Oren Laadan [orenl@xxxxxxxxxxxxxxx] wrote: | +static int cr_get_container(struct cr_ctx *ctx, pid_t pid) | +{ | + struct task_struct *task = NULL; | + struct nsproxy *nsproxy = NULL; | + int err = -ESRCH; | + | + ctx->root_pid = pid; | + | + read_lock(&tasklist_lock); | + task = find_task_by_vpid(pid); | + if (task) | + get_task_struct(task); | + read_unlock(&tasklist_lock); | + | + if (!task) | + goto out; | + | +#if 0 /* enable to use containers */ | + if (!is_container_init(task)) { | + err = -EINVAL; | + goto out; | + } | +#endif | + | + if (!ptrace_may_access(task, PTRACE_MODE_READ)) { | + err = -EPERM; | + goto out; | + } | + | + /* verify that the task is frozen (unless self) */ | + if (task != current && !frozen(task)) | + return -EBUSY; | + | + rcu_read_lock(); | + nsproxy = task_nsproxy(task); | + get_nsproxy(nsproxy); You were probably addressing my earlier comment :-), but if nsproxy is NULL, get_nsproxy() will crash the system. Would be nice if get_nsproxy() is modified to check for NULL and return the nsproxy, (like say get_ipc_ns()), so we can: rcu_read_lock(); nsproxy = get_nsproxy(task_nsproxy(task)); rcu_read_unlock(); if (!nsproxy) goto out; | + rcu_read_unlock(); | + | + if (!nsproxy) | + goto out; | + | + ctx->root_task = task; | + ctx->root_nsproxy = nsproxy; | + | + return 0; Sukadev _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers