diff options
| author | Kir Kolyshkin <kolyshkin@gmail.com> | 2023-11-16 00:42:04 -0800 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2023-11-21 20:13:01 +0000 |
| commit | f7b2779086683bf00570427ce08bebfb54c53b76 (patch) | |
| tree | 6b7e887b97026e751c4b8df78622185074e07293 /src/syscall/exec_linux_test.go | |
| parent | cfb281754ec94859e86962ee3a66b8347e3161ab (diff) | |
| download | go-f7b2779086683bf00570427ce08bebfb54c53b76.tar.xz | |
syscall: fix getting pidfd when using CLONE_NEWUSER
While working on CL 528798, I found out that sys.PidFD field (added
in CL 520266) is not filled in when CLONE_NEWUSER is used.
This happens because the code assumed that the parent and the child
run in the same memory space. This assumption is right only when
CLONE_VM is used for clone syscall, and the code only sets CLONE_VM
when CLONE_NEWUSER is not used.
Fix this, and add a test case (which fails before the fix).
Updates #51246.
Change-Id: I805203c1369cadd63d769568b132a9ffd92cc184
Reviewed-on: https://go-review.googlesource.com/c/go/+/542698
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Auto-Submit: Michael Pratt <mpratt@google.com>
Diffstat (limited to 'src/syscall/exec_linux_test.go')
| -rw-r--r-- | src/syscall/exec_linux_test.go | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/syscall/exec_linux_test.go b/src/syscall/exec_linux_test.go index f255930aa8..a7af00d2c0 100644 --- a/src/syscall/exec_linux_test.go +++ b/src/syscall/exec_linux_test.go @@ -522,7 +522,7 @@ func TestCloneTimeNamespace(t *testing.T) { } } -func testPidFD(t *testing.T) error { +func testPidFD(t *testing.T, userns bool) error { testenv.MustHaveExec(t) if os.Getenv("GO_WANT_HELPER_PROCESS") == "1" { @@ -541,6 +541,9 @@ func testPidFD(t *testing.T) error { cmd.SysProcAttr = &syscall.SysProcAttr{ PidFD: &pidfd, } + if userns { + cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWUSER + } if err := cmd.Start(); err != nil { return err } @@ -572,7 +575,13 @@ func testPidFD(t *testing.T) error { } func TestPidFD(t *testing.T) { - if err := testPidFD(t); err != nil { + if err := testPidFD(t, false); err != nil { + t.Fatal("can't start a process:", err) + } +} + +func TestPidFDWithUserNS(t *testing.T) { + if err := testPidFD(t, true); err != nil { t.Fatal("can't start a process:", err) } } @@ -581,7 +590,7 @@ func TestPidFDClone3(t *testing.T) { *syscall.ForceClone3 = true defer func() { *syscall.ForceClone3 = false }() - if err := testPidFD(t); err != nil { + if err := testPidFD(t, false); err != nil { if testenv.SyscallIsNotSupported(err) { t.Skip("clone3 not supported:", err) } |