From: Miklos Szeredi <mszeredi@xxxxxxx> cgroup_clone() calls vfs_mkdir() to create a directory in the cgroup filesystem. Replace with explicit call to cgroup_mkdir() and fsnotify_mkdir(). This is equivalent, except that the following functions are not called before cgroup_mkdir(): - may_create() - security_inode_mkdir() - DQUOT_INIT() Permission to clone the cgroup has already been checked in copy_namespaces() (requiring CAP_SYS_ADMIN). Additional file system related capability checks are inappropriate and confusing. The quota check is unnecessary, as quotas don't make any sense for this filesystem. Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxx> CC: Paul Menage <menage@xxxxxxxxxx> --- kernel/cgroup.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) Index: linux-2.6/kernel/cgroup.c =================================================================== --- linux-2.6.orig/kernel/cgroup.c 2008-05-06 11:04:29.000000000 +0200 +++ linux-2.6/kernel/cgroup.c 2008-05-06 11:04:32.000000000 +0200 @@ -25,6 +25,7 @@ #include <linux/cgroup.h> #include <linux/errno.h> #include <linux/fs.h> +#include <linux/fsnotify.h> #include <linux/kernel.h> #include <linux/list.h> #include <linux/mm.h> @@ -2928,7 +2929,9 @@ int cgroup_clone(struct task_struct *tsk } /* Create the cgroup directory, which also creates the cgroup */ - ret = vfs_mkdir(inode, dentry, S_IFDIR | 0755); + ret = cgroup_mkdir(inode, dentry, S_IFDIR); + if (!ret) + fsnotify_mkdir(inode, dentry); child = __d_cgrp(dentry); dput(dentry); if (ret) { -- -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html