On Tue, Dec 06, 2022 at 03:23:55PM +0000, jeffxu@xxxxxxxxxxxx wrote: > --- a/kernel/pid_namespace.c > +++ b/kernel/pid_namespace.c > @@ -110,6 +110,11 @@ static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns > ns->ucounts = ucounts; > ns->pid_allocated = PIDNS_ADDING; > > +#if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE) > + ns->memfd_noexec_scope = > + task_active_pid_ns(current)->memfd_noexec_scope; > +#endif .c files should never have #if in them. Can't you put this in a .h file properly so that this does not get really messy over time? > + > return ns; > > out_free_idr: > @@ -255,6 +260,45 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns) > return; > } > > +#if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE) Same here. thanks, greg k-h
