Serge E. Hallyn wrote: > Quoting Sukadev Bhattiprolu (sukadev@xxxxxxxxxxxxxxxxxx): >> From: Sukadev Bhattiprolu <sukadev@xxxxxxxxxxxxxxxxxx> >> Subject: [PATCH 5/5] Deny external checkpoint unless task is frozen >> >> Remove a 'FIXME' and ensure that the tasks we are checkpointing are >> frozen unless its a self-checkpoint. >> >> Signed-off-by: Sukadev Bhattiprolu <sukadev@xxxxxxxxxxxxxxxxxx> > > I remain not-a-fan of self-checkpoint, and think it needlessly > complicates locking, but it isn't for this patch to change that :) lol ... here's is an interesting use case for self checkpoint: "ASSURE: Automatic Software Self-healing Using REscue points" (ASPLOS 2009). Oren. > > Acked-by: Serge Hallyn <serue@xxxxxxxxxx> > >> --- >> checkpoint/checkpoint.c | 5 ++++- >> 1 files changed, 4 insertions(+), 1 deletions(-) >> >> diff --git a/checkpoint/checkpoint.c b/checkpoint/checkpoint.c >> index 9189abb..cfa6b4f 100644 >> --- a/checkpoint/checkpoint.c >> +++ b/checkpoint/checkpoint.c >> @@ -19,6 +19,7 @@ >> #include <linux/mount.h> >> #include <linux/utsname.h> >> #include <linux/magic.h> >> +#include <linux/freezer.h> >> #include <linux/checkpoint.h> >> #include <linux/checkpoint_hdr.h> >> >> @@ -280,7 +281,9 @@ static int cr_may_checkpoint_task(struct task_struct *t, struct cr_ctx *ctx) >> if (!ptrace_may_access(t, PTRACE_MODE_READ)) >> return -EPERM; >> >> - /* FIXME: verify that the task is frozen (unless self) */ >> + /* verify that the task is frozen (unless self) */ >> + if (t != current && !frozen(t)) >> + return -EBUSY; >> >> /* FIXME: change this for nested containers */ >> if (task_nsproxy(t) != ctx->root_nsproxy) >> -- >> 1.5.2.5 >> >> _______________________________________________ >> Containers mailing list >> Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx >> https://lists.linux-foundation.org/mailman/listinfo/containers > _______________________________________________ > Containers mailing list > Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx > https://lists.linux-foundation.org/mailman/listinfo/containers > _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
