Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull pid allocation bug fix from Eric Biederman:
"The replacement of the pid hash table and the pid bitmap with an idr
resulted in an implementation that now fails more often in low memory
situations. Allowing fuzzers to observe bad behavior from a memory
allocation failure during pid allocation.

This is a small change to fix this by making the kernel more robust in
the case of error. The non-error paths are left alone so the only
danger is to the already broken error path. I have manually injected
errors and verified that this new error handling works"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
pid: Handle failure to allocate the first pid in a pid namespace

+5 -3
+5 -3
kernel/pid.c
··· 193 193 } 194 194 195 195 if (unlikely(is_child_reaper(pid))) { 196 - if (pid_ns_prepare_proc(ns)) { 197 - disable_pid_allocation(ns); 196 + if (pid_ns_prepare_proc(ns)) 198 197 goto out_free; 199 - } 200 198 } 201 199 202 200 get_pid_ns(ns); ··· 223 225 spin_lock_irq(&pidmap_lock); 224 226 while (++i <= ns->level) 225 227 idr_remove(&ns->idr, (pid->numbers + i)->nr); 228 + 229 + /* On failure to allocate the first pid, reset the state */ 230 + if (ns->pid_allocated == PIDNS_ADDING) 231 + idr_set_cursor(&ns->idr, 0); 226 232 227 233 spin_unlock_irq(&pidmap_lock); 228 234