See copy_process() in kernel/fork.c:
if (clone_flags & CLONE_THREAD) {
if ((clone_flags & (CLONE_NEWUSER | CLONE_NEWPID)) ||
(task_active_pid_ns(current) !=
current->nsproxy->pid_ns_for_children))
return ERR_PTR(-EINVAL);
}
current->nsproxy->pid_ns_for_children is where unshare(CLONE_NEWPID)
stashes the pending namespace.
Signed-off-by: Jann Horn <jannh@xxxxxxxxxx>
---
man2/clone.2 | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/man2/clone.2 b/man2/clone.2
index 36a2e23df..b79ba8087 100644
--- a/man2/clone.2
+++ b/man2/clone.2
@@ -992,6 +992,14 @@ was not.
.\" (Since Linux 2.6.0-test6.)
.TP
.B EINVAL
+.B CLONE_THREAD
+was specified, but the current process previously called
+.BR setns (2)
+with the
+.B CLONE_NEWPID
+flag.
+.TP
+.B EINVAL
.\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71
Both
.B CLONE_FS
--
2.17.0.441.gb46fe60e1d-goog
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
