Dave Hansen wrote: > On Mon, 2006-08-28 at 16:56 +0200, Cedric Le Goater wrote: >> + * Clone a new ns copying an original user ns, setting refcount to 1 >> + * @old_ns: namespace to clone >> + * Return NULL on error (failure to kmalloc), new ns otherwise >> + */ >> +static struct user_namespace *clone_user_ns(struct user_namespace >> *old_ns) >> +{ >> + struct user_namespace *ns; >> + >> + ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL); >> + if (ns) { >> + int n; >> + struct user_struct *new_user; >> + >> + kref_init(&ns->kref); >> + >> + for(n = 0; n < UIDHASH_SZ; ++n) >> + INIT_LIST_HEAD(ns->uidhash_table + n); >> + >> + /* Insert new root user. */ >> + ns->root_user = alloc_uid(ns, 0); >> + if (!ns->root_user) { >> + kfree(ns); >> + return NULL; >> + } >> + >> + /* Reset current->user with a new one */ >> + new_user = alloc_uid(ns, current->uid); >> + if (!new_user) { >> + kfree(ns); >> + return NULL; >> + } > > Does this leak the ns->root_user? arg ! thanks, C.