Hi Jann,
Ping on the below!
Cheers,
Michael
On 05/18/2018 05:35 PM, Michael Kerrisk (man-pages) wrote:
> Hello Jann,
>
> I wonder if some things some in your patch may need fixing.
>
> I presume the general point is this:
> * If the process has previously called unshare(CLONE_NEWPID)
> or has done a setns() to a PID namespace, then...
> * It is not possible to employ clone(CLONE_THREAD)
>
> Is that correct?
>
> See my comment on the patch, below.
>
> On 05/15/2018 07:14 PM, Jann Horn wrote:
>> See copy_process() in kernel/fork.c:
>>
>> if (clone_flags & CLONE_THREAD) {
>> if ((clone_flags & (CLONE_NEWUSER | CLONE_NEWPID)) ||
>> (task_active_pid_ns(current) !=
>> current->nsproxy->pid_ns_for_children))
>> return ERR_PTR(-EINVAL);
>> }
>>
>> current->nsproxy->pid_ns_for_children is where unshare(CLONE_NEWPID)
>> stashes the pending namespace.
>>
>> Signed-off-by: Jann Horn <jannh@xxxxxxxxxx>
>> ---
>> man2/clone.2 | 8 ++++++++
>> 1 file changed, 8 insertions(+)
>>
>> diff --git a/man2/clone.2 b/man2/clone.2
>> index 36a2e23df..b79ba8087 100644
>> --- a/man2/clone.2
>> +++ b/man2/clone.2
>> @@ -992,6 +992,14 @@ was not.
>> .\" (Since Linux 2.6.0-test6.)
>> .TP
>> .B EINVAL
>> +.B CLONE_THREAD
>> +was specified, but the current process previously called
>> +.BR setns (2)
>> +with the
>> +.B CLONE_NEWPID
>> +flag.
>
> The above piece is misphrased. I think you mean "unshare() with the
> CLONE_NEWPID" flag, right? Also, the setns() to a PID namespace case
> should also be mentioned, should it not?
>
> Thanks,
>
> Michael
>
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
