diff options
author | Michael Pratt <mpratt@google.com> | 2018-06-25 15:22:04 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-06-25 15:22:56 -0700 |
commit | 478f0ac0038afda267814fa154bcd32feb07c3b3 (patch) | |
tree | 53ad838bfe8004ede64f0915ded2979c16c1b4d3 /pkg/sentry | |
parent | e8ae2b85e90fc27e74de032698224e7972673cec (diff) |
Don't read FSContext.root without holding FSContext.mu
IsChrooted still has the opportunity to race with another thread
entering the FSContext into a chroot, but that is unchanged (and
fine, AFAIK).
PiperOrigin-RevId: 202029117
Change-Id: I38bce763b3a7715fa6ae98aa200a19d51a0235f1
Diffstat (limited to 'pkg/sentry')
-rw-r--r-- | pkg/sentry/kernel/task_resources.go | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/pkg/sentry/kernel/task_resources.go b/pkg/sentry/kernel/task_resources.go index e529f0c2d..0389989e8 100644 --- a/pkg/sentry/kernel/task_resources.go +++ b/pkg/sentry/kernel/task_resources.go @@ -122,5 +122,7 @@ func (t *Task) AbstractSockets() *AbstractSocketNamespace { func (t *Task) IsChrooted() bool { realRoot := t.k.mounts.Root() defer realRoot.DecRef() - return t.tr.FSContext.root != realRoot + root := t.tr.FSContext.RootDirectory() + defer root.DecRef() + return root != realRoot } |