diff options
author | Nicolas Lacasse <nlacasse@google.com> | 2021-02-19 11:23:23 -0800 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-02-19 11:25:35 -0800 |
commit | 5e22ab93e6b44c036a6ec56858df0874729c4baa (patch) | |
tree | b6b76cd1aa51c9ef518b433268ed5a9b16310f76 /pkg | |
parent | 599579d0e554eea3b2a1bc5390026a6226e5e979 (diff) |
control.Proc.Exec should default to root pid namespace if none provided.
PiperOrigin-RevId: 358445320
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/sentry/control/proc.go | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/pkg/sentry/control/proc.go b/pkg/sentry/control/proc.go index de7a0f3ab..f93bd64e0 100644 --- a/pkg/sentry/control/proc.go +++ b/pkg/sentry/control/proc.go @@ -147,6 +147,10 @@ func (proc *Proc) execAsync(args *ExecArgs) (*kernel.ThreadGroup, kernel.ThreadI args.Capabilities, proc.Kernel.RootUserNamespace()) + pidns := args.PIDNamespace + if pidns == nil { + pidns = proc.Kernel.RootPIDNamespace() + } initArgs := kernel.CreateProcessArgs{ Filename: args.Filename, Argv: args.Argv, @@ -163,7 +167,7 @@ func (proc *Proc) execAsync(args *ExecArgs) (*kernel.ThreadGroup, kernel.ThreadI IPCNamespace: proc.Kernel.RootIPCNamespace(), AbstractSocketNamespace: proc.Kernel.RootAbstractSocketNamespace(), ContainerID: args.ContainerID, - PIDNamespace: args.PIDNamespace, + PIDNamespace: pidns, } if initArgs.MountNamespace != nil { // initArgs must hold a reference on MountNamespace, which will |