From: Daniel Lezcano <dlezcano@fr.ibm.com>
Date: Fri, 7 May 2010 12:37:05 +0000 (+0200)
Subject: more robustness against SIGCHLD
X-Git-Tag: lxc-0.7.0~86
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=82d89dce377300f774afc9163778bfeb247bcc57;p=thirdparty%2Flxc.git

more robustness against SIGCHLD

If the SIGCHLD is sent from a process different from the container's init
process we ignore it, otherwise we finish to wait it.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---

diff --git a/src/lxc/start.c b/src/lxc/start.c
index acdfd1b7f..7e34cceae 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -225,6 +225,7 @@ static int sigchld_handler(int fd, void *data,
 {
 	struct signalfd_siginfo siginfo;
 	int ret;
+	pid_t *pid = data;
 
 	ret = read(fd, &siginfo, sizeof(siginfo));
 	if (ret < 0) {
@@ -243,6 +244,14 @@ static int sigchld_handler(int fd, void *data,
 		return 0;
 	}
 
+	/* more robustness, protect ourself from a SIGCHLD sent
+	 * by a process different from the container init
+	 */
+	if (siginfo.ssi_pid != *pid) {
+		WARN("invalid pid for SIGCHLD");
+		return 0;
+	}
+
 	DEBUG("container init process exited");
 	return 1;
 }