On Mon, 2006-08-28 at 16:56 +0200, Cedric Le Goater wrote: > > + * Clone a new ns copying an original user ns, setting refcount to 1 > + * @old_ns: namespace to clone > + * Return NULL on error (failure to kmalloc), new ns otherwise > + */ > +static struct user_namespace *clone_user_ns(struct user_namespace > *old_ns) > +{ > + struct user_namespace *ns; > + > + ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL); > + if (ns) { > + int n; > + struct user_struct *new_user; > + > + kref_init(&ns->kref); > + > + for(n = 0; n < UIDHASH_SZ; ++n) > + INIT_LIST_HEAD(ns->uidhash_table + n); > + > + /* Insert new root user. */ > + ns->root_user = alloc_uid(ns, 0); > + if (!ns->root_user) { > + kfree(ns); > + return NULL; > + } > + > + /* Reset current->user with a new one */ > + new_user = alloc_uid(ns, current->uid); > + if (!new_user) { > + kfree(ns); > + return NULL; > + } Does this leak the ns->root_user? > + > + switch_uid(new_user); > + } > + return ns; > +} -- Dave