Skip to content

Commit

Permalink
kerndat: Skip clone3(set_tid) when unprivileged.
Browse files Browse the repository at this point in the history
clone3(set_tid) requires CAP_CHECKPOINT_RESTORE we might not have.
Assume that if it errored out with EPERM it's there and might be
usable from inside a user namespace.

Signed-off-by: Michał Mirosław <emmir@google.com>
  • Loading branch information
osctobe committed Sep 27, 2023
1 parent 5e37ccf commit 9bc0dbf
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions criu/kerndat.c
Original file line number Diff line number Diff line change
Expand Up @@ -1400,12 +1400,13 @@ static bool kerndat_has_clone3_set_tid(void)
pid_t pid;
struct _clone_args args = {};

kdat.has_clone3_set_tid = false;

#if defined(CONFIG_MIPS)
/*
* Currently the CRIU PIE assembler clone3() wrapper is
* not implemented for MIPS.
*/
kdat.has_clone3_set_tid = false;
return 0;
#endif

Expand All @@ -1427,7 +1428,7 @@ static bool kerndat_has_clone3_set_tid(void)
if (errno == ENOSYS || errno == E2BIG)
return 0;

if (errno != EINVAL) {
if (errno != EINVAL && errno != EPERM) {
pr_pwarn("Unexpected error from clone3");
return 0;
}
Expand Down

0 comments on commit 9bc0dbf

Please sign in to comment.