != nil { cfg.TaskContext.release() - cfg.TaskResources.release() + cfg.FSContext.DecRef() + cfg.FDMap.DecRef() return nil, err } return t, nil } -// newTask is a helper for TaskSet.NewTask that only takes ownership of TaskContext -// and TaskResources of the TaskConfig if it succeeds. +// newTask is a helper for TaskSet.NewTask that only takes ownership of parts +// of cfg if it succeeds. func (ts *TaskSet) newTask(cfg *TaskConfig) (*Task, error) { tg := cfg.ThreadGroup tc := cfg.TaskContext @@ -90,23 +104,26 @@ func (ts *TaskSet) newTask(cfg *TaskConfig) (*Task, error) { parent: cfg.Parent, children: make(map[*Task]struct{}), }, - runState: (*runApp)(nil), - interruptChan: make(chan struct{}, 1), - signalStack: arch.SignalStack{Flags: arch.SignalStackFlagDisable}, - tc: *tc, - tr: *cfg.TaskResources, - p: cfg.Kernel.Platform.NewContext(), - k: cfg.Kernel, - ptraceTracees: make(map[*Task]struct{}), - allowedCPUMask: cfg.AllowedCPUMask.Copy(), - ioUsage: &usage.IO{}, - creds: cfg.Credentials, - niceness: cfg.Niceness, - netns: cfg.NetworkNamespaced, - utsns: cfg.UTSNamespace, - ipcns: cfg.IPCNamespace, - rseqCPU: -1, - futexWaiter: futex.NewWaiter(), + runState: (*runApp)(nil), + interruptChan: make(chan struct{}, 1), + signalMask: cfg.SignalMask, + signalStack: arch.SignalStack{Flags: arch.SignalStackFlagDisable}, + tc: *tc, + fsc: cfg.FSContext, + fds: cfg.FDMap, + p: cfg.Kernel.Platform.NewContext(), + k: cfg.Kernel, + ptraceTracees: make(map[*Task]struct{}), + allowedCPUMask: cfg.AllowedCPUMask.Copy(), + ioUsage: &usage.IO{}, + creds: cfg.Credentials, + niceness: cfg.Niceness, + netns: cfg.NetworkNamespaced, + utsns: cfg.UTSNamespace, + ipcns: cfg.IPCNamespace, + abstractSockets: cfg.AbstractSocketNamespace, + rseqCPU: -1, + futexWaiter: futex.NewWaiter(), } t.endStopCond.L = &t.tg.signalHandlers.mu t.ptraceTracer.Store((*Task)(nil)) |