On 03/04/2013 11:52:19 AM, Eric W. Biederman wrote:
> How about this:
>
> The point here is that unshare(2) and setns(2) change the
PID
> namespace for processes subsequently created by the caller,
but
> not for the calling process, while clone(2) CLONE_VM
specifies
> the creation of a new thread in the same process.
Hmm. How about this.
The point here is that unshare(2) and setns(2) change the PID
namespace that will be used by in all subsequent calls to
clone
and fork by the caller, but not for the calling process, and
that all threads in a process must share the same PID
namespace. Which makes a subsequent clone(2) CLONE_VM
specify the creation of a new thread in the a different PID
namespace but in the same process which is impossible.
CLONE_VM and CLONE_NEWPID are incompatible because all threads of the
same process must be in the same PID namespace. Since unshare(2) and
setns(2) change the PID namespace for subsequent calls to clone(2),
those subsequent calls cannot create new threads (unless you setns(2)
back to the original namespace first).
That last bit's a guess. :)
Rob--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
