Hi Andrew,
Today's linux-next merge of the akpm-current tree got a conflict in
kernel/fork.c between commit c2b1df2eb429 ("Rename nsproxy.pid_ns to
nsproxy.pid_ns_for_children") from the net tree and commits 74a7cb7237ad
("pidns: fix vfork() after unshare(CLONE_NEWPID)"), 98c53a09f937 ("pidns:
kill the unnecessary CLONE_NEWPID in copy_process()") and ddb3b016a3f7
("fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks") from the
akpm-current tree.
I fixed it up (see below) and can carry the fix as necessary (no action
is required).
--
Cheers,
Stephen Rothwell sfr@xxxxxxxxxxxxxxxx
diff --cc kernel/fork.c
index df6e2a8,04a8c2a..0000000
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@@ -1173,13 -1171,15 +1171,16 @@@ static struct task_struct *copy_process
return ERR_PTR(-EINVAL);
/*
- * If the new process will be in a different pid namespace
- * don't allow the creation of threads.
+ * If the new process will be in a different pid or user namespace
+ * do not allow it to share a thread group or signal handlers or
+ * parent with the forking task.
*/
- if ((clone_flags & (CLONE_VM|CLONE_NEWPID)) &&
- (task_active_pid_ns(current) !=
- current->nsproxy->pid_ns_for_children))
- return ERR_PTR(-EINVAL);
+ if (clone_flags & (CLONE_SIGHAND | CLONE_PARENT)) {
+ if ((clone_flags & (CLONE_NEWUSER | CLONE_NEWPID)) ||
- (task_active_pid_ns(current) != current->nsproxy->pid_ns))
++ (task_active_pid_ns(current) !=
++ current->nsproxy->pid_ns_for_children))
+ return ERR_PTR(-EINVAL);
+ }
retval = security_task_create(clone_flags);
if (retval)
Attachment:
pgpHdy7Q5RKQj.pgp
Description: PGP signature
