summaryrefslogtreecommitdiffstats
path: root/sandbox/linux/seccomp/clone.cc
diff options
context:
space:
mode:
Diffstat (limited to 'sandbox/linux/seccomp/clone.cc')
-rw-r--r--sandbox/linux/seccomp/clone.cc8
1 files changed, 4 insertions, 4 deletions
diff --git a/sandbox/linux/seccomp/clone.cc b/sandbox/linux/seccomp/clone.cc
index 109e5c6..2b6703f 100644
--- a/sandbox/linux/seccomp/clone.cc
+++ b/sandbox/linux/seccomp/clone.cc
@@ -42,7 +42,7 @@ int Sandbox::sandbox_clone(int flags, void* stack, int* pid, int* ctid,
return static_cast<int>(rc);
}
-bool Sandbox::process_clone(int parentProc, int sandboxFd, int threadFdPub,
+bool Sandbox::process_clone(int parentMapsFd, int sandboxFd, int threadFdPub,
int threadFd, SecureMem::Args* mem) {
// Read request
Clone clone_req;
@@ -66,7 +66,7 @@ bool Sandbox::process_clone(int parentProc, int sandboxFd, int threadFdPub,
// clone() has unusual semantics. We don't want to return back into the
// trusted thread, but instead we need to continue execution at the IP
// where we got called initially.
- SecureMem::lockSystemCall(parentProc, mem);
+ SecureMem::lockSystemCall(parentMapsFd, mem);
mem->ret = clone_req.ret;
#if defined(__x86_64__)
mem->rbp = clone_req.regs64.rbp;
@@ -100,8 +100,8 @@ bool Sandbox::process_clone(int parentProc, int sandboxFd, int threadFdPub,
mem->processFdPub = processFdPub_;
mem->cloneFdPub = cloneFdPub_;
- SecureMem::sendSystemCall(threadFdPub, true, parentProc, mem, __NR_clone,
- clone_req.flags, clone_req.stack,
+ SecureMem::sendSystemCall(threadFdPub, true, parentMapsFd, mem,
+ __NR_clone, clone_req.flags, clone_req.stack,
clone_req.pid, clone_req.ctid, clone_req.tls);
return true;
}
generated by cgit v1.1 at 2025-10-14 17:27:40 +0000