close prctl window

If the pdeath signal is set after the synchro we have a window where
the parent exits with the pdeath signal not set.

In order to avoid that, we have to move the prctl before the synchro with
the parent so if the parent exits before we can set the pdeath signal, the
synchro will fail in any case and the container startup will be aborted.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

diff --git a/src/lxc/start.c b/src/lxc/start.c
index b69ac88f3624b3d97144c8e2d580c39fbbf0be9b..dc57bea8e55906a36cb70e70b084ea3a12496a54 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -422,6 +422,17 @@ static int do_start(void *data)
                return -1;
        }
 
+        /* This prctl must be before the synchro, so if the parent
+        * dies before we set the parent death signal, we will detect
+        * its death with the synchro right after, otherwise we have
+        * a window where the parent can exit before we set the pdeath
+        * signal leading to a unsupervized container.
+        */
+       if (prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0)) {
+               SYSERROR("failed to set pdeath signal");
+               return -1;
+       }
+
        lxc_sync_fini_parent(handler);
 
        /* Tell the parent task it can begin to configure the
@@ -441,11 +452,6 @@ static int do_start(void *data)
                return -1;
        }
 
-       if (prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0)) {
-               SYSERROR("failed to set pdeath signal");
-               return -1;
-       }
-
        close(handler->sigfd);
 
        /* after this call, we are in error because this