1 files changed, 15 insertions, 2 deletions

diff --git a/kernel/fork.c b/kernel/fork.c
index 8f3e2d97d771..ef1e05a68827 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -2406,6 +2406,16 @@ long _do_fork(struct kernel_clone_args *args)
         return nr;
 }
 
+bool legacy_clone_args_valid(const struct kernel_clone_args *kargs)
+{
+        /* clone(CLONE_PIDFD) uses parent_tidptr to return a pidfd */
+        if ((kargs->flags & CLONE_PIDFD) &&
+            (kargs->flags & CLONE_PARENT_SETTID))
+                return false;
+
+        return true;
+}
+
 #ifndef CONFIG_HAVE_COPY_THREAD_TLS
 /* For compatibility with architectures that call do_fork directly rather than
  * using the syscall entry points below. */
@@ -2417,6 +2427,7 @@ long do_fork(unsigned long clone_flags,
 {
         struct kernel_clone_args args = {
                 .flags          = (clone_flags & ~CSIGNAL),
+                .pidfd          = parent_tidptr,
                 .child_tid      = child_tidptr,
                 .parent_tid     = parent_tidptr,
                 .exit_signal    = (clone_flags & CSIGNAL),
@@ -2424,6 +2435,9 @@ long do_fork(unsigned long clone_flags,
                 .stack_size     = stack_size,
         };
 
+        if (!legacy_clone_args_valid(&args))
+                return -EINVAL;
+
         return _do_fork(&args);
 }
 #endif
@@ -2505,8 +2519,7 @@ SYSCALL_DEFINE5(clone, unsigned long, clone_flags, unsigned long, newsp,
                 .tls            = tls,
         };
 
-        /* clone(CLONE_PIDFD) uses parent_tidptr to return a pidfd */
-        if ((clone_flags & CLONE_PIDFD) && (clone_flags & CLONE_PARENT_SETTID))
+        if (!legacy_clone_args_valid(&args))
                 return -EINVAL;
 
         return _do_fork(&args);