From: Sargun Dhillon <sargun@xxxxxxxxx>
CLONE_NEWPID|CLONE_PARENT was only prohibited during a short period.
That prohibition was introduced in Linux 3.12, in commit 40a0d32d1eaf
("fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks"), but
was a regression, and was fixed in Linux 3.13, in commit 1f7f4dde5c94
("fork: Allow CLONE_PARENT after setns(CLONE_NEWPID)").
In this test program, one can see that it works:
#include <err.h>
#include <linux/sched.h>
#include <sched.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/syscall.h>
#include <unistd.h>
static pid_t sys_clone3(struct clone_args *args);
int
main(void)
{
int ret;
struct clone_args args = {
.flags = CLONE_PARENT | CLONE_NEWPID,
};
printf("main program: pid: %d, and ppid: %d\n", getpid(), getppid());
ret = sys_clone3(&args);
switch (ret) {
case -1:
err(EXIT_FAILURE, "clone3");
case 0:
printf("child: pid: %d, and ppid: %d\n", getpid(), getppid());
exit(EXIT_SUCCESS);
default:
exit(EXIT_SUCCESS);
}
}
static pid_t
sys_clone3(struct clone_args *args)
{
fflush(stdout);
fflush(stderr);
return syscall(SYS_clone3, args, sizeof(*args));
}
This test program (successfully) outputs:
# ./a.out
main program: pid: 34663, and ppid: 34662
child: pid: 1, and ppid: 0
Cowritten-by: Sargun Dhillon <sargun@xxxxxxxxx>
Cc: Serge Hallyn <serge@xxxxxxxxxx>
Cc: John Watts <contact@xxxxxxxxxx>
Signed-off-by: Alejandro Colomar <alx@xxxxxxxxxx>
---
man2/clone.2 | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/man2/clone.2 b/man2/clone.2
index b91b71831..7d2dc2339 100644
--- a/man2/clone.2
+++ b/man2/clone.2
@@ -736,9 +736,7 @@ .SS The flags mask
can employ
.BR CLONE_NEWPID .
This flag can't be specified in conjunction with
-.B CLONE_THREAD
-or
-.BR CLONE_PARENT .
+.BR CLONE_THREAD .
.TP
.B CLONE_NEWUSER
(This flag first became meaningful for
--
2.40.1
