| skipped 9 lines |
10 | 10 | | #include "common/compiler.h" |
11 | 11 | | #include "common/list.h" |
12 | 12 | | |
13 | | - | #include "criu-log.h" |
14 | | - | |
15 | 13 | | #include "util.h" |
16 | 14 | | #include "bitops.h" |
17 | 15 | | #include "pstree.h" |
| skipped 22 lines |
40 | 38 | | */ |
41 | 39 | | bool sfds_protected = false; |
42 | 40 | | |
| 41 | + | const char *sfd_type_name(enum sfd_type type) |
| 42 | + | { |
| 43 | + | static const char *names[] = { |
| 44 | + | [SERVICE_FD_MIN] = __stringify_1(SERVICE_FD_MIN), |
| 45 | + | [LOG_FD_OFF] = __stringify_1(LOG_FD_OFF), |
| 46 | + | [IMG_FD_OFF] = __stringify_1(IMG_FD_OFF), |
| 47 | + | [PROC_FD_OFF] = __stringify_1(PROC_FD_OFF), |
| 48 | + | [PROC_PID_FD_OFF] = __stringify_1(PROC_PID_FD_OFF), |
| 49 | + | [CR_PROC_FD_OFF] = __stringify_1(CR_PROC_FD_OFF), |
| 50 | + | [ROOT_FD_OFF] = __stringify_1(ROOT_FD_OFF), |
| 51 | + | [CGROUP_YARD] = __stringify_1(CGROUP_YARD), |
| 52 | + | [USERNSD_SK] = __stringify_1(USERNSD_SK), |
| 53 | + | [NS_FD_OFF] = __stringify_1(NS_FD_OFF), |
| 54 | + | [TRANSPORT_FD_OFF] = __stringify_1(TRANSPORT_FD_OFF), |
| 55 | + | [RPC_SK_OFF] = __stringify_1(RPC_SK_OFF), |
| 56 | + | [FDSTORE_SK_OFF] = __stringify_1(FDSTORE_SK_OFF), |
| 57 | + | [SERVICE_FD_MAX] = __stringify_1(SERVICE_FD_MAX), |
| 58 | + | }; |
| 59 | + | |
| 60 | + | if (type < ARRAY_SIZE(names)) |
| 61 | + | return names[type]; |
| 62 | + | |
| 63 | + | return "UNKNOWN"; |
| 64 | + | } |
| 65 | + | |
43 | 66 | | int init_service_fd(void) |
44 | 67 | | { |
45 | 68 | | struct rlimit64 rlimit; |
| skipped 61 lines |
107 | 130 | | |
108 | 131 | | static void sfds_protection_bug(enum sfd_type type) |
109 | 132 | | { |
110 | | - | pr_err("Service fd %u is being modified in protected context\n", type); |
| 133 | + | pr_err("Service fd %s is being modified in protected context\n", |
| 134 | + | sfd_type_name(type)); |
111 | 135 | | print_stack_trace(current ? vpid(current) : 0); |
112 | 136 | | BUG(); |
113 | 137 | | } |
| skipped 14 lines |
128 | 152 | | return fd; |
129 | 153 | | } |
130 | 154 | | |
| 155 | + | if (!test_bit(type, sfd_map)) { |
| 156 | + | if (sfd_verify_target(type, fd, sfd)) |
| 157 | + | return -1; |
| 158 | + | } |
| 159 | + | |
131 | 160 | | if (dup3(fd, sfd, O_CLOEXEC) != sfd) { |
132 | | - | pr_perror("Dup %d -> %d failed", fd, sfd); |
| 161 | + | pr_perror("%s dup %d -> %d failed", |
| 162 | + | sfd_type_name(type), fd, sfd); |
133 | 163 | | close(fd); |
134 | 164 | | return -1; |
135 | 165 | | } |
| skipped 30 lines |
166 | 196 | | if (old < 0) |
167 | 197 | | return; |
168 | 198 | | |
| 199 | + | if (!test_bit(type, sfd_map)) |
| 200 | + | sfd_verify_target(type, old, new); |
| 201 | + | |
169 | 202 | | ret = dup2(old, new); |
170 | 203 | | if (ret == -1) { |
171 | 204 | | if (errno != EBADF) |
172 | | - | pr_perror("Unable to clone %d->%d", old, new); |
| 205 | + | pr_perror("%s unable to clone %d->%d", |
| 206 | + | sfd_type_name(type), old, new); |
173 | 207 | | } else if (!(rsti(me)->clone_flags & CLONE_FILES)) |
174 | 208 | | close(old); |
175 | 209 | | } |
| skipped 77 lines |