summaryrefslogtreecommitdiffhomepage
path: root/runsc
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2018-09-07 13:38:12 -0700
committerShentubot <shentubot@google.com>2018-09-07 13:39:12 -0700
commit8ce3fbf9f87677ac34c577be9fb9b395ede8e714 (patch)
tree9aa2779895482cdc6a8f7e1efba9b0341b7f2212 /runsc
parentbc81f3fe4a042a15343d2eab44da32d818ac1ade (diff)
Only start signal forwarding after init process is created
PiperOrigin-RevId: 212028121 Change-Id: If9c2c62f3be103e2bb556b8d154c169888e34369
Diffstat (limited to 'runsc')
-rw-r--r--runsc/boot/loader.go31
1 files changed, 20 insertions, 11 deletions
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index 5fb489766..994b3d2e2 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -84,6 +84,10 @@ type Loader struct {
// spec is the base configuration for the root container.
spec *specs.Spec
+ // startSignalForwarding enables forwarding of signals to the sandboxed
+ // container. It should be called after the init process is loaded.
+ startSignalForwarding func() func()
+
// stopSignalForwarding disables forwarding of signals to the sandboxed
// container. It should be called when a sandbox is destroyed.
stopSignalForwarding func()
@@ -226,7 +230,7 @@ func New(spec *specs.Spec, conf *Config, controllerFD int, ioFDs []int, console
}
// Ensure that signals received are forwarded to the emulated kernel.
ps := syscall.Signal(conf.PanicSignal)
- stopSignalForwarding := sighandling.PrepareForwarding(k, ps)()
+ startSignalForwarding := sighandling.PrepareForwarding(k, ps)
if conf.PanicSignal != -1 {
// Panics if the sentry receives 'conf.PanicSignal'.
panicChan := make(chan os.Signal, 1)
@@ -244,15 +248,15 @@ func New(spec *specs.Spec, conf *Config, controllerFD int, ioFDs []int, console
}
l := &Loader{
- k: k,
- ctrl: ctrl,
- conf: conf,
- console: console,
- watchdog: watchdog,
- ioFDs: ioFDs,
- spec: spec,
- stopSignalForwarding: stopSignalForwarding,
- rootProcArgs: procArgs,
+ k: k,
+ ctrl: ctrl,
+ conf: conf,
+ console: console,
+ watchdog: watchdog,
+ ioFDs: ioFDs,
+ spec: spec,
+ startSignalForwarding: startSignalForwarding,
+ rootProcArgs: procArgs,
}
ctrl.manager.l = l
return l, nil
@@ -291,7 +295,9 @@ func (l *Loader) Destroy() {
if l.ctrl != nil {
l.ctrl.srv.Stop()
}
- l.stopSignalForwarding()
+ if l.stopSignalForwarding != nil {
+ l.stopSignalForwarding()
+ }
l.watchdog.Stop()
}
@@ -380,6 +386,9 @@ func (l *Loader) run() error {
l.rootProcArgs.FDMap.DecRef()
}
+ // Start signal forwarding only after an init process is created.
+ l.stopSignalForwarding = l.startSignalForwarding()
+
log.Infof("Process should have started...")
l.watchdog.Start()
return l.k.Start()