• Kirill Tkhai's avatar
    prctl: Allow local CAP_SYS_ADMIN changing exe_file · 4d28df61
    Kirill Tkhai authored
    During checkpointing and restore of userspace tasks
    we bumped into the situation, that it's not possible
    to restore the tasks, which user namespace does not
    have uid 0 or gid 0 mapped.
    
    People create user namespace mappings like they want,
    and there is no a limitation on obligatory uid and gid
    "must be mapped". So, if there is no uid 0 or gid 0
    in the mapping, it's impossible to restore mm->exe_file
    of the processes belonging to this user namespace.
    
    Also, there is no a workaround. It's impossible
    to create a temporary uid/gid mapping, because
    only one write to /proc/[pid]/uid_map and gid_map
    is allowed during a namespace lifetime.
    If there is an entry, then no more mapings can't be
    written. If there isn't an entry, we can't write
    there too, otherwise user task won't be able
    to do that in the future.
    
    The patch changes the check, and looks for CAP_SYS_ADMIN
    instead of zero uid and gid. This allows to restore
    a task independently of its user namespace mappings.
    Signed-off-by: default avatarKirill Tkhai <ktkhai@virtuozzo.com>
    CC: Andrew Morton <akpm@linux-foundation.org>
    CC: Serge Hallyn <serge@hallyn.com>
    CC: "Eric W. Biederman" <ebiederm@xmission.com>
    CC: Oleg Nesterov <oleg@redhat.com>
    CC: Michal Hocko <mhocko@suse.com>
    CC: Andrei Vagin <avagin@openvz.org>
    CC: Cyrill Gorcunov <gorcunov@openvz.org>
    CC: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
    CC: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Reviewed-by: default avatarCyrill Gorcunov <gorcunov@openvz.org>
    Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
    4d28df61
sys.c 60.4 KB