On 2/6/22 23:20, Adrian Reber wrote: >>> CRIU Support >>> ------------ >>> In the past there was some speculation on the mailing list about >>> whether CRIU would need to be taught about CET. It turns out, it does. >>> The first issue hit is that CRIU calls sigreturn directly from its >>> “parasite code” that it injects into the dumper process. This violates >>> this shadow stack implementation’s protection that intends to prevent >>> attackers from doing this. ... >>From the CRIU side I can say that I would definitely like to see this > resolved. CRIU just went through a similar exercise with rseq() being > enabled in glibc and CI broke all around for us and other projects > relying on CRIU. Although rseq() was around for a long time we were not > aware of it but luckily 5.13 introduced a way to handle it for CRIU with > ptrace. An environment variable existed but did not really help when > CRIU is called somewhere in the middle of the container software stack. > >>From my point of view a solution not involving an environment variable > would definitely be preferred. Have there been things like this for CRIU in the past? Something where CRIU needs control but that's also security-sensitive? Any thoughts on how you would _like_ to see this resolved?
