Pavel Emelyanov 1bbc9fbe37 irmap: Get root mntfd before releasing tasks on predump ... We have a use-after-free in predump code: 1st the free_pstree() is called in pre_dump_tasks(), then we go to irmap_predump_run() which may call the lookup_irmap() which, in turn, dereferences the root_item to get the root mount ns fd. But the problem is bigger than that. After we've released the tasks (done before freeing pstree on predump) we can no longer access them by PIDs, so keeping the root-item after irmap scan is not a fix. Fix is to get the root fd before releasing the tasks and using one in irmap scanner. Caught recently on iterative inotify_irmap test. Signed-off-by: Pavel Emelyanov <xemul@parallels.com> Acked-by: Andrew Vagin <avagin@parallels.com>		2014-10-01 12:42:50 +04:00
..
asm-generic	cr: collect short integer aliases in the single place	2014-04-08 15:35:46 +04:00
bug.h	bug: Include <stdbool.h>	2014-02-21 16:27:16 +04:00
cgroup.h	cg: add --cgroup-root option	2014-08-19 12:58:36 +04:00
compiler.h	include/compiler.h: Cleanup	2013-02-15 17:34:38 +04:00
config-base.h	config-base: Add F_SETPIPE_SZ/F_GETPIPE_SZ	2014-02-18 12:53:09 +04:00
cpu.h	cpu: Make cpu routines being per-acrh	2013-02-18 18:42:08 +04:00
cr-service-const.h	service: move constants to cr-service-const.h	2013-12-18 14:26:10 +04:00
cr-service.h	crtools: Add internal "swrk" action	2014-06-27 14:24:33 +04:00
cr-show.h	headers: Add \Newline-s for readability sake	2013-11-15 17:00:14 +04:00
cr_options.h	restore: Introduce the --restore-sibling option	2014-09-10 18:35:57 +04:00
criu-log.h	log: Add pr_warn_once helper	2014-02-28 13:34:29 +04:00
criu-plugin.h	net: Add ability to dump external links with plugins	2013-12-26 22:39:04 +04:00
crtools.h	security: check additional groups,v5	2014-08-06 10:20:27 +04:00
err.h	headers: Add err.h header	2013-04-02 20:27:51 +04:00
errno.h	headers: Move ERESTART codes to errno.h	2013-11-14 22:22:21 +04:00
eventfd.h	anon-inode: Don't readlink fd/fd multiple times	2014-02-02 22:14:29 +04:00
eventpoll.h	anon-inode: Don't readlink fd/fd multiple times	2014-02-02 22:14:29 +04:00
fcntl.h	fsnotify: Open handle with O_PATH, v2	2014-02-25 23:38:35 +04:00
fdset.h	headers: Add extern specificator to functions	2013-11-15 17:00:58 +04:00
fifo.h	collect: Shorten common images collecting code	2013-08-21 03:52:18 +04:00
file-ids.h	files-ids: generate id-s accoding with mnt_id, st->st_dev and st->st_ino	2014-04-21 22:39:28 +04:00
file-lock.h	flock: Merge all file lock entries into single image file	2014-08-12 14:38:49 +04:00
files-reg.h	link-remap: open link-remap files from correct mountpoints (v3)	2014-08-06 19:14:16 +04:00
files.h	files: Split fs restore into prepare and restore	2014-07-04 15:09:03 +04:00
fs-magic.h	Added AUFS support.	2014-08-21 18:35:22 +04:00
fsnotify.h	anon-inode: Don't readlink fd/fd multiple times	2014-02-02 22:14:29 +04:00
image-desc.h	image: mark CR_FD_SIGNAL and CR_FD_PSIGNAL as obsoleted and don't create signal-s*.img, v2	2014-08-19 13:09:49 +04:00
image.h	vdso: image -- Add VMA_AREA_VVAR flag	2014-06-24 22:48:40 +04:00
inet_diag.h	headers: Unify include guards (in comments) and a few fixes	2012-12-25 22:40:24 +04:00
ipc_ns.h	crtools: don't include crtools.h in other headers	2013-11-06 18:17:38 +04:00
irmap.h	irmap: Get root mntfd before releasing tasks on predump	2014-10-01 12:42:50 +04:00
kcmp-ids.h	headers: Add extern specificator to functions	2013-11-15 17:00:58 +04:00
kcmp.h	headers: Move kcmp_type to kcmp.h	2013-11-14 22:13:59 +04:00
kerndat.h	mount: detect the newinstance option for devpts (v2)	2014-04-08 15:32:35 +04:00
libnetlink.h	headers: Unify include guards (in comments) and a few fixes	2012-12-25 22:40:24 +04:00
list.h	criu: Several formatting fixes	2014-01-14 09:33:19 +04:00
lock.h	atomic: Use atomic_read instead of atomic_get	2013-08-16 19:37:06 +04:00
log.h	log: Include inttypes.h for PRI helpers	2014-04-25 13:23:55 +04:00
magic.h	timerfd: Add protobuf entries into the image	2014-08-06 19:18:34 +04:00
mem.h	mem: Move shmem preparation routine and rename	2014-02-03 23:34:12 +04:00
