+ pidns-deny-clone_parentclone_newpid-combination.patch added to -mm tree

akpm@xxxxxxxxxxxxxxxxxxxx · Wed, 29 Jul 2009 15:15:04 -0700

The patch titled
     pidns: deny CLONE_PARENT|CLONE_NEWPID combination
has been added to the -mm tree.  Its filename is
     pidns-deny-clone_parentclone_newpid-combination.patch

Before you just go and hit "reply", please:
   a) Consider who else should be cc'ed
   b) Prefer to cc a suitable mailing list as well
   c) Ideally: find the original patch on the mailing list and do a
      reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/SubmitChecklist when testing your code ***

See http://userweb.kernel.org/~akpm/stuff/added-to-mm.txt to find
out what to do about this

The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/

------------------------------------------------------
Subject: pidns: deny CLONE_PARENT|CLONE_NEWPID combination
From: Sukadev Bhattiprolu <sukadev@xxxxxxxxxxxxxxxxxx>

CLONE_PARENT was used to implement an older threading model.  For
consistency with the CLONE_THREAD check in copy_pid_ns(), disable
CLONE_PARENT with CLONE_NEWPID, at least until the required semantics of
pid namespaces are clear.

Signed-off-by: Sukadev Bhattiprolu <sukadev@xxxxxxxxxx>
Acked-by: Roland McGrath <roland@xxxxxxxxxx>
Acked-by: Serge Hallyn <serue@xxxxxxxxxx>
Cc: Oren Laadan <orenl@xxxxxxxxxxxxxxx>
Cc: Oleg Nesterov <oleg@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 kernel/pid_namespace.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff -puN kernel/pid_namespace.c~pidns-deny-clone_parentclone_newpid-combination kernel/pid_namespace.c

--- a/kernel/pid_namespace.c~pidns-deny-clone_parentclone_newpid-combination
+++ a/kernel/pid_namespace.c
@@ -118,7 +118,7 @@ struct pid_namespace *copy_pid_ns(unsign
 {
 	if (!(flags & CLONE_NEWPID))
 		return get_pid_ns(old_ns);
-	if (flags & CLONE_THREAD)
+	if (flags & (CLONE_THREAD|CLONE_PARENT))
 		return ERR_PTR(-EINVAL);
 	return create_pid_namespace(old_ns);
 }
_

Patches currently in -mm which might be from sukadev@xxxxxxxxxxxxxxxxxx are

fork-disable-clone_parent-for-init.patch
pidns-deny-clone_parentclone_newpid-combination.patch

--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




