tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

pid: document the PIDNS_ADDING checks in alloc_pid() and copy_process()

Both copy_process() and alloc_pid() do the same PIDNS_ADDING check. The
reasons for these checks, and the fact that both are necessary, are not
immediately obvious. Add the comments.

Link: https://lkml.kernel.org/r/aaGIRElc78U4Er42@redhat.com
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Adrian Reber <areber@redhat.com>
Cc: Aleksa Sarai <cyphar@cyphar.com>
Cc: Alexander Mikhalitsyn <alexander@mihalicyn.com>
Cc: Andrei Vagin <avagin@gmail.com>
Cc: Christian Brauner <brauner@kernel.org>
Cc: David Hildenbrand <david@kernel.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jan Kara <jack@suse.cz>
Cc: Juri Lelli <juri.lelli@redhat.com>
Cc: Kees Cook <kees@kernel.org>
Cc: Kirill Tkhai <tkhai@ya.ru>
Cc: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Shuah Khan <shuah@kernel.org>
Cc: Vincent Guittot <vincent.guittot@linaro.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Oleg Nesterov and committed by
Andrew Morton 8fba1920 040261b1

+10 -1
+5 -1
kernel/fork.c
··· 2393 2393 2394 2394 rseq_fork(p, clone_flags); 2395 2395 2396 - /* Don't start children in a dying pid namespace */ 2396 + /* 2397 + * If zap_pid_ns_processes() was called after alloc_pid(), the new 2398 + * child missed SIGKILL. If current is not in the same namespace, 2399 + * we can't rely on fatal_signal_pending() below. 2400 + */ 2397 2401 if (unlikely(!(ns_of_pid(pid)->pid_allocated & PIDNS_ADDING))) { 2398 2402 retval = -ENOMEM; 2399 2403 goto bad_fork_core_free;
+5
kernel/pid.c
··· 314 314 * 315 315 * This can't be done earlier because we need to preserve other 316 316 * error conditions. 317 + * 318 + * We need this even if copy_process() does the same check. If two 319 + * or more tasks from parent namespace try to inject a child into a 320 + * dead namespace, one of free_pid() calls from the copy_process() 321 + * error path may try to wakeup the possibly freed ns->child_reaper. 317 322 */ 318 323 retval = -ENOMEM; 319 324 if (unlikely(!(ns->pid_allocated & PIDNS_ADDING)))