diff options
author | Nicolas Lacasse <nlacasse@google.com> | 2021-08-04 18:09:35 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-08-04 18:12:37 -0700 |
commit | 43e3d29b9700a5d84c3d16d265849b011a267c12 (patch) | |
tree | 5477895eb57aed70d21e2dd207508c78613b6d18 /pkg | |
parent | b9780f96be58ba0cff8612eef4e909431421e936 (diff) |
Implement PR_SET_CHILD_SUBREAPER when the calling task is PID 1.
In this case, the task is already a subreaper, so setting this bit is a noop.
Updates #2323
PiperOrigin-RevId: 388828034
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/sentry/syscalls/linux/sys_prctl.go | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/pkg/sentry/syscalls/linux/sys_prctl.go b/pkg/sentry/syscalls/linux/sys_prctl.go index a16b6b4d6..2ef1e6404 100644 --- a/pkg/sentry/syscalls/linux/sys_prctl.go +++ b/pkg/sentry/syscalls/linux/sys_prctl.go @@ -219,6 +219,21 @@ func Prctl(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall } return 0, nil, t.DropBoundingCapability(cp) + case linux.PR_SET_CHILD_SUBREAPER: + // "If arg2 is nonzero, set the "child subreaper" attribute of + // the calling process; if arg2 is zero, unset the attribute." + // + // TODO(gvisor.dev/issues/2323): We only support setting, and + // only if the task is already TID 1 in the PID namespace, + // because it already acts as a subreaper in that case. + isPid1 := t.PIDNamespace().IDOfTask(t) == kernel.InitTID + if args[1].Int() != 0 && isPid1 { + return 0, nil, nil + } + + t.Kernel().EmitUnimplementedEvent(t) + return 0, nil, linuxerr.EINVAL + case linux.PR_GET_TIMING, linux.PR_SET_TIMING, linux.PR_GET_TSC, @@ -230,7 +245,6 @@ func Prctl(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall linux.PR_MCE_KILL, linux.PR_MCE_KILL_GET, linux.PR_GET_TID_ADDRESS, - linux.PR_SET_CHILD_SUBREAPER, linux.PR_GET_CHILD_SUBREAPER, linux.PR_GET_THP_DISABLE, linux.PR_SET_THP_DISABLE, |