mman.h	headers: Move MADV definitions to own mman.h	2013-11-14 22:48:30 +04:00
mount.h	stat: Pass namespace into phys_stat_resolve_dev, not mnt tree	2014-08-06 10:57:27 +04:00
namespaces.h	mnt: Factor out mntns nsid creation on restore	2014-04-23 13:22:12 +04:00
net.h	rpc: Add ability to specify veth pairs (--veth-pair option)	2014-02-12 00:33:02 +04:00
netfilter.h	headers: Add extern specificator to functions	2013-11-15 17:00:58 +04:00
netlink_diag.h	headers: Add missing __CR_ at last endif	2013-11-15 16:59:57 +04:00
packet_diag.h	headers: Unify include guards (in comments) and a few fixes	2012-12-25 22:40:24 +04:00
page-pipe.h	page-pipe: split dumping memory on chunks (v3)	2014-02-10 15:06:39 +04:00
page-read.h	iov: Add iovec2pagemap() helper	2014-06-20 16:35:52 +04:00
page-xfer.h	v3 deduplication: add auto-dedup local	2013-12-18 14:52:04 +04:00
pagemap-cache.h	pagemap-cache: Use page.h helpers	2014-02-21 16:29:41 +04:00
parasite-syscall.h	vdso: Put CONFIG_VDSO where needed	2014-05-27 23:40:07 +04:00
parasite.h	Dump capabilities from the parasite	2014-08-15 23:10:44 +04:00
pid.h	headers: Add missing __CR_ at last endif	2013-11-15 16:59:57 +04:00
pipes.h	collect: Shorten common images collecting code	2013-08-21 03:52:18 +04:00
plugin.h	net: Add ability to dump external links with plugins	2013-12-26 22:39:04 +04:00
posix-timer.h	posix-timers: Helper for freeing proc parsed data	2014-04-17 12:01:02 +04:00
prctl.h	Dump capabilities from the parasite	2014-08-15 23:10:44 +04:00
proc_parse.h	Added AUFS support.	2014-08-21 18:35:22 +04:00
protobuf-desc.h	timerfd: Add protobuf entries into the image	2014-08-06 19:18:34 +04:00
protobuf.h	img: Add ability to check whether optional image collection happened	2014-08-12 14:38:22 +04:00
pstree.h	pstree: Introduce task_alive() helper	2014-08-12 14:41:00 +04:00
ptrace.h	ptrace: include config.h in ptrace.h	2014-02-07 15:32:17 +04:00
rbtree.h	x86: moved x86-specific files into the directory arch/x86.	2013-01-09 17:02:47 +04:00
restorer.h	rst: Rework task_entries to use rst_mem engine	2014-08-19 13:00:10 +04:00
rst-malloc.h	whitespace-at-eol cleanup	2013-12-12 10:00:45 +04:00
rst_info.h	files: Fix restoration of ghost cwd (and root)	2014-07-04 15:09:06 +04:00
servicefd.h	cg: Restore tasks into proper cgroups	2014-05-27 23:48:06 +04:00
shmem.h	shmem: Explicitly initialize rst_shmems	2014-08-19 13:00:07 +04:00
sigframe.h	parasite: don't include restorer.h in parasite-syscall.c	2013-11-06 12:39:36 +04:00
signalfd.h	anon-inode: Don't readlink fd/fd multiple times	2014-02-02 22:14:29 +04:00
sk-inet.h	headers: Add extern specificator to functions	2013-11-15 17:00:58 +04:00
sk-packet.h	Make tpacket_req3 definition conditional	2014-02-10 14:31:02 +04:00
sk-queue.h	crtools: move all stuff about vma together	2013-11-06 12:43:49 +04:00
sockets.h	space-before-tab whitespace cleanup	2013-12-12 10:00:53 +04:00
stats.h	stats: Fix restore pages stats	2014-02-04 14:03:10 +04:00
string.h	make: config -- Add testing if we have libbsd installed	2014-03-26 01:44:23 +04:00
syscall-types.h	mount: allow to dump and restore nested mount namespaces (v3)	2014-04-21 22:38:23 +04:00
sysctl.h	headers: Unify include guards (in comments) and a few fixes	2012-12-25 22:40:24 +04:00
sysfs_parse.h	Added AUFS support.	2014-08-21 18:35:22 +04:00
timerfd.h	timerfd: Implement check routine	2014-08-07 10:18:09 +04:00
tty.h	crtools: don't include crtools.h in other headers	2013-11-06 18:17:38 +04:00
tun.h	headers: Add extern specificator to functions	2013-11-15 17:00:58 +04:00
unix_diag.h	x86: moved x86-specific files into the directory arch/x86.	2013-01-09 17:02:47 +04:00
util-pie.h	headers: Drop uintX_t usage	2013-12-12 10:03:07 +04:00
util.h	cg: correctly detect co-mounted controller mount point	2014-07-14 15:14:37 +04:00
uts_ns.h	headers: Add extern specificator to functions	2013-11-15 17:00:58 +04:00
vdso.h	vdso: Implement vDSO proxification of any vvar/vdso order	2014-08-04 15:35:03 +04:00
vma.h	Added AUFS support.	2014-08-21 18:35:22 +04:00
xmalloc.h	core: Allocate CoreEntry (except arch) with single xmalloc	2014-03-14 13:39:28 +04:00