Gowrishankar M <gowrishankar.m@xxxxxxxxxxxxxxxxxx> writes: > From: Gowrishankar M <gomuthuk@xxxxxxxxxxxxxxxxxx> > > Below patch addresses a common solution for any place where a process > should be checked if it is associated to caller namespace. At present, > we use 'task_pid_vnr(t) > 0' to further proceed with task 't' in current > namespace. > > To avoid applying this check in every userspace code related to PID namespace, > this patch provides two new iterative macros;for_each_process_in_ns and > do_each_thread_in_ns. There may be a point to this, as a cleanup. I am not convinced at the moment that has_group_leader_pid() does the right thing in this context. Can you please send the fix for cap_set_all (adding task_pid_vnr(X) > 1) and then we can revisit possible cleanups. Thanks, Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
