On Mon, Apr 05, 2021 at 11:56:35AM -0500, Eric W. Biederman wrote: > > Also when setting ns->ucount_max[] in create_user_ns because one value > is signed and the other is unsigned. Care should be taken so that > rlimit_infinity is translated into the largest positive value the > type can hold. You mean like that ? ns->ucount_max[UCOUNT_RLIMIT_NPROC] = rlimit(RLIMIT_NPROC) <= LONG_MAX ? rlimit(RLIMIT_NPROC) : LONG_MAX; ns->ucount_max[UCOUNT_RLIMIT_MSGQUEUE] = rlimit(RLIMIT_MSGQUEUE) <= LONG_MAX ? rlimit(RLIMIT_MSGQUEUE) : LONG_MAX; ns->ucount_max[UCOUNT_RLIMIT_SIGPENDING] = rlimit(RLIMIT_SIGPENDING) <= LONG_MAX ? rlimit(RLIMIT_SIGPENDING) : LONG_MAX; ns->ucount_max[UCOUNT_RLIMIT_MEMLOCK] = rlimit(RLIMIT_MEMLOCK) <= LONG_MAX ? rlimit(RLIMIT_MEMLOCK) : LONG_MAX; -- Rgrds, legion
