There is a race when we clone: we call a function that just returns
while at the same time we try to get the userns via /proc/pid/ns/user.
The thing is that when the function returns, in the kernel do_exit()
from kernel/exit.c is called, which calls exit_task_namespaces() to destroy
the namespaces.
So, let's wait indefinitely there and add an _exit() call to avoid
warnings. We are already sending a SIGKILL to this pid, so nothing else
remaining to not leak the process.
Signed-off-by: Rodrigo Campos <rodrigo@xxxxxxxxxxx>
---
src/vfs/utils.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git src/vfs/utils.c src/vfs/utils.c
index ea7536c1..2331a3b7 100644
--- src/vfs/utils.c
+++ src/vfs/utils.c
@@ -60,7 +60,9 @@ pid_t do_clone(int (*fn)(void *), void *arg, int flags)
static int get_userns_fd_cb(void *data)
{
- return 0;
+ for (;;)
+ pause();
+ _exit(0);
}
int wait_for_pid(pid_t pid)
--
2.39.2
