summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry/kernel')
-rw-r--r--pkg/sentry/kernel/BUILD4
-rw-r--r--pkg/sentry/kernel/auth/BUILD4
-rw-r--r--pkg/sentry/kernel/fd_table.go6
-rw-r--r--pkg/sentry/kernel/futex/BUILD4
-rw-r--r--pkg/sentry/kernel/task_start.go16
5 files changed, 24 insertions, 10 deletions
diff --git a/pkg/sentry/kernel/BUILD b/pkg/sentry/kernel/BUILD
index 7b92f1b8d..e61d39c82 100644
--- a/pkg/sentry/kernel/BUILD
+++ b/pkg/sentry/kernel/BUILD
@@ -31,7 +31,7 @@ go_template_instance(
go_template_instance(
name = "seqatomic_taskgoroutineschedinfo",
- out = "seqatomic_taskgoroutineschedinfo.go",
+ out = "seqatomic_taskgoroutineschedinfo_unsafe.go",
package = "kernel",
suffix = "TaskGoroutineSchedInfo",
template = "//third_party/gvsync:generic_seqatomic",
@@ -112,7 +112,7 @@ go_library(
"ptrace_arm64.go",
"rseq.go",
"seccomp.go",
- "seqatomic_taskgoroutineschedinfo.go",
+ "seqatomic_taskgoroutineschedinfo_unsafe.go",
"session_list.go",
"sessions.go",
"signal.go",
diff --git a/pkg/sentry/kernel/auth/BUILD b/pkg/sentry/kernel/auth/BUILD
index 42779baa9..1d00a6310 100644
--- a/pkg/sentry/kernel/auth/BUILD
+++ b/pkg/sentry/kernel/auth/BUILD
@@ -5,7 +5,7 @@ load("//tools/go_stateify:defs.bzl", "go_library")
go_template_instance(
name = "atomicptr_credentials",
- out = "atomicptr_credentials.go",
+ out = "atomicptr_credentials_unsafe.go",
package = "auth",
suffix = "Credentials",
template = "//third_party/gvsync:generic_atomicptr",
@@ -45,7 +45,7 @@ go_template_instance(
go_library(
name = "auth",
srcs = [
- "atomicptr_credentials.go",
+ "atomicptr_credentials_unsafe.go",
"auth.go",
"capability_set.go",
"context.go",
diff --git a/pkg/sentry/kernel/fd_table.go b/pkg/sentry/kernel/fd_table.go
index 1f3a57dc1..cc3f43a45 100644
--- a/pkg/sentry/kernel/fd_table.go
+++ b/pkg/sentry/kernel/fd_table.go
@@ -81,7 +81,9 @@ type FDTable struct {
// mu protects below.
mu sync.Mutex `state:"nosave"`
- // used contains the number of non-nil entries.
+ // used contains the number of non-nil entries. It must be accessed
+ // atomically. It may be read atomically without holding mu (but not
+ // written).
used int32
// descriptorTable holds descriptors.
@@ -317,7 +319,7 @@ func (f *FDTable) Get(fd int32) (*fs.File, FDFlags) {
// GetFDs returns a list of valid fds.
func (f *FDTable) GetFDs() []int32 {
- fds := make([]int32, 0, f.used)
+ fds := make([]int32, 0, int(atomic.LoadInt32(&f.used)))
f.forEach(func(fd int32, file *fs.File, flags FDFlags) {
fds = append(fds, fd)
})
diff --git a/pkg/sentry/kernel/futex/BUILD b/pkg/sentry/kernel/futex/BUILD
index a5cf1f627..6a31dc044 100644
--- a/pkg/sentry/kernel/futex/BUILD
+++ b/pkg/sentry/kernel/futex/BUILD
@@ -5,7 +5,7 @@ load("//tools/go_stateify:defs.bzl", "go_library", "go_test")
go_template_instance(
name = "atomicptr_bucket",
- out = "atomicptr_bucket.go",
+ out = "atomicptr_bucket_unsafe.go",
package = "futex",
suffix = "Bucket",
template = "//third_party/gvsync:generic_atomicptr",
@@ -29,7 +29,7 @@ go_template_instance(
go_library(
name = "futex",
srcs = [
- "atomicptr_bucket.go",
+ "atomicptr_bucket_unsafe.go",
"futex.go",
"waiter_list.go",
],
diff --git a/pkg/sentry/kernel/task_start.go b/pkg/sentry/kernel/task_start.go
index a88bf3951..d60cd62c7 100644
--- a/pkg/sentry/kernel/task_start.go
+++ b/pkg/sentry/kernel/task_start.go
@@ -250,8 +250,20 @@ func (ns *PIDNamespace) allocateTID() (ThreadID, error) {
}
// Is it available?
- _, ok := ns.tasks[tid]
- if !ok {
+ tidInUse := func() bool {
+ if _, ok := ns.tasks[tid]; ok {
+ return true
+ }
+ if _, ok := ns.processGroups[ProcessGroupID(tid)]; ok {
+ return true
+ }
+ if _, ok := ns.sessions[SessionID(tid)]; ok {
+ return true
+ }
+ return false
+ }()
+
+ if !tidInUse {
ns.last = tid
return tid, nil
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-02 14:06:24 +0000